Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2014-12-09 09:13:50 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "gpg2" Changes: -------- --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes 2014-08-15 09:58:17.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2014-12-09 09:13:29.000000000 +0100 @@ -1,0 +2,56 @@ +Wed Nov 26 19:21:15 UTC 2014 - [email protected] + +- fix buffer overflow in OID to string conversion function + [boo#907198], adding + gnupg-2.1.0-boo-907198-openpgp_oid_to_str-buffer-overflow.patch + +------------------------------------------------------------------- +Tue Nov 11 16:10:04 UTC 2014 - [email protected] + +- obsolete dirmngr (shipped with gpg since 2.1.0) +- spec cleanup after previous update +- get rid of "THIS IS A DEVELOPMENT VERSION" warning + http://lists.gnupg.org/pipermail/gnupg-devel/2014-November/029065.html + * added gnupg-remove_development_version_warning.patch + +------------------------------------------------------------------- +Thu Nov 6 17:32:39 UTC 2014 - [email protected] + +- upgrade to 2.1.0 (modern) + - The file "secring.gpg" is not anymore used to store the secret + keys. Merging of secret keys is now supported. + - All support for PGP-2 keys has been removed for security reasons. + - The standard key generation interface is now much leaner. This + will help a new user to quickly generate a suitable key. + - Support for Elliptic Curve Cryptography (ECC) is now available. + - Commands to create and sign keys from the command line without any + extra prompts are now available. + - The Pinentry may now show the new passphrase entry and the + passphrase confirmation entry in one dialog. + - There is no more need to manually start the gpg-agent. It is now + started by any part of GnuPG as needed. + - Problems with importing keys with the same long key id have been + addressed. + - The Dirmngr is now part of GnuPG proper and also takes care of + accessing keyserver. + - Keyserver pools are now handled in a smarter way. + - A new format for locally storing the public keys is now used. + This considerable speeds up operations on large keyrings. + - Revocation certificates are now created by default. + - Card support has been updated, new readers and token types are + supported. + - The format of the key listing has been changed to better identify + the properties of a key. + - The gpg-agent may now be used on Windows as a Pageant replacement + for Putty in the same way it is used for years on Unix as + ssh-agent replacement. + - Creation of X.509 certificates has been improved. It is now also + possible to export them directly in PKCS#8 and PEM format for use + on TLS servers. +- dropped patches: + * gnupg-2.0.20-automake113.diff + * gnupg-2.0.18-tmpdir.diff (socket is created in homedir now) +- refresh most of the remaining patches +- added new BuildRequires: gnutls-devel, pkg-config, npth-devel + +------------------------------------------------------------------- Old: ---- gnupg-2.0.18-tmpdir.diff gnupg-2.0.20-automake113.diff gnupg-2.0.26.tar.bz2 gnupg-2.0.26.tar.bz2.sig New: ---- gnupg-2.1.0-boo-907198-openpgp_oid_to_str-buffer-overflow.patch gnupg-2.1.0.tar.bz2 gnupg-2.1.0.tar.bz2.sig gnupg-remove_development_version_warning.