2026-04-24  Werner Koch  <wk@gnupg.org>

	Release 2.5.19.
	+ commit b0750c06a39adebcaa0d4f250156c3d3238545d9


2026-04-23  Werner Koch  <wk@gnupg.org>

	gpg: New options --show-session-hash and --show-only-session-hash.
	+ commit ecd0f7afa1cf3f1c2ecf90be6ede329dfa082823
	* g10/options.h (opt): Add field show_session_hash.
	* g10/gpg.c (oShowOnlySessionHash,oShowSessionHash): New.
	(opts): Add options.
	(main): Set flags.
	* common/status.h (STATUS_SESSION_HASH): New.
	* g10/decrypt-data.c (decrypt_data): Emit new status code. Make
	  opt.show_only_session_key work for the new options.

2026-04-22  Werner Koch  <wk@gnupg.org>

	dirmngr: New keyword "clear" for --keyserver.
	+ commit 2ab4cba36ccd70f1dc5becff8d47bde3f187e289
	* dirmngr/dirmngr.c (parse_rereadable_options): Add "clear" keyword.

2026-04-20  NIIBE Yutaka  <gniibe@fsij.org>

	gpg,regexp: Fix REGEXP_PREFIX macro, expanded correctly.
	+ commit 97c057ff47836d26e869873aeeead9107e3cfd39
	* regexp/jimregexp.h (ADD_PREFIX0): New.
	(ADD_PREFIX): Have two argument, prefix and name.
	(regcomp, regexec, regerror, regfree): Use REGEXP_PREFIX.

2026-04-16  Werner Koch  <wk@gnupg.org>

	agent: Rework the trustlist reading code.
	+ commit 9ccae14354392e9ed0359647478d45812e70c9ea
	* agent/trustlist.c (read_one_trustfile): Replace es_fgets by
	  es_read_line.  List all errors before returning the first error.
	  Print a status warning line.  Add arg ctrl.
	(read_trustfiles): Add arg ctrl and pass on.
	(istrusted_internal): Ditto.
	(agent_listtrusted): Ditto.

	agent: Fix a minor utf8 file name problem with trustlist.txt.
	+ commit d5a66c7ed4a59e7c5fa34a1f6447efb1063f2a6a
	* agent/trustlist.c (agent_marktrusted): Use gnupg-access.

2026-04-16  Philip Le  <philip.le@gnupg.com>

	gpgsm: Emit more details when failing to check a crlDP.
	+ commit 09ee3833ef6a1a914d2253f7a4f1ee861b98b350
	* dirmngr/crlcache.c (crl_cache_reload_crl): Print status messages on
	errors.
	* dirmngr/ks-engine-http.c (ks_http_fetch): Print a status message on
	error.
	* sm/call-dirmngr.c (warning_and_note_printer): Add new warning
	messages.
	* sm/certchain.c (is_cert_still_valid): Log an error message when
	failing to retrieve a crlDP.

2026-04-14  Werner Koch  <wk@gnupg.org>

	gpgsm: Show rsaPSS certificates as de-vs compliant in listings.
	+ commit 639f7f18fc65b90ab7d64b5bc9d32017dfdddf82
	* sm/certcheck.c (extract_pss_params): Add arg 'silent'.
	(gpgsm_check_cert_sig): Factor some code out to ...
	(get_sig_val_from_cert): new function.
	(gpgsm_pss_hash_algo_from_cert): New.
	* sm/keylist.c (print_compliance_flags): Handle rsaPSS.

2026-04-14  Eva Bolten  <eva.bolten@gnupg.com>

	de.po: Remove reference to obsolete mail address.
	+ commit 48239ffa894077a1652d4f455714db2fd78c1110


2026-04-14  NIIBE Yutaka  <gniibe@fsij.org>

	tools:gpgtar: Fix for a case of non existing dir with -C.
	+ commit 1bdd1f5bb4d192d9700dd6ab2540b0a940c23dd5
	* tools/gpgtar-extract.c (gpgtar_extract): Call the
	check_output_directory function only when DIRNAME exists.

2026-04-13  Werner Koch  <wk@gnupg.org>

	gpgconf,w32: Show the integrity level with -X and -V.
	+ commit 900245653656991371612a59018a64d07513fad9
	* tools/gpgconf.c (w32_get_integrity_level): New.
	(show_version_gnupg): Include more Windows specific stuff.
	(show_configs): Show the integrity level.

2026-04-09  Werner Koch  <wk@gnupg.org>

	gpgtar: Add --compatibility-flag  no-dir-check.
	+ commit 86020945ce1564a7f6cfa6a18ea8dcdca5e19baf
	* tools/gpgtar.c (oCompatibilityFlags): New.
	(opts): Add "compatibility-flags".
	(compatibility_flags): New.
	(parse_arguments): Parse it.
	* tools/gpgtar.h (opt): Add field compat_flags.
	(COMPAT_NO_DIR_CHECK): New.
	* tools/gpgtar-extract.c (gpgtar_extract): No directory check if
	  COMPAT_NO_DIR_CHECK is set.

2026-04-07  Werner Koch  <wk@gnupg.org>

	dirmngr: New command handler "timestamp"
	+ commit 3903b05e9c256dfc419d66b1af4238c729669a02
	* dirmngr/dirmngr.h (MAX_DIGEST_LEN): New.
	* dirmngr/server.c (parse_hexstring): New.  Taken from gpg-agent.
	(cmd_timestamp): New stub command.

	gpg: Fix edge case in --refresh-keys.
	+ commit fd0d620a6e15fda9c6f836fee443a6de73570566
	* g10/keyserver.c (keyserver_get): Take care of NO_DATA in one chunk.

2026-04-07  Philip Le  <philip.le@gnupg.com>

	gpgsm: Add a certificate chain check for de-vs compliance.
	+ commit 56a1e5f3dda36b396874035c313fb2e6dd972c2f
	* sm/certchain.c (do_validate_chain): Fix typo
	* sm/decrypt.c (gpgsm_decrypt): Check the certifacte chain for de-vs
	compliance
	* sm/verify.c (gpgsm_verify): Check the certificate chain for de-vs
	compliance

	* sm/certchain.c (do_validate_chain): Set the is_de_vs user data and
	flag.
	* sm/keylist.c (cert_has_de_vs_flag): New.
	(print_compliance_flags): Print compliance string only if the flag
	is set.

