Release Notes: The Yarom/Falkner flush+reload side-channel attack on RSA secret keys is now mitigated. IDEA was fixed for big-endian CPUs. The diagnostics for failed keyserver lookups were improved. Several further bugs and portability issues were fixed.
Release Notes: A corruption of the public keyring database on import of manipulated public keys was fixed. This issue was reported as CVE-2012-6085. Support for the old cipher algorithm IDEA was added. Small changes were made to increase compatibility with future OpenPGP and GnuPG features. Minor bugfixes were made.
Release Notes: Many enhancements and fixes were made.
Release Notes: A possible memory corruption while importing OpenPGP keys, as reported in CVE-2008-1530, was fixed. The Admin PIN for OpenPGP cards may now be entered with the pinpad. Certificate chain construction was improved. The PKITS framework was extended. A bug in the ambigious name detection was fixed. Further minor bugfixes were made.
Release Notes: A possible memory corruption while importing OpenPGP keys was fixed. AES encryption performance was improved by more than 20% on x86, and decryption is also slightly faster.
Release Notes: A vulnerability when using GnuPG in streaming mode, which made it possible to insert additional text before or after a signed message if GnuPG was not used correctly, was fixed.
Release Notes: A bug in the validation of keys with more than one user ID has been fixed. Some new options have been added, as well as several small fixes and other improvements.