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ gpg2.spec ++++++ --- /var/tmp/diff_new_pack.bHPm0h/_old 2014-12-09 09:13:30.000000000 +0100 +++ /var/tmp/diff_new_pack.bHPm0h/_new 2014-12-09 09:13:30.000000000 +0100 @@ -17,11 +17,29 @@ Name: gpg2 -Version: 2.0.26 +Version: 2.1.0 Release: 0 +Summary: GnuPG 2 +License: GPL-3.0+ +Group: Productivity/Networking/Security +Url: http://www.gnupg.org/aegypten2/ +Source: ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-%{version}.tar.bz2 +Source2: ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-%{version}.tar.bz2.sig +# https://www.gnupg.org/signature_key.html +Source3: %{name}.keyring +Patch2: gnupg-2.0.4-install_tools.diff +Patch4: gnupg-2.0.9-langinfo.patch +Patch5: gnupg-2.0.18-files-are-digests.patch +Patch6: gnupg-dont-fail-with-seahorse-agent.patch +Patch8: gnupg-set_umask_before_open_outfile.patch +Patch9: gnupg-detect_FIPS_mode.patch +Patch11: gnupg-add_legacy_FIPS_mode_option.patch +Patch12: gnupg-remove_development_version_warning.patch +Patch13: gnupg-2.1.0-boo-907198-openpgp_oid_to_str-buffer-overflow.patch BuildRequires: automake >= 1.10 BuildRequires: expect BuildRequires: fdupes +BuildRequires: gnutls-devel BuildRequires: libadns-devel BuildRequires: libassuan-devel >= 2.0.0 BuildRequires: libbz2-devel @@ -33,43 +51,23 @@ BuildRequires: libksba-devel >= 1.0.7 BuildRequires: libusb-devel BuildRequires: makeinfo +BuildRequires: npth-devel BuildRequires: openldap2-devel +BuildRequires: pkg-config BuildRequires: readline-devel BuildRequires: zlib-devel -%if 0%{?suse_version} >= 1120 -BuildRequires: libpth-devel >= 1.3.7 -%else -BuildRequires: pth >= 1.3.7 -%endif -Url: http://www.gnupg.org/aegypten2/ -PreReq: %install_info_prereq -Requires: dirmngr Requires: pinentry -Recommends: %name-lang = %{version} +# FIXME: use proper Requires(pre/post/preun/...) +PreReq: %{install_info_prereq} +Recommends: %{name}-lang = %{version} +Obsoletes: dirmngr < 2.1.0 +Provides: dirmngr = %{version} Provides: gnupg = %{version} Provides: gpg = 1.4.9 Provides: newpg # special feature needed for OBS signd Provides: gpg2_signd_support Obsoletes: gpg < 1.4.9 -Summary: GnuPG 2 -License: GPL-3.0+ -Group: Productivity/Networking/Security -Source: ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-%{version}.tar.bz2 -Source2: ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-%{version}.tar.bz2.sig -# https://www.gnupg.org/signature_key.html -Source3: %{name}.keyring -Patch1: gnupg-2.0.18-tmpdir.diff -Patch2: gnupg-2.0.4-install_tools.diff -Patch4: gnupg-2.0.9-langinfo.patch -Patch5: gnupg-2.0.18-files-are-digests.patch -Patch6: gnupg-dont-fail-with-seahorse-agent.patch -Patch8: gnupg-set_umask_before_open_outfile.patch -Patch9: gnupg-detect_FIPS_mode.patch -# PATCH-FIX-OPENSUSE [email protected] -- automake 1.13 already includes $SHELL -Patch10: gnupg-2.0.20-automake113.diff -Patch11: gnupg-add_legacy_FIPS_mode_option.patch - BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -77,22 +75,23 @@ gpg-agent, and a keybox library. %lang_package + %prep -%setup -q -n gnupg-%version -%patch1 -p1 +%setup -q -n gnupg-%{version} %patch2 %patch4 -p1 %patch5 -p1 %patch6 -p1 %patch8 -p1 %patch9 -p1 -%patch10 -p1 %patch11 -p1 +%patch12 -p1 +%patch13 -p1 %build autoreconf -fi # build PIEs (position independent executables) for address space randomisation: -%ifarch s390x %sparc +%ifarch s390x %{sparc} # s390x needs to use the large PIE model (at least for gpg.c): PIE="-fPIE" %else @@ -103,10 +102,10 @@ %configure \ --libexecdir=%{_libdir} \ --docdir=%{_docdir}/%{name} \ - --with-agent-pgm=%{_prefix}/bin/gpg-agent \ - --with-pinentry-pgm=%{_prefix}/bin/pinentry \ - --with-dirmngr-pgm=%{_prefix}/bin/dirmngr \ - --with-scdaemon-pgm=%{_prefix}/bin/scdaemon \ + --with-agent-pgm=%{_bindir}/gpg-agent \ + --with-pinentry-pgm=%{_bindir}/pinentry \ + --with-dirmngr-pgm=%{_bindir}/dirmngr \ + --with-scdaemon-pgm=%{_bindir}/scdaemon \ --enable-ldap \ --enable-gpgsm=yes \ --enable-gpg \ @@ -116,34 +115,33 @@ make %{?_smp_mflags} %install -%makeinstall -mkdir -p $RPM_BUILD_ROOT/etc/gnupg/ +make DESTDIR=%{buildroot} install %{?