2026-04-07  Werner Koch  <wk@gnupg.org>

	gpgsm: Allow cipher mode as part of the algo for --cipher-algo.
	+ commit 047d699aa40c6cd3f35c337091951b62adf32493
	* common/miscellaneous.c (gnupg_cipher_mode_name): New.
	* common/audit.c (proc_type_encrypt): Print the encryption mode.
	* sm/misc.c (gpgsm_map_cipher_name_to_oid): New.
	* sm/gpgsm.c (DEFAULT_CIPHER_ALGO): Change to AES256-CBC for
	consistent error messages.
	(main): Replace the alias name mapping using if-else by a call to the
	new function.

	* g10/misc.c (openpgp_aead_algo_name): Use gnupg_cipher_mode_name for
	consistency.

2026-04-02  Werner Koch  <wk@gnupg.org>

	gpgsm: Make GCM fully compliant for de-vs.
	+ commit 04fd775fce5999df51cc6588defd3d4f9c7104da
	* common/compliance.c (gnupg_cipher_is_compliant): Allow GCM for
	  gpgsm.
	(gnupg_cipher_is_allowed): Allow GCM for gpgsm also in producer mode.

	gpgsm: Announce that we can handle GCM encrypted data.
	+ commit 699b6d0603175934eddf7075a3984bdbc38c89a2
	* sm/sign.c (gpgsm_sign): Add GCM capabilities.

2026-04-01  NIIBE Yutaka  <gniibe@fsij.org>

	agent:ssh: Fix RSA padding in signature handling.
	+ commit c67e0b0a86b400f34a1ac2944719e0303fc00daa
	* agent/command-ssh.c (ssh_signature_encoder_rsa): Swap DST and SRC.

2026-03-31  Werner Koch  <wk@gnupg.org>

	gpgsm: Fix bug so that a cert can be signed by a different algo.
	+ commit 66fdafab3c6db03e29ef561544859055f5cc0d88
	* sm/certreqgen.c (create_request): Take the algo from the sigkey
	  instead of the to-be-signed public key.

2026-03-26  Werner Koch  <wk@gnupg.org>

	gpg: Improve a recursion check.
	+ commit bc7c91bee521e4adf3506ca32bf34177b84ce1c5
	* g10/gpg.h (struct server_control_s): Add in_check_revocation_keys.
	* g10/sig-check.c (check_revocation_keys): Replace static var by new
	  member of ctrl.  Also rename rc to err.

2026-03-26  NIIBE Yutaka  <gniibe@fsij.org>

	keyboxd: Add SETEPHEMERAL command.
	+ commit 92c75575ecd483b37c21e7826d5aa58acb7d24da
	* kbx/kbxserver.c (hlp_setephemeral, cmd_setephemeral): New.
	(table): Add SETEPHEMERAL command.
	* kbx/keyboxd.h (struct server_control_s): Add ephemeral field.

2026-03-25  NIIBE Yutaka  <gniibe@fsij.org>

	gpgsm: Make sure initializing TMP_CERT.
	+ commit 2a2145782cbb9f290f101f0391fdb8558c616d9e
	* sm/certchain.c (do_validate_chain): Initialize TMP_CERT.

	agent: Raise GPG_ERR_BAD_SECKEY when p >= q for RSA key.
	+ commit 8b6de59ad880b1d2ac799c66b198a4aaff1d45c5
	* agent/cvt-openpgp.c (convert_secret_key): Reject a key
	with p >= q.

2026-03-24  NIIBE Yutaka  <gniibe@fsij.org>

	common:dotlock: Clean up for error/info/warning message.
	+ commit 533bcc265e9ce41a4f512b4f92ed74879de30b24
	* common/dotlock.c (my_info_*,my_error_*,my_debug_1): Remove.
	(struct dotlock_handle): Rename to msg_cb from info_cb, and
	to msg_cb_arg from info_cb_value.
	(default_msg_cb): New.
	(read_lockfile): Use msg_cb and msg_cb_arg.
	(dotlock_create_unix, dotlock_create_w32): Likewise.
	(dotlock_take_unix, dotlock_take_w32): Likewise.
	(dotlock_release_unix, dotlock_release_w32): Likewise.
	(dotlock_release): Likewise.
	(dotlock_create_with): New.
	(dotlock_finish_create, dotlock_set_info_cb): Remove.
	(dotlock_create): Use dotlock_create_with.
	* common/dotlock.h (define dotlock_create_with): New.
	(dotlock_finish_create, dotlock_set_info_cb): Remove.
	(DOTLOCK_LOCKED_ALREADY, DOTLOCK_FATAL): New.
	(DOTLOCK_PREPARE_CREATE): Remove.
	* common/t-dotlock.c (lock_and_unlock): Use new internal API.
	* kbx/backend-sqlite.c (create_or_open_database): Ditto.

	tool:gpgtar: Check the output directory with --directory.
	+ commit 7a2692fe5e580ae3bbb2a47abc4baaf1af65aa88
	* doc/tools.texi (gpgtar): Clarify about the --directory option.
	* tools/gpgtar-extract.c (check_output_directory): New.
	(gpgtar_extract): Call check_output_directory.

2026-03-23  NIIBE Yutaka  <gniibe@fsij.org>

	scd:openpgp: Fix removal of the diagnostic for Admin PIN.
	+ commit 41c4325813c1dcb4a5b439e09489c987f94ccd40
	* scd/app-openpgp.c (build_enter_pin_prompt): Recover log_info.

2026-03-22  Werner Koch  <wk@gnupg.org>

	gpg: Add option --use-ocb-sym.
	+ commit ccdcdfbb37ab6b424ab752523b57aa978c87d349
	* g10/gpg.c (oUseOCBSym): New.
	(opts): Add --use-ocb-sym.
	(main): Set it.
	* g10/options.h (opt): Add field use_ocb_sym.
	* g10/encrypt.c (encrypt_symmetric): Take care of the new option.
	(use_aead): Ditto.

	gpg: Rename a variable for clarity.
	+ commit ddde8ae64db713b89d86fd395e7b465d7ca5028b
	* g10/options.h (opt): Rename field force_aead to force_ocb and change
	  all users.
	* g10/gpg.c (enum cmd_and_opt_values): Rename oForceAEAD to oForceOCB.

