Description:The GNU Privacy Guard, a GPL OpenPGP implementation
License: GPL-3
  • + - stable
  • ~ - unstable
  • M - hardmask
alpha amd64 arm hppa ia64 m68k mips ppc ppc64 s390 sh sparc x86
2.3.1 diff ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ - ~ ~
2.2.27 ~ + + + ~ ~ ~ + + ~ - + +

USE flags

  • adns - Add support for asynchronous DNS resolution
  • bindist - Flag to enable or disable options for prebuilt (GRP) packages (eg. due to licensing issues)
  • bzip2 - Use the bzlib compression library
  • caps - Use Linux capabilities library to control privilege
  • curl - Add support for client-side URL transfer library
  • doc - Add extra documentation (API, Javadoc, etc). It is recommended to enable per package instead of globally
  • gnutls - Prefer net-libs/gnutls as SSL/TLS provider (ineffective with USE=-ssl)
  • ldap - Add LDAP support (Lightweight Directory Access Protocol)
  • linguas_ru - Russian locale
  • nls - Add Native Language Support (using gettext - GNU locale utilities)
  • readline - Enable support for libreadline, a GNU line-editing library that almost everyone wants
  • scd-shared-access - Allow concurrent access to scdaemon by multiple apps from same user. Useful if you want to use scdaemon with gnupg and for example NitroKey.
  • selinux - !!internal use only!! Security Enhanced Linux support, this must be set by the selinux profile or breakage will occur
  • smartcard - Build scdaemon software. Enables usage of OpenPGP cards. For other type of smartcards, try app-crypt/gnupg-pkcs11-scd. Bring in dev-libs/libusb as a dependency; enable scdaemon.
  • sqlite - Add support for sqlite - embedded sql database
  • ssl - Add support for SSL/TLS connections (Secure Socket Layer / Transport Layer Security)
  • static - !!do not set this during bootstrap!! Causes binaries to be statically linked instead of dynamically
  • tofu - Enable support for Trust on First use trust model; requires dev-db/sqlite.
  • tools - Install extra tools (including gpgsplit and gpg-zip).
  • usb - Build direct CCID access for scdaemon; requires dev-libs/libusb.
  • user-socket - try a socket directory which is not removed by init manager at session end
  • wks-server - Install the wks-server
  • zlib - Add support for zlib (de)compression

Security Advisory

Date Severity Title
over 4 years normal GnuPG: RNG output is predictable
almost 5 years normal GnuPG: Multiple vulnerabilities
almost 7 years normal GnuPG: Denial of Service
about 7 years normal GnuPG, Libgcrypt: Multiple vulnerabilities
over 9 years normal GnuPG: User-assisted execution of arbitrary code
over 14 years normal GnuPG: Multiple vulnerabilities
almost 15 years high GnuPG: Integer overflow vulnerability
about 15 years normal GnuPG: Incorrect signature verification
about 15 years normal GnuPG: Incorrect signature verification
about 16 years low GnuPG: OpenPGP protocol attack
over 17 years translation missing: en, label_glsa_minimal GnuPG: ElGamal signing keys compromised and format string vulnerability

Also available in: Atom

Thank you!