commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2020-09-06 00:00:15 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.3399 (New) Package is "gpg2" Sun Sep 6 00:00:15 2020 rev:150 rq:831939 version:2.2.23 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2020-07-15 11:15:08.041009467 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new.3399/gpg2.changes 2020-09-06 00:00:44.759204072 +0200 @@ -1,0 +2,39 @@ +Thu Sep 3 17:16:41 UTC 2020 - Andreas Stieger + +- GnuPG 2.2.23: + * gpg: fix AHEAD preference list overflow boo#1176034 / CVE-2020-25125 + * gpg: fix possible segv in the key cleaning code + * gpgsm: fix a minor RFC2253 parser gub + * scdaemon: Fix a PIN verify failure on certain OpenPGP card +implementations + +--- +Tue Sep 1 21:09:57 UTC 2020 - Andreas Stieger + +- GnuPG 2.2.22: + * gpg: Change the default key algorithm to rsa3072 + * gpg: Add regular expression support for Trust Signatures on +all platforms + * gpg: Ignore --personal-digest-prefs for ECDSA keys + * gpgsm: Make rsaPSS a de-vs compliant scheme + * gpgsm: Show also the SHA256 fingerprint in key listings + * gpgsm: Do not require a default keyring for --gpgconf-list + * gpg-agent: Default to extended key format and record the +creation time of keys +Add new option --disable-extended-key-format + * gpg-agent: Support the WAYLAND_DISPLAY envvar + * gpg-agent: Allow using --gpgconf-list even if HOME does not +exist + * gpg-agent: Make the Pinentry work even if the envvar TERM is +set to the empty string + * scdaemon: Add a workaround for Gnuk tokens <= 2.15 which +wrongly incremented the error counter when using the +"verify" command of "gpg --edit-key" with only the signature +key being present + * dirmngr: Better handle systems with disabled IPv6 + * gpgpslit: Install tool. It was not installed in the past to + avoid conflicts with the version installed by GnuPG 1.4 + * gpgtar: Make --files-from and --null work as documented +- drop gnupg-gpgme-t-encrypt-sym.patch, upstream + +--- Old: gnupg-2.2.21.tar.bz2 gnupg-2.2.21.tar.bz2.sig gnupg-gpgme-t-encrypt-sym.patch New: gnupg-2.2.23.tar.bz2 gnupg-2.2.23.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.DrSr80/_old 2020-09-06 00:00:49.731206561 +0200 +++ /var/tmp/diff_new_pack.DrSr80/_new 2020-09-06 00:00:49.735206564 +0200 @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.2.21 +Version:2.2.23 Release:0 Summary:File encryption, decryption, signature creation and verification utility License:GPL-3.0-or-later @@ -40,13 +40,11 @@ Patch14:gnupg-add-test-cases-for-import-without-uid.patch Patch15: gnupg-allow-import-of-previously-known-keys-even-without-UIDs.patch Patch1124847: gnupg-gpg-agent-ulimit.patch -# PATCH-FIX-UPSTREAM bsc#1174007 gpgme: Fails to build with latest gpg-2.2.21 -Patch16:gnupg-gpgme-t-encrypt-sym.patch BuildRequires: expect BuildRequires: fdupes BuildRequires: libassuan-devel >= 2.5.0 BuildRequires: libgcrypt-devel >= 1.7.0 -BuildRequires: libgpg-error-devel >= 1.24 +BuildRequires: libgpg-error-devel >= 1.25 BuildRequires: libksba-devel >= 1.3.4 BuildRequires: makeinfo BuildRequires: npth-devel >= 1.2 @@ -107,7 +105,6 @@ %patch13 -p1 %patch14 -p1 %patch15 -p1 -%patch16 -p1 touch -d 