2026-03-20  NIIBE Yutaka  <gniibe@fsij.org>

	scd:openpgp: UI improvement for use of PIN-entry.
	+ commit 2239f687bb14428b6167517f92ae74077f96b8b7
	* scd/app-openpgp.c (get_remaining_tries): Add support for Reset code.
	(get_prompt_info): Don't show the "Count" line, when SIGCOUNT is zero.
	(build_enter_pin_prompt): New.
	(verify_a_chv): Use build_enter_pin_prompt.
	(build_enter_admin_pin_prompt): Likewise.
	(do_change_pin): Likewise.
	(do_check_pin): Use get_remaining_tries.

2026-03-18  NIIBE Yutaka  <gniibe@fsij.org>

	tests:openpgp: With gpgtar, extract tarball into an empty directory.
	+ commit 268e435f921a834909429063ea656186266a0f85
	* tests/openpgp/defs.scm (setup-legacy-environment): Only
	call create-gpghome in case of no --unpack-tarball.

2026-03-10  Werner Koch  <wk@gnupg.org>

	gpgsm: Skip the optional PKCS#12 PBES2 keyLength parameter.
	+ commit c8c9604bba0cf2eeac4dd5b4f994a545a95c2d3a
	* sm/minip12.c (parse_bag_encrypted_data): Parse and ignore the
	  optional keyLength.
	(parse_shrouded_key_bag): Ditto.

2026-03-10  NIIBE Yutaka  <gniibe@fsij.org>

	scd: Return GPG_ERR_PIN_BLOCKED before asking the PIN to a user.
	+ commit c5f4900a57f8bcc752d2076005748e494fe044a3
	* scd/app-openpgp.c (do_change_pin): Check retry counter before
	asking the PIN and return GPG_ERR_PIN_BLOCKED if locked.

	scd: Return GPG_ERR_BAD_RESET_CODE when unblocking fails with PUK.
	+ commit 55b72dcb13bad5cb1be9fce290ce1923a57e41be
	* scd/app-openpgp.c (do_change_pin): Return GPG_ERR_BAD_RESET_CODE
	when changing PIN fails with PUK.

	scd: Return GPG_ERR_PIN_BLOCKED before asking pin.
	+ commit 1c2ba3bb20600b9ff11fcd7f3d926eb70fd753fa
	* scd/app-openpgp.c (verify_a_chv): Return GPG_ERR_PIN_BLOCKED when
	it found locked.

	gpg: Don't call gcry_kdf_derive with empty passphrase.
	+ commit 3ddb622f4db922d4fc07c6e0026d64c45ac14aa9
	* g10/passphrase.c (passphrase_to_dek): Return NULL when PW is empty,
	not raising an error by gcry_kdf_derive.

2026-03-04  NIIBE Yutaka  <gniibe@fsij.org>

	build: Add forgotten m4 file and update m4/Makefile.am.
	+ commit 087f4b745bdad715846659d2af491db591a58329
	* m4/Makefile.am (EXTRA_DIST): Update.  Add comments for their origin.
	* m4/intlmacosx.m4: New.

2026-02-24  Werner Koch  <wk@gnupg.org>

	Release 2.5.18.
	+ commit 1b8362889a522bbcfeb80ef3af61218db216f62b


2026-02-24  NIIBE Yutaka  <gniibe@fsij.org>

	gpg:keygen: Add ECC information for composit keys.
	+ commit d67fa0d6874846f0b0fa055500a72adbc0e29d1a
	* g10/keygen.c (ask_kyber_variant): Show curve information.

2026-02-20  Werner Koch  <wk@gnupg.org>

	gpgsm: New option --assert-validsig.
	+ commit 9500b2c7762b8b91ee5d3a3ed3cdb7f1e4143eef
	* sm/gpgsm.c (oAssertValidsig, oAssertKeyusage): New.
	(opts): Add options --assert0validsig and --assert-keyusage.
	(assert_validsig_true): New global var.
	(main): Set options.
	(gpgsm_exit): Implement --assert-validsig.
	* sm/gpgsm.h (opt): Add fields assert_validsig and assert_keyusage.
	* sm/verify.c (gpgsm_verify): Set assert_validsig_true.

2026-02-20  NIIBE Yutaka  <gniibe@fsij.org>

	gpg: Fix armor parsing when no CRC is found.
	+ commit b7aa3f5e320dff0d35ce90c6f6381ee4213b6eb7
	* g10/armor.c (radix64_read): Fix no CRC at the end of armor.

2026-02-19  NIIBE Yutaka  <gniibe@fsij.org>

	agent: Fix debug output for ECC decryption.
	+ commit 463812bfed4ed3074fa6990c89dc6dbbdc9d5837
	* agent/pkdecrypt.c (ecc_extract_pk_from_key): Length fix.

2026-02-17  Daniel Cerqueira  <dan.git@lispclub.com>

	po: Update Portuguese Translation.
	+ commit 6d81e29392ed203dd0445416b1d50f301fe3ec59
	 - change po/pt.po

2026-02-17  Sam James via Gnupg-devel  <gnupg-devel@gnupg.org>

	g10: fix uninit use in aead filter.
	+ commit ac99481ee65a412eb8add995ae338cd7ff52e8ec
	* g10/decrypt-data.c (aead_underflow): Initialize 'err'
	  to 0.

	g10: fix uninit use.
	+ commit 1687dd35ee98e2710b6ac9592eee612e1de4741c
	* g10/encrypt.c (reencrypt_to_new_recipients): Drop first
	  (and uninitialized) use of 'count'.

	g10: check null in assert.
	+ commit 0f5c9c845fda1f8828ff17e5e9d1819813cc8f81
	* g10/keyedit.c (keyedit_quick_revsig): Check 'keyblock' in log_assert.

2026-02-17  NIIBE Yutaka  <gniibe@fsij.org>

	gpg: Support deleting a composite secret key in gpg-agent.
	+ commit 49e61332af4912c9234d98710d5bd1eac6e806b0
	* g10/call-agent.c (agent_delete_key): Handle KEYGRIP2 and
	issue another command with it, if any.

2026-02-12  NIIBE Yutaka  <gniibe@fsij.org>

	agent: Fix the regression in pkdecrypt with TPM RSA.
	+ commit 6eed3959303c81c9699fe9273030e480732f72be
	* agent/divert-tpm2.c (divert_tpm2_pkdecrypt): Care about additional
	0x00.

