1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
|
List of fixed bugs
--------------------
(format: severity: [ *] to [***], no, first reported, by, version)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[ *] #1
pgp263in works fine even with a source file with CR,LF but GnuPG
and pgp263in has problems if the clearsign has been created by
pgp263ia. The reason for this problem is that pgp2 sometimes
converts CR,LF to CR,CR,LF and to fix for this it hashes both
versions. I was able to reproduce such a problem, that PGP263in
was not able to verify it's own signature.
FIX: 1999-05-19 (Most cases are now handled)
[***] #2 1999-02-21
Problem while importing or deleting public keys in 0.9.3 - 0.9.2
worked fine. Error message:
gpg:[stdin]: key A6A59DB9: secret key not found: public key not found
FIX: 1999-02-22 wk
[ *] #5
/home/jam/.gnupg/pubring.gpg: can't open gdbm file: Can't be writer
keyblock resource `/home/jam/.gnupg/pubring.gpg': file open error
OOPS in close enum_keyblocks - ignored
[gdbm is experimental and will be replaced by the new keybox code]
FIX: 1999-07-22 (Fixed the second error, there will be no fix for
the first one, because GDBM is to be replaced)
[ *] #7 1999-02-22 <dwpalmer@dwpalm.jf.intel.com> 0.9.3
Conventional encryption incompatibility:
$ gpg -c --cipher-algo cast5 --compress-algo 1 --no-comment secrets.txt
Creates a file that gpg can decrypt, but PGP 5.5 has problems with it.
PGP decrypts 6416k out of 6424k, then complains with "PGP Warning",
"The keyring contains a bad (corrupted) PGP packet". The resulting
file is missing information from the front.
FIX: 1999-02-26 temporary fix in encrypt_simple()
[ *] #8 1999-02-25 <kazu@iijlab.net> 0.9.3
%gpg --encrypt -r kazu@iijlab.net --batch foo
gpg: Warning: using insecure memory!
gpg: 11C23F61: no info to calculate a trust probability
This creates a symmetrically encrypted message WITHOUT a session key
encrypted with public cryptographic(i.e. foo.gpg). This is probably
FIX: 199-02-26 wk
[ **] #9 1999-02-25
Misalignment in md5.c#md5_write.
FIX: 1999-02-26 wk
[ **] #10 1999-03-01
Armor detection code is broken. Direct import of keyrings is not possible.
FIX: 1999-03-02 wk
[***] #11 1999-02-25
"cipher algo 10 not found".
FIX: 1999-02-25 wk
[ **] #12 1999-03-10
gpg --list-secret-keys --with-colon SEGVs
FIX: 1999-03-10
[ *] #13 1999-04-05
Trying to generate very large keys fails with a BUG in read_pool()
FIX: 1999-04-06
[ *] #14 1999-04-05 <anonymous>
If you use --s2k-cipher-algo twofish, the the program crashes with
a BUG at line 226 of passphrase.c.
FIX: 1999-04-06
[ **] #15 1999-04-05
Hash calculation for subkey bindings is not according to rfc2440 if
a 4 byte length header is used for the subkey.
FIX: 1999-04-06
[***] #16 1999-03-23 <jafo@tummy.com>
Verifying detached signatures with an empty file yields a rc of 0.
FIX: 1999-05-06
[ **] #17 1999-05-18 <Bodo_Moeller@public.uni-hamburg.de> 0.9.6
Import does not detect identical user IDs.
FIX: 1999-05-22
[ **] #19 1999-06-11
"trustdb transaction too large" with about 500 signatures on a key
FAEBD5FC.
FIX: 1999-07-12 (less memory requirement and increased the limit)
[ **] #20 1999-06-16 <jashley@yorktown.designlab.ukans.edu> 0.9.7
Using "addkey" in the edit menu with more than 1 subkey leads to
"out of secure memory" in some cases.
FIX: 1999-06-17 (Twofish uses too much memory and the memory
becomes fragmented - workaround is using CAST5 to protect passphrases)
[ *] #21 1999-06-17
Ctrl-D does not work correct for messages entered at the tty.
FIX: 1999-06-18 (Better EOF detection on terminals)
[ *] #22 1999-07-22
Solaris make has problems with the generated POTFILES - seems to be a
gettext bug. Use GNU make as a workaround.
FIX: 1999-12-03 (meanwhile fixed in gettext)
[ *] #23 1999-09-03 <todd.brooks@yale.edu> 0.9.11
Only the first signature of a cleartext sig seems to be verified.
Can't fix it in 1.0 because the code is semi-frozen.
HMMM: Can't reprodude the bug here - it just works.
[ **] #25 1999-10-04 <wk@gnupg.org> 1.0
Validity check based on user name is only done when listing a key;
the key ID based checking (selecting the user ID with the most
validity) is used in all other cases. The Edit menu does not have
a way to disable user ID based validity.
FIX: 1999-12-03 (1.0.x only)
[ *] #26 1999-11-11
gpg still does not take UTF8 strings to select a UID.
FIX: 1999-11-12
[ **] #27 1999-11-12 <oren@hishome.net>
Unknown packets (type 17 - photo ID?) mess up the checking
of self-signature because they are simply ignored.
FIX: 1999-11-12 (1.0.x only)
[ **] #29 1999-12-01 <karney@pppl.gov>
Using a --gen-key on a new user account (w/o ~./gnupg) doesn't pay
attention to the standard options files, which get's installed
afterwards.
FIX: 1999-12-02
|
