GnuPG 2.0.27 released

GnuPG is a complete and free implementation of the OpenPGP standard. It allows to encrypt and sign your data and communication, features a versatile key management system as well as access modules for all kinds of public key directories.

GnuPG 2.0.27 is a maintenance release which fixes a couple of bugs, and an update to this version is suggested.

What’s new:

  • gpg: Detect faulty use of –verify on detached signatures.
  • gpg: New import option “keep-ownertrust”.
  • gpg: Uses SHA-256 for all signature types also on RSA keys.
  • gpg: Added support for algo names when generating keys using the –command-fd method.
  • gpg: Unless –allow-weak-digest-algos is used the insecure MD5 based fingerprints are shown as all zeroe
  • gpg: Fixed DoS based on bogus and overlong key packets.
  • gpg: Better error reporting for keyserver problems.
  • Fixed several bugs related to bogus keyrings and improved some other code.


Subscribe to the Help Net Security breaking news e-mail alerts:


Don't miss