2026-02-11  Werner Koch  <wk@gnupg.org>

	dirmngr: Let KS_SEARCH print all uid records for a key.
	+ commit 2dde9ddf56feb79f9f61225c07abf6e4ef7041e6
	* dirmngr/ks-engine-ldap.c (ks_ldap_search): Use a loop to print all
	  user-ids.

2026-02-10  Werner Koch  <wk@gnupg.org>

	gpgscm: New operator "*long-time-t?" to detect proper time_t systems.
	+ commit 86baca6e62b3323d516056bf6cfbf9014cf3a8ec
	* tests/gpgscm/opdefines.h (OP_LONG_TIME_T): New.
	* tests/gpgscm/scheme.c (Eval_Cycle): Implement it.

	* tests/openpgp/quick-key-manipulation.scm (last-pgp-date): new.
	(last-pgp-date-5min): New.
	(last-pgp-seconds): New.
	(last-pgp-seconds-5min): New.
	("Checking that we can add subkeys..."): Use the new functions instead
	of the year 20238 constants.

2026-02-02  Werner Koch  <wk@gnupg.org>

	gpgconf: Show /proc/self/exe with -V and -X.
	+ commit c86374ea7756984b3673a4c34cb12a808411e5a4
	* common/homedir.c (w32_rootdir): Factor some code out to ...
	(w32_myproc_self): here.
	(unix_rootdir): Factor some code out to ...
	(unix_myproc_self): here.
	(gnupg_myproc_self): New.
	* tools/gpgconf.c (show_version_gnupg): Use new function.

2026-01-30  Mario Haustein  <mario.haustein@hrz.tu-chemnitz.de>

	scd:p15: Add support for D-Trust Card 6.1/6.4.
	+ commit 987c6a398a9505399b2c25a775d4b625753bc962
	* scd/app-p15.c (CARD_TYPE_STARCOS_37): New.
	(CARD_PRODUCT_DTRUST6): New.
	(read_p15_info): Add workaround for wrongly encoded PIN reference in
	EF.AOD
	(prepare_verify_pin): Use select_df_by_path to select application, as
	the card operating system doesn't support path-based selections.
	(do_sign): Support for key reference IDs longer than one byte.

	scd: allow to query FCP when selecting an application.
	+ commit eb4a805de46f2f877861e543e3f563f9b810bb78
	* scd/iso7816.c (iso7816_select_application_ext): Add flag die query FCP
	* scd/iso7816.h: define new response type flags
	* scd/app.c: apply new flags
	* scd/app-piv.c: ditto
	* scd/app-p15.c: query FCI during application selection and fallback to
	  FCP if file ID tag 0x83 is not found.

2026-01-28  philip  <philip.le@gnupg.com>

	tests: Add test for parsing too large signature packets.
	+ commit 0437dfc94b2386aa9b49fca60a02bc7226f53c0f
	* tests/openpgp/issue8049.scm: new

2026-01-27  Werner Koch  <wk@gnupg.org>

	Release 2.5.17.
	+ commit 17b514596f6000ebbffe5ec1101b6818b9c83cfe


2026-01-26  Werner Koch  <wk@gnupg.org>
	    NIIBE Yutaka  <gniibe@fsij.org>

	gpg: Fix possible NULL-deref with overlong signature packets.
	+ commit 11b7e4139e82fcd0cee72f38964444a17c812547
	* g10/parse-packet.c (parse_signature): Retrun an error for overlong
	subpacket area

	tpm: Fix possible buffer overflow in PKDECRYPT.
	+ commit 93fa34d9a346020355cd51d54102d30d4f177323
	* tpm2d/tpm2.c (tpm2_ecc_decrypt): Bail out on too long CIPHERTEXT.
	(tpm2_rsa_decrypt): Ditto.

2026-01-25  Werner Koch  <wk@gnupg.org>

	agent: Add accelerator keys for "Wrong" and "Correct".
	+ commit eba28eeaa1b1f7d08b7bacadba6381a3a06a4715
	* agent/trustlist.c (agent_marktrusted): Use hack for new accel keys.

2026-01-20  Werner Koch  <wk@gnupg.org>

	agent: Fix stack buffer overflow when using gpgsm and KEM.
	+ commit 2438271ab601f6e3d436db11825f2b2df9498e2c
	* agent/pkdecrypt.c (ecc_kem_decrypt): Check sessionkey_len before
	calling gcry_cipher_decrypt.  Always close decryption handle.

2026-01-12  Werner Koch  <wk@gnupg.org>

	gpgsm: Make multiple search patterns work with keyboxd.
	+ commit c7770b0a7068b3f75234db092c0352ca4fe9a770
	* sm/keydb.c (keydb_search): Loop over all descriptions.

	gpg: Remove a dead statement.
	+ commit 71570012ed515f67c5fa65b5808451ea74f63eeb
	* g10/call-keyboxd.c (keydb_search): Remove useless while statement.

2026-01-09  Werner Koch  <wk@gnupg.org>

	gpg: New export-option "keep-expired-subkeys"
	+ commit 0bcd9be9a068f7ef3b1fd8bc1cc9dc574dd2b07f
	* g10/export.c (parse_export_options): Add "keep-expired-subkeys".
	(do_export_stream): With this option only use KEY_CLEAN_INVALID is
	used.

	doc: Improve the "Programmatic use of GnuPG" section.
	+ commit 0e37a6779e566ccd13ea23b73c5ac9617b288621
	* doc/gpg.texi (Programmatic use of GnuPG): Mention --status-fd.

2026-01-05  Werner Koch  <wk@gnupg.org>

	doc: Rename an internal function to clarity the purpose.
	+ commit 5f4ad39b16a43c522dfed8a72891128b60b9b313
	* common/w32-cmdline.c (count_backslashes): Rename to ...
	(count_leading_backslashes): This.

	dirmngr: Help detection of bad keyserver configurations.
	+ commit 8d4fc76677cccc29f67c31c4f06f692261156fe3
	* dirmngr/server.c (count_colons): New.
	(cmd_keyserver): Print a warning status in some cases.

