GPG Suite 2018.2 June 4th, 2018

Security Update



This releases addresses EFAIL, an exploit of a weakness in the OpenPGP standard and the handling of mixed content – encrypted content and plain content in the same message – in macOS Mail, GPGMail, as well as other OpenPGP plugins, which could help an attacker in posession of a target's encrypted messages to extract their content once decrypted. (https://efail.de)

EFAIL mitigations in GPGMail (10.13 only at the moment) Remote content is no longer loaded within encrpyted messages

If a message contains more than one encrypted part only the first part is decrypted

In case of mixed content – plain content and encrypted content – the plain content is isolated

Additional mitigations for S/MIME since unfortunately Apple has yet to completely fix EFAIL Native GPG Suite update notifications The GPG Suite updater uses native macOS notifications now to alert the user of updates

That means you will no longer be interruped in the middle of your work (or talk - sorry Edward Snowden at 34C3) Revamped key signing dialog The GPG Keychain dialog to sign a key has been vastly improved

It is now easier to sign your friends keys after you have verified them (thanks DKG for the input)

GPGMail 3.0b6 (10.13 only) Improvements EFAIL mitigations for GPGMail [#981]

Better support for iPGMail messages [#964]

Signatures created by subkeys now show the subkey fingerprint in the signature details

The signature details window was completely revamped [#619] Fixes Crash that might occur when a message looked like a MS Exchange modified PGP/MIME message as well as a Pseudo-PGP/MIME message at the same time [#978]

Attachments containing a detached signature are no longer erroneously recognized as encrypted attachment [#958]

Attachments in the .doc format could in some rare cases not be displayed [#974]

PGP Data within a S/MIME signed message was not decrypted properly [#973]

GPGMail health indicator design (in Preferences) adjusted to match macOS High Sierra's appearance [#968]

Improved handling of MDC errors [#980]

GPGMail 2.7.2 (10.12 only) Improvements Signatures created by subkeys now show the subkey fingerprint in the signature detail

The signature details window was completely revamped [#619] Fixes Improved handling of MDC errors [#980]

GPGMail 2.6.5 (10.9 - 10.11) Improvements Signatures created by subkeys now show the subkey fingerprint in the signature details

The signature details window was completely revamped [#619] Fixes Improved handling of MDC errors [#980]

GPG Keychain 1.4.3 Improvements Revamped the key signing dialog [#282]

Default key server is now sks key server pool when no defaul key server is set [#445]

Warning message about password length improved [#438, #436]

Added tooltip for the key's "Disable" option [#443] Fixes Option to include secret key during key export was not always shown [#439]

GPG Suite Preferences 2.1.2 Improvements Email is pre-filled in "Send Report" when user entered an email in the Crash Reporting option [#99]

When no key server is set, sks key server pool is used as default [#101]

GPGServices 1.11.3 Fixes GPGServices again works as expected with Microsoft Office 2016 and TorBrowser [#235]

MacGPG 2.2.7 Improvements Updated to GnuPG 2.2.7 [#713]

Enables the internal CCID driver for smart card access [#707]

Adds support for key servers protected by HTTP basic auth [#712]