_smp_mflags} +mkdir -p %{buildroot}%{_sysconfdir}/gnupg/ # bnc#391347 -install -m 644 doc/examples/gpgconf.conf $RPM_BUILD_ROOT/etc/gnupg +install -m 644 doc/examples/gpgconf.conf %{buildroot}%{_sysconfdir}/gnupg # delete to prevent fdupes from creating cross-partition hardlink -rm -rf $RPM_BUILD_ROOT/usr/share/doc/packages/gpg2/examples/gpgconf.conf -rm $RPM_BUILD_ROOT/usr/share/info/dir +rm -rf %{buildroot}%{_docdir}/gpg2/examples/gpgconf.conf +rm %{buildroot}%{_infodir}/dir # compat symlinks -ln -sf gpg2 $RPM_BUILD_ROOT/usr/bin/gpg -ln -sf gpgv2 $RPM_BUILD_ROOT/usr/bin/gpgv -ln -sf gpg2.1 $RPM_BUILD_ROOT/usr/share/man/man1/gpg.1 -ln -sf gpgv2.1 $RPM_BUILD_ROOT/usr/share/man/man1/gpgv.1 +ln -sf gpg2 %{buildroot}%{_bindir}/gpg +ln -sf gpgv2 %{buildroot}%{_bindir}/gpgv +ln -sf gpg2.1 %{buildroot}%{_mandir}/man1/gpg.1 +ln -sf gpgv2.1 %{buildroot}%{_mandir}/man1/gpgv.1 # fix rpmlint invalid-lc-messages-dir: -rm -rf $RPM_BUILD_ROOT/%_datadir/locale/en@{bold,}quot +rm -rf %{buildroot}/%{_datadir}/locale/en@{bold,}quot # additional files to documentation directory -install -m 644 AUTHORS COPYING ChangeLog NEWS THANKS TODO doc/FAQ $RPM_BUILD_ROOT/%{_docdir}/%{name} +install -m 644 AUTHORS COPYING ChangeLog NEWS THANKS TODO doc/FAQ %{buildroot}/%{_docdir}/%{name} # install scdaemon to %{_bindir} (bnc#863645) mv %{buildroot}%{_libdir}/scdaemon %{buildroot}%{_bindir} +mv %{buildroot}%{_libdir}/dirmngr_ldap %{buildroot}%{_bindir} %find_lang gnupg2 %if 0%{?suse_version} > 1020 -%fdupes %buildroot +%fdupes %{buildroot} %endif %check %if ! 0%{?qemu_user_space_build} make check -$RPM_BUILD_ROOT/usr/bin/gpgsplit -v -p pubsplit- --uncompress <tests/openpgp/pubring.gpg -$RPM_BUILD_ROOT/usr/bin/gpgsplit -v -p secsplit- --secret-to-public --uncompress <tests/openpgp/secring.gpg %endif %post @@ -153,6 +151,7 @@ %install_info_delete --info-dir=%{_infodir} %{_infodir}/gnupg.info.gz %files lang -f gnupg2.lang +%defattr(-,root,root) %files %defattr(-,root,root) ++++++ gnupg-2.0.18-files-are-digests.patch ++++++ --- /var/tmp/diff_new_pack.bHPm0h/_old 2014-12-09 09:13:30.000000000 +0100 +++ /var/tmp/diff_new_pack.bHPm0h/_new 2014-12-09 09:13:30.000000000 +0100 @@ -4,11 +4,11 @@ g10/sign.c | 66 +++++++++++++++++++++++++++++++++++++++++++++++++++++----- 3 files changed, 66 insertions(+), 5 deletions(-) -Index: gnupg-2.0.23/g10/gpg.c +Index: gnupg-2.1.0/g10/gpg.c =================================================================== ---- gnupg-2.0.23.orig/g10/gpg.c 2014-06-03 22:36:44.000000000 +0100 -+++ gnupg-2.0.23/g10/gpg.c 2014-06-03 22:36:55.000000000 +0100 -@@ -345,6 +345,7 @@ enum cmd_and_opt_values +--- gnupg-2.1.0.orig/g10/gpg.c 2014-11-07 11:35:21.599605797 +0100 ++++ gnupg-2.1.0/g10/gpg.c 2014-11-07 16:50:14.742067262 +0100 +@@ -349,6 +349,7 @@ enum cmd_and_opt_values oTTYtype, oLCctype, oLCmessages, @@ -16,35 +16,35 @@ oXauthority, oGroup, oUnGroup, -@@ -711,6 +712,7 @@ static ARGPARSE_OPTS opts[] = { - ARGPARSE_s_s (oPersonalDigestPreferences, "personal-digest-preferences","@"), +@@ -733,6 +734,7 @@ static ARGPARSE_OPTS opts[] = { ARGPARSE_s_s (oPersonalCompressPreferences, "personal-compress-preferences", "@"), + ARGPARSE_s_s (oFakedSystemTime, "faked-system-time", "@"), + ARGPARSE_s_n (oFilesAreDigests, "files-are-digests", "@"), /* Aliases. I constantly mistype these, and assume other people do as well. */ -@@ -2001,6 +2003,7 @@ main (int argc, char **argv) - opt.def_sig_expire="0"; - opt.def_cert_expire="0"; - set_homedir ( default_homedir () ); -+ opt.files_are_digests=0; - opt.passphrase_repeat=1; +@@ -2126,6 +2128,7 @@ main (int argc, char **argv) + opt.def_cert_expire = "0"; + set_homedir (default_homedir ()); + opt.passphrase_repeat = 1; ++ opt.files_are_digests=0; opt.emit_version = 1; /* Limit to the major number. */ -@@ -2491,6 +2494,7 @@ main (int argc, char **argv) + /* Check whether we have a config file on the command line. */ +@@ -2630,6 +2633,7 @@ main (int