2018-05-04 doc/gpg.texi # to compensate for patch11 in order to not have man pages and info files have the build date (boo#1047218) %build ++ gnupg-2.2.21.tar.bz2 -> gnupg-2.2.23.tar.bz2 ++ /work/SRC/openSUSE:Factory/gpg2/gnupg-2.2.21.tar.bz2 /work/SRC/openSUSE:Factory/.gpg2.new.3399/gnupg-2.2.23.tar.bz2 differ: char 11, line 1 ++ gpg2.keyring ++ --- /var/tmp/diff_new_pack.DrSr80/_old 2020-09-06 00:00:49.875206634 +0200 +++ /var/tmp/diff_new_pack.DrSr80/_new 2020-09-06 00:00:49.879206636 +0200 @@ -1,5 +1,4 @@ -BEGIN PGP PUBLIC KEY BLOCK- -Version: GnuPG v2 mQENBE0ti4EBCACqGtKlX9jI/enhlBdy2cyQP6Q7JoyxtaG6/ckAKWHYrqFTQk3I Ue8TuDrGT742XFncG9PoMBfJDUNltIPgKFn8E9tYQqAOlpSA25bOb30cA2ADkrjg @@ -7,93 +6,60 @@ KRw6B5ucs4qSzp5VH4CqDr9PDnLD8lBGHk0x8jpwh4V/yEODJKATY0Vj00793L8u qA35ZiyczUvvJSLYvf7STO943GswkxdAfqxXbYifiK2gjE/7SAmB+2jFxsonUDOB 1BAY5s3FKqrkaxZr3BBjeuGGoCuiSX/cXRIhABEBAAG0Fldlcm5lciBLb2NoIChk -aXN0IHNpZymJAT4EEwECACgFAk0ti4ECGwMFCRDdnwIGCwkIBwMCBhUIAgkKCwQW -AgMBAh4BAheAAAoJECSbOdJPJeO2PlMIAJxPtFXf5yozPpFjRbSkSdjsk9eru05s
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2020-07-15 11:13:43 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.3060 (New) Package is "gpg2" Wed Jul 15 11:13:43 2020 rev:149 rq:820863 version:2.2.21 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2020-05-02 22:15:47.276341286 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new.3060/gpg2.changes 2020-07-15 11:15:08.041009467 +0200 @@ -1,0 +2,34 @@ +Tue Jul 14 10:22:22 UTC 2020 - Pedro Monreal Gonzalez + +- Fix regression in latest gpg2 that makes gpgme fail to build [bsc#1174007] +- Add gnupg-gpgme-t-encrypt-sym.patch + +--- +Thu Jul 9 11:36:57 UTC 2020 - Andreas Stieger + +- GnuPG 2.2.21: + * gpg: Improve symmetric decryption speed by about 25% + * gpg: Support decryption of AEAD encrypted data packets + * gpg: Add option --no-include-key-block + * gpg: Allow for extra padding in ECDH + * gpg: Only a single pinentry is shown for symmetric encryption if +the pinentry supports this + * gpg: Print a note if no keys are given to --delete-key + * gpg,gpgsm: The ridiculous passphrase quality bar is not anymore +shown + * gpgsm: Certificates without a CRL distribution point are now +considered valid without looking up a CRL. The new option +--enable-issuer-based-crl-check can be used to revert to the +former behaviour + * gpgsm: Support rsaPSS signature verification + * gpgsm: Unless CRL checking is disabled lookup a missing issuer +certificate using the certificate's authorityInfoAccess + * gpgsm: Print the certificate's serial number also in decimal +notation + * gpgsm: Fix possible NULL-deref in messages of --gen-key + * scd: Support the CardOS 5 based D-Trust Card 3.1 + * dirmngr: Allow http URLs with "LOOKUP --url" + * wkd: Take name of sendmail from configure. Fixes an OpenBSD +specific bug + +--- Old: gnupg-2.2.20.tar.bz2 gnupg-2.2.20.tar.bz2.sig New: gnupg-2.2.21.tar.bz2 gnupg-2.2.21.tar.bz2.sig gnupg-gpgme-t-encrypt-sym.patch Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.ciRywv/_old 2020-07-15 11:15:21.637022925 +0200 +++ /var/tmp/diff_new_pack.ciRywv/_new 2020-07-15 11:15:21.641022928 +0200 @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.2.20 +Version:2.2.21 Release:0 Summary:File encryption, decryption, signature creation and verification utility License:GPL-3.0-or-later @@ -40,6 +40,8 @@ Patch14:gnupg-add-test-cases-for-import-without-uid.patch Patch15: gnupg-allow-import-of-previously-known-keys-even-without-UIDs.patch Patch1124847: gnupg-gpg-agent-ulimit.patch +# PATCH-FIX-UPSTREAM bsc#1174007 gpgme: Fails to build with latest gpg-2.2.21 +Patch16:gnupg-gpgme-t-encrypt-sym.patch BuildRequires: expect BuildRequires: fdupes BuildRequires: libassuan-devel >= 2.5.0 @@ -105,6 +107,7 @@ %patch13 -p1 %patch14 -p1 %patch15 -p1 +%patch16 -p1 touch -d 2018-05-04 doc/gpg.texi # to compensate for patch11 in order to not have man pages and info files have the build date (boo#1047218) %build ++ gnupg-2.2.20.tar.bz2 -> gnupg-2.2.21.tar.bz2 ++ /work/SRC/openSUSE:Factory/gpg2/gnupg-2.2.20.tar.bz2 /work/SRC/openSUSE:Factory/.gpg2.new.3060/gnupg-2.2.21.tar.bz2 differ: char 11, line 1 ++ gnupg-gpgme-t-encrypt-sym.patch ++ Index: gnupg-2.2.21/agent/command.c === --- gnupg-2.2.21.orig/agent/command.c +++ gnupg-2.2.21/agent/command.c @@ -1595,11 +1595,14 @@ cmd_get_passphrase (assuan_context_t ctx pi2->failed_tries = 0; continue; } - if (*pi->pin && !pi->repeat_okay) + if (*pi->pin && !pi->repeat_okay + && ctrl->pinentry_mode != PINENTRY_MODE_LOOPBACK) { /* The passphrase is empty and the pinentry did not * already run the repetition check, do it here. This - * is only called when using an old and simple pinentry. */ + * is only called when using an old and simple pinentry. + * It is neither called in loopback mode because the + * caller does any passphrase repetition by herself. */ xfree (response); response = NULL; rc = agent_get_passphrase (ctrl, ,
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2020-05-02 22:15:35 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.2738 (New) Package is "gpg2" Sat May 2 22:15:35 2020 rev:148 rq:799268 version:2.2.20 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2020-03-16 10:16:55.195552571 +0100 +++ /work/SRC/openSUSE:Factory/.gpg2.new.2738/gpg2.changes 2020-05-02 22:15:47.276341286 +0200 @@ -1,0 +2,29 @@ +Thu Apr 30 13:59:33 UTC 2020 - Pedro Monreal Gonzalez + +- Fix gpgme and gpgme-qt builds on gpg2 2.2.20 update [bsc#1170811] +- Refresh patches: + * gnupg-2.2.8-files-are-digests.patch + * gnupg-add_legacy_FIPS_mode_option.patch + +--- +Fri Mar 20 20:17:44 UTC 2020 - Andreas Stieger + +- GnuPG 2.2.20: + * Protect the error counter against overflow to guarantee that the +tools can't be tricked into returning success after an error + * gpg: Make really sure that --verify-files always returns an error + * gpg: Fix key listing --with-secret if a pattern is given + * gpg: Fix detection of certain keys used as default-key + * gpg: Fix default-key selection when a card is available + * gpg: Fix key expiration and key usage for keys created with a +creation date of zero + * gpgsm: Fix import of some CR,LF terminated certificates + * gpg: New options --include-key-block and --auto-key-import to +allow encrypted replies after an initial signed message + * gpg: Allow the use of a fingerprint with --trusted-key + * gpg: New property "fpr" for use by --export-filter + * scdaemon: Disable the pinpad if a KDF DO is used + * dirmngr: Improve finding OCSP certificates +- drop gpg2-gcc10-build-fno-common.patch, upstream + +--- Old: gnupg-2.2.19.tar.bz2 gnupg-2.2.19.tar.bz2.sig gpg2-gcc10-build-fno-common.patch New: gnupg-2.2.20.tar.bz2 gnupg-2.2.20.