2025-12-30  Werner Koch  <wk@gnupg.org>

	Release 2.5.16.
	+ commit 7d38a23b8fb165792b4515794fa75d7196266e31


2025-12-29  Werner Koch  <wk@gnupg.org>

	Revert "misc: Validate the value on the use of strtol."
	+ commit a9da315fb8d1cb074f97a358c22b72696edc39f6
	* g10/misc.c: No checking for end-of-string after strtol because the
	function is also used for strings with several values.

	Release 2.5.15.
	+ commit 7ee523ac29032292aed46612d80d847234c1afae


	gpg: Deprecate the option --not-dash-escaped.
	+ commit 947ea3c411f0c14ba002612bb4ab500fba105570
	* g10/options.h (COMPAT_ALLOW_NOT_DASH_ESCAPED): new.
	* g10/gpg.c (compatibility_flags): Add "allow-not-dash-escaped".
	(main): Print a deprecation warning.
	* g10/armor.c (parse_header_line): Ignore the NotDashEscaped header.

	* tests/openpgp/clearsig.scm (vectors): Remove test case.

	gpg: Fix for a recently claimed harmless keyboxd change.
	+ commit abe9bddaa72bac34b4ad01367ecf2589d63153af
	* g10/call-keyboxd.c (search_status_cb): Bump up last_pk_no to fix for
	the discrepancy between keyboxd API and out internal use.

2025-12-23  Werner Koch  <wk@gnupg.org>

	keyboxd: Fix database schema migration.
	+ commit 81bb949755ce1344206bb8750185b573bc22bbf4
	* kbx/backend-sqlite.c (migrate_from_v1_to_v2): Explicitly name the
	columns of the new table.

	gpg: Implement skip function for keyboxd to fix a validation bug.
	+ commit 6c1d13ac66d74f3fbe7993811d0ba9d02ff99733
	* kbx/keybox-openpgp.c (_keybox_parse_openpgp): Add flag only_primary.
	Change all callers.
	(kbx_get_first_opgp_keyid): New.
	* kbx/keybox-search-desc.h: Add prototype for this function.
	* g10/call-keyboxd.c (keydb_search): Implement the skip function.

	keybox: Fix the not yet used uid and pk keyblock index return values.
	+ commit 01eaa386ec06df399954694dcf6fc086be399185
	* kbx/backend-sqlite.c (be_sqlite_search): Return pk_no and uid_no
	without an offset of 1.

2025-12-23  Temuri Doghonadze  <temuri.doghonadze@gmail.com>

	po: Update Georgian Translation.
	+ commit c7472b1b9d2f739446efb9c5c72cfb8c495ebbbf


2025-12-10  Werner Koch  <wk@gnupg.org>

	Avoid the function name thread_init.
	+ commit 4350fc192251f668c0ee9a88a8bad574e4fc6ac9
	* agent/gpg-agent.c (thread_init_once): Rename to ...
	(agent_thread_init_once): this.
	* kbx/keyboxd.c (thread_init_once): Rename to ...
	(keyboxd_thread_init_once): this.
	* dirmngr/dirmngr.c (thread_init): Rename to ...
	(dirmngr_thread_init): this.

2025-11-28  Werner Koch  <wk@gnupg.org>

	dirmngr: Add a compatibility flag for use with newer Libksba versions.
	+ commit 674aa54242d121354b5edd066d6753194446cbd7
	* dirmngr/dirmngr.h (COMPAT_OCSP_SHA256_CERTID): New.
	* dirmngr/dirmngr.c (compatibility_flags): Add compat flag.
	(my_ksba_hash_buffer): Support SHA256.
	* dirmngr/ocsp.c (do_ocsp_request): Make use of the flag.

2025-11-25  NIIBE Yutaka  <gniibe@fsij.org>

	common:dotlock: Escalate a warning message up to INFO from DEBUG.
	+ commit 32a3e5f83bbb8c6f21fcc11d28330e136fbe1785
	* common/dotlock.c (dotlock_take): Use my_info_1 when already locked.
	(dotlock_release): Likewise.

	kbx:sqlite: Don't call dotlock_release.
	+ commit aab29b1286936fbddacdc8fffe2f0399fee668d7
	* kbx/backend-sqlite.c (create_or_open_database): Remove call to
	dotlock_release, as dotlock_destroy cares the lock if any.

	common:dotlock: Comment fixes.
	+ commit d4e40e2a8adc7b6278fb7d0923faf88b316f4dc2
	* common/dotlock.h: dotlock_tool is now in gpgconf.
	* common/dotlock.c: Likewise.

	common:dotlock:w32: Minor fixes for Windows.
	+ commit 68dcfec91b9007884e1c46920647007618d402c8
	* common/dotlock.c (any8bitchar): Define under HAVE_DOSISH_SYSTEM.
	(dotlock_create_w32): Add missing call of UNLOCK_all_lockfiles,
	even though it's currently not implemented yet.
	(dotlock_take_w32): Use my_set_errno, like other places.

	commond:dotlock: Remove support of use with glib.
	+ commit e4f20ba10a6a56a7145ed8213d547fd9e85575fe
	* common/dotlock.c [DOTLOCK_GLIB_LOGGING]: Remove.

2025-11-20  NIIBE Yutaka  <gniibe@fsij.org>

	agent: Use SHADOW_INFO to silence warnings.
	+ commit 216a695ced8304d560d587345077a8d0bcfbc5f5
	* agent/agent.h [!HAVE_LIBTSS] (agent_tpm2d_ecc_kem): Add SHADOW_INFO.

	common,agent,dirmngr,kbx:w32: Synchronous spawning daemon process.
	+ commit 57affc4e98ab80d89f636a50bb165f90d233083c
	* common/asshelp.c [HAVE_W32_SYSTEM] (start_new_service): Catch the
	error output when starting daemon and wait until it's ready.
	(w32_ack_to_frontend): New.
	* common/asshelp.h (w32_ack_to_frontend): New.
	* agent/gpg-agent.c [HAVE_W32_SYSTEM] (main): Add w32_ack_to_frontend.
	* dirmngr/dirmngr.c [HAVE_W32_SYSTEM] (main): Ditto.
	* kbx/keyboxd.c [HAVE_W32_SYSTEM] (main): Ditto.

	agent,common,dirmngr,tests: Silence warnings of a compiler.
	+ commit cad79e542d8506942d5b20f544d465cbaf64fd75
	* agent/command.c (cmd_keytocard): Initialize N.
	* common/ksba-io-support.c (bintoasc): Use GPGRT_ATTR_NONSTRING.
	* dirmngr/dns.c (dns_aaaa_arpa): Use GPGRT_ATTR_NONSTRING.
	(dns_sshfp_cmp0): Ditto.
	* tests/gpgscm/scheme.c (scheme_define): Initialize SSLOT.

	misc: Validate the value on the use of strtol.
	+ commit bcd87ea2b2da3ed9fe41341959d9c886029606a9
	* g10/misc.c (string_to_cipher_algo): Use "long"-type variable to
	catch the result of strtol and validate the value.
	(string_to_aead_algo, string_to_digest_algo): Likewise.

