Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2016-06-07 23:43:36 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "gpg2" Changes: -------- --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes 2016-05-17 17:07:02.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2016-06-07 23:43:38.000000000 +0200 @@ -1,0 +2,6 @@ +Thu Jun 2 16:01:40 UTC 2016 - [email protected] + +- add gnupg-fix-signature-checking.patch (bsc#981020) + https://bugs.gnupg.org/gnupg/issue2351 + +------------------------------------------------------------------- New: ---- gnupg-fix-signature-checking.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ gpg2.spec ++++++ --- /var/tmp/diff_new_pack.O0ykhB/_old 2016-06-07 23:43:39.000000000 +0200 +++ /var/tmp/diff_new_pack.O0ykhB/_new 2016-06-07 23:43:39.000000000 +0200 @@ -34,6 +34,7 @@ Patch8: gnupg-set_umask_before_open_outfile.patch Patch9: gnupg-detect_FIPS_mode.patch Patch11: gnupg-add_legacy_FIPS_mode_option.patch +Patch12: gnupg-fix-signature-checking.patch BuildRequires: expect BuildRequires: fdupes BuildRequires: libadns-devel @@ -84,6 +85,7 @@ %patch8 -p1 %patch9 -p1 %patch11 -p1 +%patch12 -p1 %build date=$(date -u +%{Y}-%{m}-%{dT}%{H}:%{M}+0000 -r %{SOURCE99}) ++++++ gnupg-fix-signature-checking.patch ++++++ >From 83a90a916e8e2f8e44c3b11d11e1dd75f65a87fb Mon Sep 17 00:00:00 2001 From: NIIBE Yutaka <[email protected]> Date: Wed, 11 May 2016 19:27:03 +0900 Subject: [PATCH] g10: Fix signature checking. * g10/sig-check.c (check_signature_over_key_or_uid): Fix call to walk_kbnode. -- Thanks to Vincent Brillault (Feandil). GnuPG-bug-id: 2351 Signed-off-by: NIIBE Yutaka <[email protected]> --- g10/sig-check.c | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/g10/sig-check.c b/g10/sig-check.c index 290f19a..7000b48 100644 --- a/g10/sig-check.c +++ b/g10/sig-check.c @@ -797,15 +797,20 @@ check_signature_over_key_or_uid (PKT_public_key *signer, *is_selfsig = 1; } else - /* See if one of the subkeys was the signer (although this is - extremely unlikely). */ { kbnode_t ctx = NULL; kbnode_t n; - while ((n = walk_kbnode (kb, &ctx, PKT_PUBLIC_SUBKEY))) + /* See if one of the subkeys was the signer (although this + is extremely unlikely). */ + while ((n = walk_kbnode (kb, &ctx, 0))) { - PKT_public_key *subk = n->pkt->pkt.public_key; + PKT_public_key *subk; + + if (n->pkt->pkttype != PKT_PUBLIC_SUBKEY) + continue; + + subk = n->pkt->pkt.public_key; if (sig->keyid[0] == subk->keyid[0] && sig->keyid[1] == subk->keyid[1]) /* Issued by a subkey. */ -- 2.8.0.rc3