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.RZAnbZ/_old 2020-05-02 22:15:48.712344294 +0200 +++ /var/tmp/diff_new_pack.RZAnbZ/_new 2020-05-02 22:15:48.712344294 +0200 @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.2.19 +Version:2.2.20 Release:0 Summary:File encryption, decryption, signature creation and verification utility License:GPL-3.0-or-later @@ -29,7 +29,6 @@ Source3:%{name}.keyring Source4:scdaemon.udev Source99: %{name}.changes -Patch1124847: gnupg-gpg-agent-ulimit.patch Patch4: gnupg-2.0.9-langinfo.patch Patch5: gnupg-2.2.8-files-are-digests.patch Patch6: gnupg-dont-fail-with-seahorse-agent.patch @@ -40,8 +39,7 @@ Patch13: gnupg-accept_subkeys_with_a_good_revocation_but_no_self-sig_during_import.patch Patch14:gnupg-add-test-cases-for-import-without-uid.patch Patch15: gnupg-allow-import-of-previously-known-keys-even-without-UIDs.patch -# PATCH-FIX-UPSTREAM bsc#1160394 Fix gcc10 build -Patch16:gpg2-gcc10-build-fno-common.patch +Patch1124847: gnupg-gpg-agent-ulimit.patch BuildRequires: expect BuildRequires: fdupes BuildRequires: libassuan-devel >= 2.5.0 @@ -107,7 +105,6 @@ %patch13 -p1 %patch14 -p1 %patch15 -p1 -%patch16 -p1 touch -d 2018-05-04 doc/gpg.texi # to compensate for patch11 in order to not have man pages and info files have the build date (boo#1047218) %build @@ -132,7 +129,7 @@ --enable-gpg-is-gpg2 \ --enable-Werror -make %{?_smp_mflags} +%make_build %install %make_install ++ gnupg-2.2.19.tar.bz2 -> gnupg-2.2.20.tar.bz2 ++ /work/SRC/openSUSE:Factory/gpg2/gnupg-2.2.19.tar.bz2 /work/SRC/openSUSE:Factory/.gpg2.new.2738/gnupg-2.2.20.tar.bz2 differ: char 11, line 1 ++ gnupg-2.2.8-files-are-digests.patch ++ --- /var/tmp/diff_new_pack.RZAnbZ/_old 2020-05-02 22:15:48.776344428 +0200 +++ /var/tmp/diff_new_pack.RZAnbZ/_new 2020-05-02 22:15:48.776344428 +0200 @@ -4,11 +4,11 @@ g10/sign.c| 68 -- 3 files changed, 67 insertions(+), 6 deletions(-) -Index: gnupg-2.2.18/g10/gpg.c +Index: gnupg-2.2.20/g10/gpg.c === gnupg-2.2.18.orig/g10/gpg.c -+++ gnupg-2.2.18/g10/gpg.c -@@ -378,6 +378,7 @@ enum cmd_and_opt_values +--- gnupg-2.2.20.orig/g10/gpg.c gnupg-2.2.20/g10/gpg.c +@@ -380,6 +380,7 @@ enum cmd_and_opt_values oTTYtype, oLCctype, oLCmessages, @@ -16,7 +16,7 @@ oXauthority, oGroup, oUnGroup, -@@ -830,6 +831,7 @@ static
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2020-03-16 10:16:15 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.3160 (New) Package is "gpg2" Mon Mar 16 10:16:15 2020 rev:147 rq:784634 version:2.2.19 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2020-02-22 19:03:25.785987021 +0100 +++ /work/SRC/openSUSE:Factory/.gpg2.new.3160/gpg2.changes 2020-03-16 10:16:55.195552571 +0100 @@ -1,0 +2,6 @@ +Fri Mar 13 10:39:09 UTC 2020 - Fabian Vogt + +- Split dirmngr into a subpackage to avoid a hard dependency of + gpg2 on libgnutls + +--- Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.wKAAhb/_old 2020-03-16 