2025-11-19  Werner Koch  <wk@gnupg.org>

	Release 2.5.14.
	+ commit 4d993c37d9b0b9262f859c23fea2e8da561f4639


	agent: Minor cleanup of a recent change.
	+ commit 6abe59a7c8db4d2cef85e8630adec8ee2d541324
	* agent/protect.c (protect_info): Remove duplicate line.

	kbx: A minor update of the fingerprint table.
	+ commit 46f4cb66125ee34e87e592cc02d38daead3427af
	* kbx/backend-sqlite.c (table_definitions) <fingerprint>: Add columnt
	'flags'.

2025-11-18  Werner Koch  <wk@gnupg.org>

	gpg: New import option "force-update"
	+ commit f6237ccd313a42c7f3271e0f93c39d43fe16e9f3
	* g10/options.h (IMPORT_FORCE_UPDATE): New.
	* g10/import.c (parse_import_options): Add "force_update".
	(import_one_real): Use force_update.

	kbx: Fix schema of the fingerprint table.
	+ commit 0cc7759ed5a3890b4e28563a6b5e97f3aa551530
	* kbx/backend-sqlite.c (DATABASE_VERSION): Set to 2.
	(DATABASE_VERSION_MAX): New.
	(table_definitions): Rename field special to name and adjust users.
	  <table fingerprint>: Drop the PRIMARY KEY from the fpr column.
	(migrate_from_v1_to_v2): New.
	(create_or_open_database): Detect a bad database version and try to
	migrate it.

	common: New function replace_substr.
	+ commit be9b1404e66157ac00bf3ae488ad2af1becffe25
	* common/stringhelp.c (replace_substr): New.
	* common/t-stringhelp.c (test_replace_substr): New test.

	gpg: Include ADSK keys in a key listing with fingerprints.
	+ commit 5bcf5f57b8632edb7212f0d58d4b752d7627afeb
	* g10/keydb.h (GET_PUBKEYBLOCK_FLAG_ADSK): Remove.
	(GETKEY_ALLOW_ADSK): New.
	* g10/getkey.c (get_pubkeyblock_ext): Use the new flag instead.
	Change the caller using the old flag.
	(key_byname): Support the GETKEY_ALLOW_ADSK flag.
	(getkey_bynames): Change to use aan arg flags instead of want_secret.
	This allows to pass more flag values.  Adjust callers.
	* g10/keylist.c (list_one): Pass GETKEY_ALLOW_ADSK.

	gpg: Cleanup of the local function key_byname.
	+ commit 4f19587b16b0bdd9e9c48e488f150d77e3c3ee52
	* g10/keydb.h (GETKEY_WANT_SECRET): New.
	(GETKEY_WITH_UNUSABLE): New.
	* g10/getkey.c (key_byname): Repalce args want_secret and
	include_unusable by an arg flags.  Change the fucntion and all direc
	callers to use these flags.

2025-11-17  Werner Koch  <wk@gnupg.org>

	gpg: Fix export in mode1003 when cache nonce is used.
	+ commit c254d4fbc6ac444cd089daedeb01392d4d78c4c7
	* g10/call-agent.c (agent_export_key): Add missing space.

	gpg: Support passphrase change for composite keys.
	+ commit 120142c3be532ee8827ac4a33fc4e77bdc225090
	* g10/keyedit.c (change_passphrase): Support composite keys.

2025-11-16  Ingo Klöcker  <dev@ingo-kloecker.de>

	gpgsm: Fix output of card serial number in colon listing.
	+ commit 0947a20c28cf5d5a867e2629415bf47fbcad771f
	* sm/call-agent.c (keyinfo_status_cb): Set S back.

2025-11-16  Werner Koch  <wk@gnupg.org>

	gpg: Allow the import of Kyber secret keys.
	+ commit 47bab26daf035ffdce97e4957bdb6ad12dbea506
	* g10/import.c (transfer_secret_keys): Handle mode 1003.
	* g10/call-agent.c (agent_import_key): Add arg mode1003.
	* common/sexputil.c (make_canon_sexp): Create in secmem when the input
	was in secmem.
	* agent/findkey.c (agent_write_private_key): Add arg 'linkattr' and
	change all callers.
	* agent/command.c (cmd_import_key): Add option '--mode1003'.
	Reorganize code and implement support for composite keys.

2025-11-15  Werner Koch  <wk@gnupg.org>

	gpg: Change the mode1003 format for composite keys.
	+ commit 5d855f76c8af280f0a2b01d64283a9efa0f5d795
	* g10/export.c (secret_key_to_mode1003): Put both parts into one
	container.
	* g10/parse-packet.c (parse_key): Revert to old version.

	gpg: Refactor an import function for better readability.
	+ commit c564a297abd3ad306114a8438de730cbb710d36d
	* g10/import.c (transfer_secret_keys): Factor some code out to ...
	(build_classic_transfer_sexp): new and ..
	(internal_skey_object_to_sexp): new.

2025-11-14  Werner Koch  <wk@gnupg.org>

	gpg: Allow the export of Kyber secret keys.
	+ commit e5473262e88473a101241e7b4860882ebeb1ed97
	* g10/export.c (match_curve_skey_pk): Allow the ECC part of a Kyber
	key.
	(secret_key_to_mode1003): Add arg is_part2.  Add code to allow a
	second call to merge the Kyber part to the secret key s-exp.
	(receive_seckey_from_agent): Add arg is_part2 and forward it.
	(do_export_one_keyblock): Detect a dual key and handle it accordingly.
	* g10/parse-packet.c (parse_key): In the secret key list code also
	print the second s-expr of a dual key.

	agent: Support protection for Kyber keys.
	+ commit aea62817f30030da19fd0aee3a9f65b5c8347b64
	* agent/protect.c (protect_info): Support the Kyber variants.

