GPG Suite 2015.08
Security Note
A bug in a Libmacgpg subcomponent could be abused by a local user to execute shell commands with root privileges (CVE-2014-4677).This issue was fixed in GPG Suite 2015.06.
A big thank you goes out to Bruno Bierbaumer for bringing this bug to our attention.
Note for OS X 10.6 and 10.7 users: when installing this update, you might be asked for your admin password twice.
GPGMail 2.5.1
Bugfixes:
- 10.8 + 10.7: GPGMail setting to "Encrypt Drafts" could not be disabled. [#841]
- Save and display the "Update check" setting correctly. [#842]
- Properly display messages with content-type application/pgp. [#838]
- Preserve rich-text formatting when continuing drafts. When drafts where re-opened all formatting was lost. [#835]
GPG Keychain 1.2.1
Show key revocation date
- Key details for revoked keys now show the date of the revocation. [#345]
Bugfixes:
- Drag & Drop of keys was not working when expert settings were enabled. [#343]
GPGServices 1.10.1
Supporting more applications
- Added a ton of CFBundleIdentifiers to GPGServices in order to support more applications. [#209, #144]
MacGPG 2.0.28
Integrate MacGPG 2.0.28 [#159]
- MacGPG is now based on gnupg 2.0.28
Bugfixes:
- Fixes pinentry-mac to no longer be affected by the XARA attack. [#160]
Libmacgpg 0.6
Be more tolerant towards malformed messages
- Too many line breaks or other minor deformations of ASCII PGP data often resulted in a message that could not be decrypted. We are now much more tolerant and flexible. [#63, #145, #14, #38]
Bugfixes:
- No more "no pinentry" errors! We've finally found a solution to fix the infamous "no pinentry" bug, caused by a socket connection to gpg-agent which was not closed under some circumstances. [#147]
- One of the most common crashes in the 2015.06 release has been fixed. GPGTaskHelperXPC no longer crashes. [#143]
- Crash in Libmacgpg GPGPacket fixed. [#146]
- Under some circumstances and empty key list was returned. [#149]
- Uses new pinentry with keychain support for new MacGPG. [#148]