Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2018-04-17 11:15:25 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "gpg2" Tue Apr 17 11:15:25 2018 rev:126 rq:597193 version:2.2.6 Changes: -------- --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes 2018-04-07 20:47:32.599050510 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2018-04-17 11:15:27.620198410 +0200 @@ -1,0 +2,29 @@ +Tue Apr 10 06:32:22 UTC 2018 - kbabi...@suse.com + +- GnuPG 2.2.6: + * gpg,gpgsm: New option --request-origin to pretend requests coming + from a browser or a remote site. + * gpg: Fix race condition on trustdb.gpg updates due to too early + released lock. + * gpg: Emit FAILURE status lines in almost all cases. + * gpg: Implement --dry-run for --passwd to make checking a key's + passphrase straightforward. + * gpg: Make sure to only accept a certification capable key for key + signatures. + * gpg: Better user interaction in --card-edit for the factory-reset + sub-command. + * gpg: Improve changing key attributes in --card-edit by adding an + explicit "key-attr" sub-command. + * gpg: Print the keygrips in the --card-status. + * scd: Support KDF DO setup. + * scd: Fix suspend/resume handling in the CCID driver. + * agent: Evict cached passphrases also via a timer. + * agent: Use separate passphrase caches depending on the request + origin. + * ssh: Support signature flags. + * dirmngr: Handle failures related to missing IPv6 support + gracefully. + * Allow the use of UNC directory names as homedir. [#3818] +- Dropped gnupg-CVE-2018-9234.patch since it is included upstream + +------------------------------------------------------------------- Old: ---- gnupg-2.2.5.tar.bz2 gnupg-2.2.5.tar.bz2.sig gnupg-CVE-2018-9234.patch New: ---- gnupg-2.2.6.tar.bz2 gnupg-2.2.6.tar.bz2.sig ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ gpg2.spec ++++++ --- /var/tmp/diff_new_pack.BTnZ8f/_old 2018-04-17 11:15:28.412161275 +0200 +++ /var/tmp/diff_new_pack.BTnZ8f/_new 2018-04-17 11:15:28.412161275 +0200 @@ -17,7 +17,7 @@ Name: gpg2 -Version: 2.2.5 +Version: 2.2.6 Release: 0 Summary: File encryption, decryption, signature creation and verification utility License: GPL-3.0+ @@ -34,7 +34,6 @@ Patch8: gnupg-set_umask_before_open_outfile.patch Patch9: gnupg-detect_FIPS_mode.patch Patch11: gnupg-add_legacy_FIPS_mode_option.patch -Patch12: gnupg-CVE-2018-9234.patch BuildRequires: expect BuildRequires: fdupes BuildRequires: libassuan-devel >= 2.5.0 @@ -86,7 +85,6 @@ %patch8 -p1 %patch9 -p1 %patch11 -p1 -%patch12 -p1 %build date=$(date -u +%%Y-%%m-%%dT%%H:%%M+0000 -r %{SOURCE99}) ++++++ gnupg-2.2.5.tar.bz2 -> gnupg-2.2.6.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/gpg2/gnupg-2.2.5.tar.bz2 /work/SRC/openSUSE:Factory/.gpg2.new/gnupg-2.2.6.tar.bz2 differ: char 11, line 1 ++++++ gnupg-add_legacy_FIPS_mode_option.patch ++++++ --- /var/tmp/diff_new_pack.BTnZ8f/_old 2018-04-17 11:15:28.460159024 +0200 +++ /var/tmp/diff_new_pack.BTnZ8f/_new 2018-04-17 11:15:28.464158837 +0200 @@ -3,11 +3,11 @@ g10/gpg.c | 9 +++++++++ 2 files changed, 27 insertions(+) -Index: gnupg-2.1.22/doc/gpg.texi +Index: gnupg-2.2.6/doc/gpg.texi =================================================================== ---- gnupg-2.1.22.orig/doc/gpg.texi -+++ gnupg-2.1.22/doc/gpg.texi -@@ -2079,6 +2079,24 @@ implies, this option is for experts only +--- gnupg-2.2.6.orig/doc/gpg.texi 2018-04-10 09:05:55.807324463 +0200 ++++ gnupg-2.2.6/doc/gpg.texi 2018-04-10 09:05:58.627349563 +0200 +@@ -2094,6 +2094,24 @@ implies, this option is for experts only understand the implications of what it allows you to do, leave this off. @option{--no-expert} disables this option. @@ -32,19 +32,19 @@ @end table -Index: gnupg-2.1.22/g10/gpg.c +Index: gnupg-2.2.6/g10/gpg.c =================================================================== ---- gnupg-2.1.22.orig/g10/gpg.c -+++ gnupg-2.1.22/g10/gpg.c -@@ -422,6 +422,7 @@ enum cmd_and_opt_values - oDisableSignerUID, +--- gnupg-2.2.6.orig/g10/gpg.c 2018-04-10 09:05:55.807324463 +0200 ++++ gnupg-2.2.6/g10/gpg.c 2018-04-10 09:06:21.583553887 +0200 +@@ -424,6 +424,7 @@ enum cmd_and_opt_values oSender, oKeyOrigin, + oRequestOrigin, + oSetLegacyFips, oNoop }; -@@ -867,6 +868,7 @@ static ARGPARSE_OPTS opts[] = { +@@ -871,6 +872,7 @@ static ARGPARSE_OPTS opts[] = { ARGPARSE_s_n (oAllowMultipleMessages, "allow-multiple-messages", "@"), ARGPARSE_s_n (oNoAllowMultipleMessages, "no-allow-multiple-messages", "@"), ARGPARSE_s_n (oAllowWeakDigestAlgos, "allow-weak-digest-algos", "@"), @@ -52,7 +52,7 @@ ARGPARSE_s_s (oDefaultNewKeyAlgo, "default-new-key-algo", "@"), -@@ -3537,6 +3539,13 @@ main (int argc, char **argv) +@@ -3565,6 +3567,13 @@ main (int argc, char **argv) opt.def_new_key_algo = pargs.r.ret_str; break;