2025-11-14  NIIBE Yutaka  <gniibe@fsij.org>

	build: Silence automake about escaping #.
	+ commit d1cde3e36463a048364c9cf799684c8f771775c7
	* tests/cms/Makefile.am (CLEANFILE): Use printf to generate 043 char.
	* tests/openpgp/Makefile.am (CLEANFILES): Ditto.
	* tests/pkits/Makefile.am (CLEANFILES): Ditto.

	common: Fix the test of t-stringhelp.
	+ commit 8a95e963d53a7ae1d74926d8d267ddd70dc1fb7c
	* common/t-stringhelp.c (stresc): Don't put newline when escaped.

2025-11-12  Werner Koch  <wk@gnupg.org>

	scd:nks: Make newer TCOS signature cards work.
	+ commit 17596e830f08e601f2ea5142343996d48dd2930b
	* scd/app-nks.c: Make appversion 232 an alias for 15.

2025-11-11  NIIBE Yutaka  <gniibe@fsij.org>

	gpg: Fix armored input parsing.
	+ commit 62b8bf2f390533d23e24d27552fecf562752d358
	* g10/armor.c (radix64_read): Fix counting of characters in the
	trailer.

	dirmngr: Fix OCSP check.
	+ commit 9ef87bcdb03490085e2fd16c0e8ee60de7514f28
	* dirmngr/ocsp.c (ocsp_isvalid): Fix the condition, it's wrong
	to require *TMP_TIME is zero.

2025-11-07  Werner Koch  <wk@gnupg.org>

	gpg: Improve --list-packets for algorithm 8.
	+ commit ff916a05c434835cb615b9b889793e6af1a977a5
	* g10/parse-packet.c (parse_key): Tweak list mode and implement
	printing of "kyNNN_foo instead of just the second algos curve.

2025-11-06  NIIBE Yutaka  <gniibe@fsij.org>

	agent: Fix wiping memory in PKDECRYPT command.
	+ commit 12c0b94fcb5fe276ff1b94029828feeac78d73f0
	* agent/pkdecrypt.c (ecc_kem_decrypt): Don't touch the memory when KEK
	is NULL.

2025-11-05  Werner Koch  <wk@gnupg.org>

	gpg: Escape chars with high bit set in NOTATION status lines.
	+ commit 0c3764516228aad4b9c08d62cf4787bcc10147e2
	* g10/cpr.c (write_status_text_and_buffer): Add special handling for
	two status codes.

2025-11-04  Werner Koch  <wk@gnupg.org>

	agent: Accept a trustlist with a missing LF at the end.
	+ commit 1b4ac98de7db6f6828b1b255ad3d4e5e7373666e
	* agent/trustlist.c (read_one_trustfile): Clear error if the last line
	has no LF.

2025-11-04  NIIBE Yutaka  <gniibe@fsij.org>

	agent:ssh: Fix RSA signature handling for newer spec.
	+ commit c7e0ec12609b401ea81c4851522d86eb5ec27170
	* agent/command-ssh.c (SPEC_FLAG_WITH_FIXEDLENGTH): New.
	(struct ssh_key_type_spec): Add keysize field.
	(ssh_signature_encoder_rsa): Support the fixed length signature for
	RSA in RFC-8332.
	(ssh_handler_sign_request): Enable SPEC_FLAG_WITH_FIXEDLENGTH for
	rsa-sha2-256 and rsa-sha2-512.  Set up keysize field for those.

2025-11-03  Werner Koch  <wk@gnupg.org>

	gpg: Print new "pfc" record in --with-colons key listings.
	+ commit 8b44256a55496d598f5b903377ccc0100bc87812
	* g10/keylist.c (show_preferences): Add new mode 2 to print pfc
	records.
	(list_keyblock_colon): Call it with mode 2.

2025-10-27  Werner Koch  <wk@gnupg.org>

	gpg: Do not use a default when asking for another output filename.
	+ commit ad0c6c33c3d6fe7ff7cc8c2e73d02ead5788e5b3
	* g10/options.h (COMPAT_SUGGEST_EMBEDDED_NAME): New.
	* g10/gpg.c (compatibility_flags): New flags "suggest-embedded-name".
	* g10/openfile.c (ask_outfile_name): Do not show a default unless the
	compatibiliy flag is used.

2025-10-24  Werner Koch  <wk@gnupg.org>

	gpg: Improve/relax the checking of preference options.
	+ commit 6570700fddcb92ce08024a651dd6989025fe9e20
	* g10/keygen.c (keygen_set_std_prefs): Add S2 only if available.  Do
	not return an error if one algorithm could be added.

2025-10-23  Werner Koch  <wk@gnupg.org>

	gpg: Fix possible memory corruption in the armor parser.
	+ commit 115d138ba599328005c5321c0ef9f00355838ca9
	* g10/armor.c (armor_filter): Fix faulty double increment.

	* common/iobuf.c (underflow_target): Assert that the filter
	implementations behave well.

2025-10-22  Werner Koch  <wk@gnupg.org>

	Release 2.5.13.
	+ commit b39a0298112de853cc7c0833ed1c366330a225ef


	gpg: Error out on unverified output for non-detached signatures.
	+ commit 8abc320f2a75d6c7339323a3cff8a8489199f49f
	* g10/mainproc.c (do_proc_packets): Never reset the any.data flag.

	gpg: Avoid potential downgrade to SHA1 in 3rd party key signatures.
	+ commit db9705ef594d5a2baf0e95e13cf6170b621dfc51
	* g10/sig-check.c (check_signature_over_key_or_uid): Always initialize
	IS_SELFSIG because it is later used to detect SHA1 non-selfsignatures.

