Reconquer your privacy
Arguing that you don't care about the right to privacybecause you have nothing to hide is no different fromsaying you don't care about free speech because you havenothing to say. –EdwardSnowden
Using encryption helps to protect your privacy and the privacy of thepeople you communicate with. Encryption makes life difficult for bulksurveillance systems. GnuPG is one of the tools that Snowden used touncover the secrets of the NSA.
Please visit the Email Self-Defense site to learn how and why youshould use GnuPG for your electronic communication.
News
The latest blog entries:
- Smartcard generation keeps an unprotected backup key on disk
- ADSK: The Additional Decryption Subkey
- Integer Overflow in LibKSBA / GnuPG
The latest release news:
(all news)
GnuPG 2.5.1 released with FIPS-203 support (2024-09-12)
We are pleased to announce the availability of a new GnuPG release:version 2.5.1. This release is the second of a series of publictesting releases eventually leading to a new stable version 2.6.
The main features in the 2.6 series are improvements for 64 bitWindows and the introduction of a PQC encryption algorithm.
{Read more}.
Our FTP server has been discontinued (2024-08-20)
For technical and organisational reasons we recently shutdown our FTPserver. Instead of using ftp.gnupg.org please usehttps://gnupg.org/ftp/ .
GnuPG 2.5.0 released for public testing (2024-07-05)
We are pleased to announce the availability of a new GnuPG release:version 2.5.0. This release is the first of a series of public testingreleases eventually leading to a new stable version 2.6.
The main features in the 2.6 series are improvements for 64 bitWindows and the introduction of a PQC encryption algorithm.
{Read more}.
Libgcrypt 1.11 is the new stable branch (2024-06-19)
Although we will keep on maintaining the 1.8 and 1.10 branch for somemore time, the new stable branch is now 1.11. Version 1.11.0 comeswith a lot of performance improvements, new interfaces, and nowsupports common quantum-resistant algorithms. It provides full APIand ABI compatibility to previous versions. {more}
GnuPG 2.4.5 and Gpg4win 4.3.1 released (2024-03-12)
We are pleased to announce the availability of a new stable GnuPGrelease: version 2.4.5. This version fixes a couple of bugs and comeswith some new features. {more}
Security advisory for smartcard keys with backupimportant
GnuPG versions 2.4.2, 2.4.3, and 2.2.42 had a regression in thedefault way to create smartcard keys. If you created a key with the–edit-key command using one of these versions, please head over toour security advisory:
https://gnupg.org/blog/20240125-smartcard-backup-key.html
GnuPG 2.4.4 released (2024-01-25)
We are pleased to announce the availability of a new stable GnuPGrelease: version 2.4.4. This version fixes a couple of bugs, comeswith some new features. A smartcard related security bug is alsofixed and a tool to check for this flaw is provided. {more}
GnuPG 2.4.3 released (2023-07-04)
We are pleased to announce the availability of a new stable GnuPGrelease: version 2.4.3. This version fixes some minor bugs andimproves the performance on Windows. {more}
GnuPG 2.4.2 released (2023-05-30)
We are pleased to announce the availability of a new stable GnuPGrelease: version 2.4.2. This version fixes some minor bugs andimproves the performance on Windows. {more}
GnuPG 2.4.1 released (2023-04-28)
We are pleased to announce the availability of a new stable GnuPGrelease: version 2.4.1. This release comes with a lot of new featuresand fixes some minor bugs. {more}
25 Years of GnuPG (2022-12-20)
Exactly 25 years ago the very first release of GnuPG was published.We are pleased to take this opportunity to announce the availabilityof GnuPG version 2.4.0.
This release has a few new features and the binary releases come withan updated Libksba to fix another vulnerability related toCVE-2022-3515. {more}
Libksba security advisory update (2022-12-20)important
Another bug has been found in Libksba which affects all versions oflibksba before 1.6.3 (CVE-2022-47629). Our security advisoryfor CVE-2022-3512 has been updated accordingly. Windows usersshould update to Gpg4win 4.1.0 or to GnuPGVS-Desktop 3.1.26.
GnuPG / Libksba security advisory (2022-10-17)important
A severe bug has been found in Libksba, the library used by GnuPG forparsing the ASN.1 structures as used by S/MIME. The bug affects allversions of Libksba before 1.6.2 and may be used for remote codeexecution. Updating this library is thus important.
Please see our security advisory for CVE-2022-3512. Fordownload links please see the download page. Windows users shouldupdate to Gpg4win 4.0.4 or to GnuPGVS-Desktop 3.1.25.
GnuPG 2.3.8 released (2022-10-13)
We are pleased to announce the availability of a new stable GnuPGrelease: version 2.3.8. This release comes with a lot of new featuresand the binary releases come with the fix for the Libksbavulnerability CVE-2022-3515. {more}
GnuPG 2.3.7 released (2022-07-11)
We are pleased to announce the availability of a new stable GnuPGrelease: version 2.3.7. This release fixes CVE-2022-34903 which couldbe used to inject wrong status information in signatures. The statusinformation could then be abused to display a wrong validity inKleopatra and other users of GPGME. {more}
GnuPG 2.3.6 released (2022-04-25)
We are pleased to announce the availability of a new stable GnuPGrelease: version 2.3.6. This release fixes a regression introduced in2.3.5 released just a few days ago. {more}
GnuPG 2.3.5 released (2022-04-21)
We are pleased to announce the availability of a new stable GnuPGrelease: version 2.3.5. This is another release in the stable 2.3series which introduces new options, improves the performance, andfixes some bugs. {more}
Libgcrypt 1.10 is the new stable branch (2022-03-28)
Although we will keep on maintaining the 1.8 branch, the new stablebranch is now 1.10. Version 1.10.1 comes with a lot of performanceimprovements and a few other new features. It provides full API andABI compatibility to previous versions. {more}