argc, char **argv) + opt.verify_options&=~VERIFY_SHOW_PHOTOS; + break; case oPhotoViewer: opt.photo_viewer = pargs.r.ret_str; break; - case oForceV3Sigs: opt.force_v3_sigs = 1; break; - case oNoForceV3Sigs: opt.force_v3_sigs = 0; break; + case oFilesAreDigests: opt.files_are_digests = 1; break; - case oForceV4Certs: opt.force_v4_certs = 1; break; - case oNoForceV4Certs: opt.force_v4_certs = 0; break; + case oForceMDC: opt.force_mdc = 1; break; -Index: gnupg-2.0.23/g10/options.h + case oNoForceMDC: opt.force_mdc = 0; break; +Index: gnupg-2.1.0/g10/options.h =================================================================== ---- gnupg-2.0.23.orig/g10/options.h 2014-06-03 22:36:44.000000000 +0100 -+++ gnupg-2.0.23/g10/options.h 2014-06-03 22:36:55.000000000 +0100 -@@ -198,6 +198,7 @@ struct +--- gnupg-2.1.0.orig/g10/options.h 2014-11-07 11:35:21.599605797 +0100 ++++ gnupg-2.1.0/g10/options.h 2014-11-07 16:49:59.770885017 +0100 +@@ -193,6 +193,7 @@ struct int no_auto_check_trustdb; int preserve_permissions; int no_homedir_creation; @@ -52,24 +52,24 @@ struct groupitem *grouplist; int mangle_dos_filenames; int enable_progress_filter; -Index: gnupg-2.0.23/g10/sign.c +Index: gnupg-2.1.0/g10/sign.c =================================================================== ---- gnupg-2.0.23.orig/g10/sign.c 2014-06-03 22:36:44.000000000 +0100 -+++ gnupg-2.0.23/g10/sign.c 2014-06-03 22:36:55.000000000 +0100 -@@ -665,8 +665,12 @@ write_signature_packets (SK_LIST sk_list - mk_notation_policy_etc (sig, NULL, sk); - } - -+ if (!opt.files_are_digests) { - hash_sigversion_to_magic (md, sig); - gcry_md_final (md); -+ } else if (sig->version >= 4) { -+ log_bug("files-are-digests doesn't work with v4 sigs\n"); -+ } - - rc = do_sign( sk, sig, md, hash_for (sk) ); - gcry_md_close (md); -@@ -723,6 +727,8 @@ sign_file( strlist_t filenames, int deta +--- gnupg-2.1.0.orig/g10/sign.c 2014-11-07 11:35:21.599605797 +0100 ++++ gnupg-2.1.0/g10/sign.c 2014-11-07 17:13:40.128218081 +0100 +@@ -703,8 +703,12 @@ write_signature_packets (SK_LIST sk_list + build_sig_subpkt_from_sig (sig); + mk_notation_policy_etc (sig, pk, NULL); + ++ if (!opt.files_are_digests) { + hash_sigversion_to_magic (md, sig); + gcry_md_final (md); ++ } else if (sig->version >= 4) { ++ log_bug("files-are-digests doesn't work with v4 sigs\n"); ++ } + + rc = do_sign (pk, sig, md, hash_for (pk), cache_nonce); + gcry_md_close (md); +@@ -762,6 +766,8 @@ sign_file (ctrl_t ctrl, strlist_t filena SK_LIST sk_rover = NULL; int multifile = 0; u32 duration=0; @@ -78,7 +78,7 @@ pfx = new_progress_context (); afx = new_armor_context (); -@@ -739,7 +745,16 @@ sign_file( strlist_t filenames, int deta +@@ -778,7 +784,16 @@ sign_file (ctrl_t ctrl, strlist_t filena fname = NULL; if( fname && filenames->next && (!detached || encryptflag) ) @@ -96,7 +96,7 @@ if(encryptflag==2 && (rc=setup_symkey(&efx.symkey_s2k,&efx.symkey_dek))) -@@ -767,7 +782,7 @@ sign_file( strlist_t filenames, int deta +@@ -799,7 +814,7 @@ sign_file (ctrl_t ctrl, strlist_t filena goto leave; /* prepare iobufs */ @@ -105,16 +105,16 @@ inp = NULL; /* we do it later */ else { inp = iobuf_open(fname); -@@ -900,7 +915,7 @@ sign_file( strlist_t filenames, int deta - gcry_md_enable (mfx.md, hash_for(sk)); - } +@@ -938,7 +953,7 @@ sign_file (ctrl_t ctrl, strlist_t filena + for (sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next) + gcry_md_enable (mfx.md, hash_for (sk_rover->pk)); - if( !multifile ) + if( !multifile && !opt.files_are_digests ) iobuf_push_filter( inp, md_filter, &mfx ); - if( detached && !encryptflag && !RFC1991 ) -@@ -955,6 +970,8 @@ sign_file( strlist_t filenames, int deta + if( detached && !encryptflag) +@@ -993,6 +1008,8 @@ sign_file (ctrl_t ctrl, strlist_t filena write_status_begin_signing (mfx.md); @@ -123,7 +123,7 @@ /* Setup the inner packet. */ if( detached ) { if( multifile ) { -@@ -995,6 +1012,45 @@ sign_file( strlist_t filenames, int deta +@@ -1033,6 +1050,45 @@ sign_file (ctrl_t ctrl, strlist_t filena if( opt.verbose ) putc( '\n', stderr ); } @@ -169,14 +169,14 @@ else { /* read, so that the filter can calculate the digest */ while( iobuf_get(inp) != -1 ) -@@ -1012,8 +1068,8 @@ sign_file( strlist_t filenames, int deta +@@ -1050,8 +1106,8 @@ sign_file (ctrl_t ctrl, strlist_t filena /* write the signatures */ rc = write_signature_packets (sk_list, out, mfx.md, - opt.textmode && !outfile? 0x01 : 0x00, -- 0, duration, detached ? 'D':'S'); +- 0, duration, detached ? 'D':'S', NULL); + sigclass, -+ timestamp, duration, detached ? 'D':'S'); ++ timestamp, duration, detached ? 'D':'S', NULL); if( rc ) goto leave; ++++++ gnupg-2.0.4-install_tools.diff ++++++ --- /var/tmp/diff_new_pack.bHPm0h/_old 2014-12-09 09:13:30.000000000 +0100 +++ /var/tmp/diff_new_pack.bHPm0h/_new 2014-12-09 09:13:30.000000000 +0100 @@ -1,8 +1,8 @@ Index: tools/Makefile.am =================================================================== ---- tools/Makefile.am.orig -+++ tools/Makefile.am -@@ -32,8 +32,8 @@ sbin_SCRIPTS = addgnupghome applygnupgde +--- tools/Makefile.am.orig 2014-11-06 18:12:17.743916141 +0100 ++++ tools/Makefile.am 2014-11-06 18:13:17.073677366 +0100 +@@ -36,8 +36,8 @@ sbin_SCRIPTS = addgnupghome applygnupgde bin_SCRIPTS = gpgsm-gencert.sh if HAVE_USTAR @@ -13,20 +13,21 @@ endif if BUILD_SYMCRYPTRUN -@@ -51,14 +51,14 @@ endif - - bin_PROGRAMS = gpgconf gpg-connect-agent gpgkey2ssh ${symcryptrun} ${gpgtar} +@@ -55,7 +55,7 @@ endif + # Fixme: We should remove the gpgkey2ssh tool. + bin_PROGRAMS = gpgconf gpg-connect-agent ${symcryptrun} if !HAVE_W32_SYSTEM -bin_PROGRAMS += watchgnupg gpgparsemail +bin_PROGRAMS += watchgnupg gpgparsemail gpgsplit endif - - if !DISABLE_REGEX - libexec_PROGRAMS = gpg-check-pattern + if !HAVE_W32CE_SYSTEM + bin_PROGRAMS += gpgkey2ssh ${gpgtar} +@@ -66,7 +66,7 @@ libexec_PROGRAMS = gpg-check-pattern endif + if !HAVE_W32CE_SYSTEM -noinst_PROGRAMS = clean-sat mk-tdata make-dns-cert gpgsplit +noinst_PROGRAMS = clean-sat mk-tdata make-dns-cert + endif - common_libs = $(libcommon) ../jnlib/libjnlib.a ../gl/libgnu.a - pwquery_libs = ../common/libsimple-pwquery.a + common_libs = $(libcommon) ../gl/libgnu.a ++++++ gnupg-2.0.9-langinfo.patch ++++++ --- /var/tmp/diff_new_pack.bHPm0h/_old 2014-12-09 09:13:30.000000000 +0100 +++ /var/tmp/diff_new_pack.bHPm0h/_new 2014-12-09 09:13:30.000000000 +0100 @@ -3,12 +3,12 @@ # jnlib/utf8conv.c | 1 + # 1 file changed, 1 insertion(+) # -Index: gnupg-2.0.21/jnlib/utf8conv.c +Index: gnupg-2.1.0/common/utf8conv.c =================================================================== ---- gnupg-2.0.21.orig/jnlib/utf8conv.c 2013-08-19 09:55:30.000000000 +0100 -+++ gnupg-2.0.21/jnlib/utf8conv.c 2013-08-19 18:53:22.000000000 +0100 -@@ -148,6 +148,7 @@ set_native_charset (const char *newset) - #else /*!HAVE_W32_SYSTEM*/ +--- gnupg-2.1.0.orig/common/utf8conv.c 2014-10-11 19:45:14.000000000 +0200 ++++ gnupg-2.1.0/common/utf8conv.c 2014-11-07 11:35:05.491413258 +0100 +@@ -198,6 +198,7 @@ set_native_charset (const char *newset) + #else /*!HAVE_W32_SYSTEM && !HAVE_ANDROID_SYSTEM*/ #ifdef HAVE_LANGINFO_CODESET + setlocale(LC_ALL, ""); ++++++ gnupg-2.1.0-boo-907198-openpgp_oid_to_str-buffer-overflow.patch ++++++ From: Werner Koch <[email protected]> Date: Tue, 25 Nov 2014 11:58:56 +0100 Subject: [PATCH] Fix buffer overflow in openpgp_oid_to_str. References: boo#907198 http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=8445ef24fc31e1fe0291e17f90f9f06b536e34da Upstream: committed * common/openpgp-oid.c (openpgp_oid_to_str): Fix unsigned underflow. * common/t-openpgp-oid.c (BADOID): New. (test_openpgp_oid_to_str): Add test cases. -- The code has an obvious error by not considering invalid encoding for arc-2. A first byte of 0x80 can be used to make a value of less then 80 and we then subtract 80 from that value as required by the OID encoding rules. Due to the unsigned integer this results in a pretty long value which won't fit anymore into the allocated buffer. The fix is obvious. Also added a few simple test cases. Note that we keep on using sprintf instead of snprintf because managing the remaining length of the buffer would probably be more error prone than assuring that the buffer is large enough. Getting rid of sprintf altogether by using direct conversion along with membuf_t like code might be possible. Reported-by: Hanno Böck Signed-off-by: Werner Koch <[email protected]> Ported from libksba commit f715b9e156dfa99ae829fc694e5a0abd23ef97d7 --- common/openpgp-oid.c | 2 ++ common/t-openpgp-oid.c | 9 +++++++++ 2 files changed, 11 insertions(+) diff --git a/common/openpgp-oid.c b/common/openpgp-oid.c index 010c23f..d3d1f2a 100644 --- a/common/openpgp-oid.c +++ b/common/openpgp-oid.c @@ -236,6 +236,8 @@ openpgp_oid_to_str (gcry_mpi_t a) val <<= 7; val |= buf[n] & 0x7f; } + if (val < 80) + goto badoid; val -= 80; sprintf (p, "2.%lu", val); p += strlen (p); diff --git a/common/t-openpgp-oid.c b/common/t-openpgp-oid.c index 79e5a70..5cd778d 100644 --- a/common/t-openpgp-oid.c +++ b/common/t-openpgp-oid.c @@ -32,6 +32,9 @@ } while(0) +#define BADOID "1.3.6.1.4.1.11591.2.12242973" + + static void test_openpgp_oid_from_str (void) { @@ -108,6 +111,12 @@ test_openpgp_oid_to_str (void) { "1.3.132.0.35", { 5, 0x2B, 0x81, 0x04, 0x00, 0x23 }}, + { BADOID, + { 9, 0x80, 0x02, 0x70, 0x50, 0x25, 0x46, 0xfd, 0x0c, 0xc0 }}, + + { BADOID, + { 1, 0x80 }}, + { NULL }}; gcry_mpi_t a; int idx; -- 1.7.10.4 ++++++ gnupg-2.0.26.tar.bz2 -> gnupg-2.1.0.tar.bz2 ++++++ ++++ 590095 lines of diff (skipped) ++++++ gnupg-add_legacy_FIPS_mode_option.patch ++++++ --- /var/tmp/diff_new_pack.bHPm0h/_old 2014-12-09 09:13:33.000000000 +0100 +++ /var/tmp/diff_new_pack.bHPm0h/_new 2014-12-09 09:13:33.000000000 +0100 @@ -3,11 +3,11 @@ g10/gpg.c | 9 +++++++++ 2 files changed, 27 insertions(+) -Index: gnupg-2.0.23/doc/gpg.texi +Index: gnupg-2.1.0/doc/gpg.texi =================================================================== ---- gnupg-2.0.23.orig/doc/gpg.texi 2014-06-03 22:22:56.000000000 +0100 -+++ gnupg-2.0.23/doc/gpg.texi 2014-06-03 22:25:03.000000000 +0100 -@@ -1851,6 +1851,24 @@ implies, this option is for experts only +--- gnupg-2.1.0.orig/doc/gpg.texi 2014-11-06 18:31:32.218688065 +0100 ++++ gnupg-2.1.0/doc/gpg.texi 2014-11-06 18:31:33.871709178 +0100 +@@ -1828,6 +1828,24 @@ implies, this option is for experts only understand the implications of what it allows you to do, leave this off. @option{--no-expert} disables this option. @@ -32,19 +32,19 @@ @end table -Index: gnupg-2.0.23/g10/gpg.c +Index: gnupg-2.1.0/g10/gpg.c =================================================================== ---- gnupg-2.0.23.orig/g10/gpg.c 2014-06-03 22:24:52.000000000 +0100 -+++ gnupg-2.0.23/g10/gpg.c 2014-06-03 22:25:56.000000000 +0100 -@@ -369,6 +369,7 @@ enum cmd_and_opt_values - oAllowMultipleMessages, +--- gnupg-2.1.0.orig/g10/gpg.c 2014-11-06 18:31:32.220688090 +0100 ++++ gnupg-2.1.0/g10/gpg.c 2014-11-06 18:32:03.833091859 +0100 +@@ -380,6 +380,7 @@ enum cmd_and_opt_values oNoAllowMultipleMessages, oAllowWeakDigestAlgos, + oFakedSystemTime, + oSetLegacyFips, oNoop }; -@@ -746,6 +747,7 @@ static ARGPARSE_OPTS opts[] = { +@@ -772,6 +773,7 @@ static ARGPARSE_OPTS opts[] = { ARGPARSE_s_n (oAllowMultipleMessages, "allow-multiple-messages", "@"), ARGPARSE_s_n (oNoAllowMultipleMessages, "no-allow-multiple-messages", "@"), ARGPARSE_s_n (oAllowWeakDigestAlgos, "allow-weak-digest-algos", "@"), @@ -52,8 +52,8 @@ /* These two are aliases to help users of the PGP command line product use gpg with minimal pain. Many commands are common -@@ -2959,6 +2961,13 @@ main (int argc, char **argv) - opt.flags.allow_weak_digest_algos = 1; +@@ -3138,6 +3140,13 @@ main (int argc, char **argv) + } break; + case oSetLegacyFips: ++++++ gnupg-detect_FIPS_mode.patch ++++++ --- /var/tmp/diff_new_pack.bHPm0h/_old 2014-12-09 09:13:33.000000000 +0100 +++ /var/tmp/diff_new_pack.bHPm0h/_new 2014-12-09 09:13:33.000000000 +0100 @@ -1,37 +1,24 @@ -Index: gnupg-2.0.19/g10/encode.c +Index: gnupg-2.1.0/g10/encrypt.c =================================================================== ---- gnupg-2.0.19.orig/g10/encode.c 2013-03-14 14:23:58.009483967 +0100 -+++ gnupg-2.0.19/g10/encode.c 2013-03-14 15:49:50.524306304 +0100 -@@ -732,7 +732,10 @@ encrypt_filter( void *opaque, int contro - if( efx->cfx.dek->algo == -1 ) { - /* because 3DES is implicitly in the prefs, this can only - * happen if we do not have any public keys in the list */ -- efx->cfx.dek->algo = DEFAULT_CIPHER_ALGO; +--- gnupg-2.1.0.orig/g10/encrypt.c 2014-11-06 18:27:35.176659675 +0100 ++++ gnupg-2.1.0/g10/encrypt.c 2014-11-06 18:29:10.987883901 +0100 +@@ -783,7 +783,10 @@ encrypt_filter (void *opaque, int contro + /* Because 3DES is implicitly in the prefs, this can + only happen if we do not have any public keys in + the list. */ +- efx->cfx.dek->algo = DEFAULT_CIPHER_ALGO; + /* Libgcrypt manual says that gcry_version_check must be called + before calling gcry_fips_mode_active. */ + gcry_check_version (NULL); + efx->cfx.dek->algo = gcry_fips_mode_active() ? CIPHER_ALGO_AES : DEFAULT_CIPHER_ALGO; } - /* In case 3DES has been selected, print a warning if -Index: gnupg-2.0.19/g10/gpg.c + /* In case 3DES has been selected, print a warning if +Index: gnupg-2.1.0/g10/mainproc.c =================================================================== ---- gnupg-2.0.19.orig/g10/gpg.c 2013-03-14 14:24:00.031545611 +0100 -+++ gnupg-2.0.19/g10/gpg.c 2013-03-14 14:24:37.495687612 +0100 -@@ -1975,7 +1975,7 @@ main (int argc, char **argv) - opt.compress_algo = -1; /* defaults to DEFAULT_COMPRESS_ALGO */ - opt.s2k_mode = 3; /* iterated+salted */ - opt.s2k_count = 0; /* Auto-calibrate when needed. */ -- opt.s2k_cipher_algo = CIPHER_ALGO_CAST5; -+ opt.s2k_cipher_algo = gcry_fips_mode_active() ? CIPHER_ALGO_AES : CIPHER_ALGO_CAST5; - opt.completes_needed = 1; - opt.marginals_needed = 3; - opt.max_cert_depth = 5; -Index: gnupg-2.0.19/g10/mainproc.c -=================================================================== ---- gnupg-2.0.19.orig/g10/mainproc.c 2013-03-14 14:23:58.011484028 +0100 -+++ gnupg-2.0.19/g10/mainproc.c 2013-03-14 15:50:50.970127383 +0100 -@@ -685,9 +685,15 @@ proc_plaintext( CTX c, PACKET *pkt ) +--- gnupg-2.1.0.orig/g10/mainproc.c 2014-11-06 18:27:33.243634973 +0100 ++++ gnupg-2.1.0/g10/mainproc.c 2014-11-06 18:27:35.178659700 +0100 +@@ -690,9 +690,15 @@ proc_plaintext( CTX c, PACKET *pkt ) often. There is no good way to specify what algorithms to use in that case, so these three are the historical answer. */ @@ -47,5 +34,5 @@ + if( !gcry_fips_mode_active() ) + gcry_md_enable( c->mfx.md, DIGEST_ALGO_MD5 ); } - if( opt.pgp2_workarounds && only_md5 && !opt.skip_verify ) { - /* This is a kludge to work around a bug in pgp2. It does only + if (opt.pgp2_workarounds && only_md5 && !opt.skip_verify + && opt.flags.allow_weak_digest_algos) { ++++++ gnupg-dont-fail-with-seahorse-agent.patch ++++++ --- /var/tmp/diff_new_pack.bHPm0h/_old 2014-12-09 09:13:33.000000000 +0100 +++ /var/tmp/diff_new_pack.bHPm0h/_new 2014-12-09 09:13:33.000000000 +0100 @@ -2,11 +2,11 @@ g10/passphrase.