2025-10-22  NIIBE Yutaka  <gniibe@fsij.org>

	gpg,gpgsm: Serialize write access to keybox/keyring to protect.
	+ commit 2d9e1295a1f4a6929efeccfb1d8492eee4ff588b
	* g10/keydb.c (internal_keydb_update_keyblock): Caller should lock the
	resource by keydb_lock, before use of this routine.
	(internal_keydb_insert_keyblock): Likewise.
	(internal_keydb_delete_keyblock): Likewise.
	* g10/delkey.c (do_delete_key): Serialize the access to the resource.
	* g10/import.c (import_revoke_cert): Likewise.
	* g10/keyedit.c (quick_find_keyblock): Likewise.
	* g10/keygen.c (quick_find_keyblock): Likewise.
	* sm/delete.c (delete_one): Lock earlier to protect the resource
	correctly.
	* sm/keydb.c (do_set_flags): Rename from keydb_set_flags.
	(keydb_set_cert_flags): Follow the change.
	(keydb_update_cert): Require locked by caller.
	* sm/keydb.h (keydb_set_flags): Remove.

	gpgsm: Fix delete and store certificate locking glitches.
	+ commit 3db6f9f080bc056b5e8af464eb7a5cc727ae9217
	* sm/keydb.c (do_insert_cert): Rename from keydb_insert_cert.
	Don't call unlock_all.
	(keydb_delete): Don't call unlock_all.
	(keydb_store_cert): Use keydb_lock, instead of internal lock_all
	directly.  Follow the name change of do_insert_cert.

	kbx,gpg,gpgsm: Add FP-close method for keydb to close before unlock.
	+ commit 4a2dda2002c42fa541dacd142093c89476df606d
	* kbx/keybox.h (keybox_fp_close): New.
	* kbx/keybox-init.c (keybox_fp_close): New.
	(keybox_release): Don't close FP here.
	* kbx/keybox-update.c (keybox_compress_when_no_other_users): Use
	keybox_fp_close.
	* kbx/backend-kbx.c (be_kbx_release_kbx_hd): Follow the change.
	* g10/keyring.h (keyring_fp_close): New.
	* g10/keyring.c (keyring_fp_close): New.
	(keyring_release): Don't close IOBUF here.
	(keyring_rebuild_cache): Use keyring_fp_close.
	* g10/keydb.c (do_fp_close): New.
	(unlock_all): Close FP before unlocking.
	* sm/keydb.c  (do_fp_close): New.
	(unlock_all): Close FP before unlocking.

	gpg,gpgsm: No more internal-lock when KEEP_LOCK is enabled.
	+ commit ef42a1e218ce5ba26723e5af0ba16fe0ce7d4b00
	* g10/keydb.c (lock_all): Success when KEEP_LOCK already.
	* sm/keydb.c (lock_all): Ditto.

	kbx,gpg,gpgsm: Introduce keybox_compress_when_no_other_users.
	+ commit a0beed35d6c6be02414bb28fc7fa00758b8f5789
	* kbx/keybox.h (keybox_compress_when_no_other_users): Rename from
	keybox_compress, changing the arguments and the return type.
	* kbx/keybox-update.c (keybox_compress_when_no_other_users): Open the
	HD internally and make sure all resources are closed before unlocking.
	* g10/keydb.c (keydb_add_resource): Simply call
	keybox_compress_when_no_other_users which handles locking internally.
	* sm/keydb.c (keydb_add_resource): Likewise.

2025-10-21  Werner Koch  <wk@gnupg.org>

	dirmngr: New LDAP keyserver flag "upload"
	+ commit 31de5d0d8cd59195bfb57f9ff3b490cd5e30b3ce
	* dirmngr/dirmngr.h (struct ldap_server_s): Add flag "upload".
	* dirmngr/ldapserver.c (ldapserver_parse_one): Parse and set new flag.
	* dirmngr/ks-action.c: Include ldapserver.h
	(ks_action_get): Skip servers with the upload flag set.
	(ks_action_put): Use the first server with the upload flag set if any
	such flag is used.

	w32: When deleting a private key retry up to 400ms.
	+ commit 2b54dd035a32c78e9a5eca56add576a0c33a0532
	* agent/findkey.c (remove_key_file): Wait if needed

2025-10-21  NIIBE Yutaka  <gniibe@fsij.org>

	gpg: Minor clean up for keydb_lock API.
	+ commit 4050139d46fba2b50d95cd404ceb39c72efd1bb2
	* g10/keydb-private.h (internal_keydb_lock): Remove.
	* g10/keydb.c (internal_keydb_lock): It's internal function.
	* g10/call-keyboxd.c (keydb_lock): Move to...
	* g10/keydb.c (keydb_lock): ... here.

2025-10-21  Werner Koch  <wk@gnupg.org>

	common,w32: Always use share mode readwrite for the keybox.
	+ commit 9fd630fb23b741bc41c4d3d9e09198da1b4c6470
	* common/iobuf.c (direct_open) [W32]: Always use a share mode read or
	write.
	* kbx/keybox-init.c (_keybox_ll_open): Ditto.  This requires the
	latest gpgrt to work.

2025-10-21  NIIBE Yutaka  <gniibe@fsij.org>

	w32:common: Take care of possible race on startup under Windows.
	+ commit ae431b04370fe3ac3690921548d340b991eea49a
	* common/asshelp.c (start_new_service) [HAVE_W32_SYSTEM]: Remove the
	socket before starting the daemon.

2025-10-21  Werner Koch  <wk@gnupg.org>

	common: New function gnupg_remove_ext.
	+ commit 8a5d2674c3be7a6dfe7f35495af4df9e8be20d13
	* common/sysutils.c (gnupg_rename_file): Factor out the wait function
	to ...
	(w32_wait_when_sharing_violation): New.
	(w32_remove): New.
	(gnupg_remove_ext): New.
	(gnupg_remove): Now a wrapper arounf gnupg_remove_ext.
	(gnupg_rename_file) [W32]: Use 32_remove with indefinite wait for
	sharing violation.

2025-10-21  NIIBE Yutaka  <gniibe@fsij.org>

	build,common,g13,sm,tools: Require GpgRT 1.56.
	+ commit 39cc15029017ba5fd6d04f710e5a3125ed3b30a8
	* configure.ac (NEED_GPGRT_VERSION): Require 1.56.
	* g13/g13.c (main): Remove support of old gpgrt.
	* sm/gpgsm.c (main): Likewise.
	* tools/gpg-wks-client.c (wrong_args, main): Likewise.
	* tools/gpgconf.c (my_read_reg_string): Likewise.
	* common/util.h (GPG_ERR_UNEXPECTED_PACKET): Likewise.
	* common/mapstrings.c (map_static_macro_string): Likewise.

	common,dirmngr:w32: Fix for semi-hosted environment.
	+ commit 61ff3759e827fed5ea47897af1291443aeb5172e
	* common/init.c [HAVE_W32_SYSTEM] (windows_semihosted_by_wine): New.