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -Index: gnupg-2.0.23/g10/passphrase.c +Index: gnupg-2.1.0/g10/passphrase.c =================================================================== ---- gnupg-2.0.23.orig/g10/passphrase.c 2014-06-03 07:59:18.000000000 +0100 -+++ gnupg-2.0.23/g10/passphrase.c 2014-06-03 22:37:30.000000000 +0100 -@@ -72,7 +72,7 @@ encode_s2k_iterations (int iterations) +--- gnupg-2.1.0.orig/g10/passphrase.c 2014-11-07 16:52:11.080483153 +0100 ++++ gnupg-2.1.0/g10/passphrase.c 2014-11-07 16:52:11.996494299 +0100 +@@ -71,7 +71,7 @@ encode_s2k_iterations (int iterations) { /* Don't print an error if an older agent is used. */ if (err && gpg_err_code (err) != GPG_ERR_ASS_PARAMETER) ++++++ gnupg-remove_development_version_warning.patch ++++++ Index: gnupg-2.1.0/autogen.sh =================================================================== --- gnupg-2.1.0.orig/autogen.sh 2014-11-05 09:04:41.000000000 +0100 +++ gnupg-2.1.0/autogen.sh 2014-11-11 17:46:57.154859332 +0100 @@ -228,8 +228,8 @@ if [ "$myhost" = "find-version" ]; then rvd=$((0x$(echo ${rev} | head -c 4))) else ingit=no - beta=yes - tmp="-unknown" + beta=no + tmp="" rev="0000000" rvd="0" fi ++++++ gnupg-set_umask_before_open_outfile.patch ++++++ --- /var/tmp/diff_new_pack.bHPm0h/_old 2014-12-09 09:13:33.000000000 +0100 +++ /var/tmp/diff_new_pack.bHPm0h/_new 2014-12-09 09:13:33.000000000 +0100 @@ -1,14 +1,14 @@ -Index: gnupg-2.0.20/g10/plaintext.c +Index: gnupg-2.1.0/g10/plaintext.c =================================================================== ---- gnupg-2.0.20.orig/g10/plaintext.c 2013-05-13 14:26:49.290737159 +0200 -+++ gnupg-2.0.20/g10/plaintext.c 2013-05-13 14:43:21.740575875 +0200 +--- gnupg-2.1.0.orig/g10/plaintext.c 2014-11-07 11:35:18.100563974 +0100 ++++ gnupg-2.1.0/g10/plaintext.c 2014-11-07 16:51:59.919347340 +0100 @@ -25,6 +25,7 @@ #include <errno.h> #include <assert.h> #include <sys/types.h> +#include <sys/stat.h> #ifdef HAVE_DOSISH_SYSTEM - #include <fcntl.h> /* for setmode() */ + # include <fcntl.h> /* for setmode() */ #endif @@ -39,6 +40,9 @@ #include "status.h" @@ -18,20 +18,21 @@ +#define GPG_SAFE_PERMS (S_IRUSR | S_IWUSR) +#define GPG_SAFE_UMASK (0777 & ~GPG_SAFE_PERMS) - /**************** - * Handle a plaintext packet. If MFX is not NULL, update the MDs -@@ -140,10 +144,15 @@ handle_plaintext( PKT_plaintext *pt, md_ - log_error(_("error creating `%s': %s\n"), fname, strerror(errno) ); - goto leave; - } -- else if( !(fp = fopen(fname,"wb")) ) { -- rc = gpg_error_from_syserror (); -- log_error(_("error creating `%s': %s\n"), fname, strerror(errno) ); -- goto leave; + /* Handle a plaintext packet. If MFX is not NULL, update the MDs + * Note: We should have used the filter stuff here, but we have to add +@@ -169,11 +173,15 @@ handle_plaintext (PKT_plaintext * pt, md + log_error (_("error creating '%s': %s\n"), fname, gpg_strerror (err)); + goto leave; + } +- else if (!(fp = es_fopen (fname, "wb"))) +- { +- err = gpg_error_from_syserror (); +- log_error (_("error creating '%s': %s\n"), fname, gpg_strerror (err)); +- goto leave; + else { + mode_t saved_umask = umask(GPG_SAFE_UMASK); -+ if( !(fp = fopen(fname,"wb")) ) { -+ rc = gpg_error_from_syserror (); ++ if( !(fp = es_fopen(fname,"wb")) ) { ++ err = gpg_error_from_syserror (); + log_error(_("error creating `%s': %s\n"), fname, strerror(errno) ); + umask(saved_umask); + goto leave; @@ -39,4 +40,4 @@ + umask(saved_umask); } #else /* __riscos__ */ - /* If no output filename was given, i.e. we constructed it, + /* If no output filename was given, i.e. we constructed it, convert ++++++ gpg2.keyring ++++++ ++++ 622 lines (skipped) ++++ between gpg2.keyring ++++ and /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.keyring -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