10:16:56.343553039 +0100 +++ /var/tmp/diff_new_pack.wKAAhb/_new 2020-03-16 10:16:56.33044 +0100 @@ -65,8 +65,7 @@ Requires: libksba >= 1.3.4 Requires: pinentry Requires(post): %{install_info_prereq} -Obsoletes: dirmngr < 2.1.0 -Provides: dirmngr = %{version} +Recommends: dirmngr = %{version} Provides: gnupg = %{version} Provides: gpg = 1.4.9 Provides: newpg @@ -81,6 +80,18 @@ gpg2 provides GPGSM, gpg-agent, and a keybox library. +%package -n dirmngr +Summary:Keyserver, CRL, and OCSP access for GnuPG +Group: Productivity/Networking/Security + +%description -n dirmngr +Since version 2.1 of GnuPG, dirmngr takes care of accessing the OpenPGP +keyservers. As with previous versions it is also used as a server for managing +and downloading certificate +revocation lists (CRLs) for X.509 certificates, downloading X.509 certificates, +and providing access to OCSP providers. Dirmngr is invoked internally by gpg, +gpgsm, or via the gpg-connect-agent tool. + %lang_package %prep @@ -167,10 +178,13 @@ %files %{_infodir}/gnupg* +%exclude %{_mandir}/*/dirmngr*%{ext_man} %{_mandir}/*/*%{ext_man} %license COPYING* %doc AUTHORS ChangeLog NEWS THANKS TODO doc/FAQ +%exclude %{_docdir}/%{name}/examples/systemd-user/dirmngr.* %doc %{_docdir}/%{name} +%exclude %{_bindir}/dirmngr* %{_bindir}/* %{_libdir}/[^d]* %{_sbindir}/addgnupghome @@ -181,4 +195,10 @@ %dir %{_sysconfdir}/gnupg %config(noreplace) %{_sysconfdir}/gnupg/gpgconf.conf +%files -n dirmngr +%license COPYING* +%{_mandir}/*/dirmngr*%{ext_man} +%{_docdir}/%{name}/examples/systemd-user/dirmngr.* +%{_bindir}/dirmngr* + %changelog
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2020-02-22 19:03:23 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.26092 (New) Package is "gpg2" Sat Feb 22 19:03:23 2020 rev:146 rq:776240 version:2.2.19 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2020-01-16 18:17:53.876861356 +0100 +++ /work/SRC/openSUSE:Factory/.gpg2.new.26092/gpg2.changes 2020-02-22 19:03:25.785987021 +0100 @@ -1,0 +2,8 @@ +Wed Feb 19 08:48:34 UTC 2020 - Pedro Monreal Gonzalez + +- Fix build with GCC-10: [bsc#1160394] + * Always use EXTERN_UNLESS_MAIN_MODULE pattern + * In GCC-10, the default option -fcommon will change to -fno-common +- Add gpg2-gcc10-build-fno-common.patch + +--- New: gpg2-gcc10-build-fno-common.patch Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.rNBgam/_old 2020-02-22 19:03:27.205989849 +0100 +++ /var/tmp/diff_new_pack.rNBgam/_new 2020-02-22 19:03:27.213989865 +0100 @@ -40,6 +40,8 @@ Patch13: gnupg-accept_subkeys_with_a_good_revocation_but_no_self-sig_during_import.patch Patch14:gnupg-add-test-cases-for-import-without-uid.patch Patch15: gnupg-allow-import-of-previously-known-keys-even-without-UIDs.patch +# PATCH-FIX-UPSTREAM bsc#1160394 Fix gcc10 build +Patch16:gpg2-gcc10-build-fno-common.patch BuildRequires: expect BuildRequires: fdupes BuildRequires: libassuan-devel >= 2.5.0 @@ -94,6 +96,7 @@ %patch13 -p1 %patch14 -p1 %patch15 -p1 +%patch16 -p1 touch -d 2018-05-04 doc/gpg.texi # to compensate for patch11 in order to not have man pages and info files have the build date (boo#1047218) %build ++ gpg2-gcc10-build-fno-common.patch ++ >From 6aff8a132815a84bab69401c1e7de96ec549fbf2 Mon Sep 17 00:00:00 2001 From: Werner Koch Date: Mon, 10 Feb 2020 16:37:34 +0100 Subject: [PATCH] build: Always use EXTERN_UNLESS_MAIN_MODULE pattern. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * common/util.h (EXTERN_UNLESS_MAIN_MODULE): Add the definion only here but now without the Norcroft-C. Change all other places where it gets defined. * common/iobuf.h (iobuf_debug_mode): Declare unconditionally as extern. * common/iobuf.c (iobuf_debug_mode): Define it here. * agent/gpg-agent.c (INCLUDED_BY_MAIN_MODULE): Define here and also in all main modules of all other programs. * g10/main.h: Put util.h before the local header files. -- This change is required for use with gcc/ld's LTO feature which does not allow common blocks. Further gcc 10 will make -fno-common the default and thus this chnage is always needed. What a pitty. Co-authored-by: Tomáš Mráz GnuPG-bug-id: 4831 Signed-off-by: Werner Koch (cherry picked from commit 21d9bd8b87a9f793a106095e3838eb71825189d7) - Applied respective chnages also to gpg-card and keyboxd. Signed-off-by: Werner Koch --- agent/agent.h | 1 + agent/gpg-agent.c | 1 + agent/preset-passphrase.c | 1 + agent/protect-tool.c | 1 + agent/t-protect.c | 1 + common/iobuf.c| 1 + common/iobuf.h| 9 + common/util.h | 8 dirmngr/dirmngr.c | 1 + dirmngr/dirmngr.h | 1 + g10/gpgcompose.c | 1 + g10/main.h| 2 +- g10/options.h | 8 g10/test.c| 1 + g13/g13-common.h | 2 +- g13/g13-syshelp.c | 1 + g13/g13.c | 1 + kbx/keyboxd.c | 1 + kbx/keyboxd.h | 1 + scd/scdaemon.c| 1 + scd/scdaemon.h| 1 + sm/gpgsm.c| 2 ++ sm/gpgsm.h| 1 + tools/gpg-card.c | 2 ++ tools/gpg-card.h | 1 + tools/gpg-wks-client.c| 1 + tools/gpg-wks-server.c| 1 + tools/gpg-wks.h | 1 + tools/gpgconf.c | 1 + tools/gpgconf.h | 1 + tools/gpgtar.c| 1 + tools/gpgtar.h| 2 ++ 32 files changed, 41 insertions(+), 18 deletions(-) Index: gnupg-2.2.19/agent/agent.h === --- gnupg-2.2.19.orig/agent/agent.h +++ gnupg-2.2.19/agent/agent.h @@ -37,6 +37,14 @@ #include "../common/session-env.h" #include "../common/shareddefs.h" +#ifndef EXTERN_UNLESS_MAIN_MODULE +# if !defined (INCLUDED_BY_MAIN_MODULE) +# define EXTERN_UNLESS_MAIN_MODULE extern +# else +# define EXTERN_UNLESS_MAIN_MODULE +# endif +#endif + /* To convey some special hash algorithms we use algorithm numbers reserved for application use. */ #ifndef GCRY_MODULE_ID_USER @@ -55,6 +63,7 @@
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2020-01-16 18:17:49 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.26092 (New) Package is "gpg2" Thu Jan 16 18:17:49 2020 rev:145 rq:763816 version:2.2.19 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2019-12-23 22:34:01.153731170 +0100 +++ /work/SRC/openSUSE:Factory/.gpg2.new.26092/gpg2.changes 2020-01-16 18:17:53.876861356 +0100 @@ -1,0 +2,9 @@ +Fri Jan 10 17:47:24 UTC 2020 - Pedro Monreal Gonzalez + +- Accept key updates even without UIDs [bsc#1143158] +- Add patches: + * gnupg-allow-import-of-previously-known-keys-even-without-UIDs.patch + * gnupg-accept_subkeys_with_a_good_revocation_but_no_self-sig_during_import.patch + * gnupg-add-test-cases-for-import-without-uid.patch + +--- New: gnupg-accept_subkeys_with_a_good_revocation_but_no_self-sig_during_import.patch gnupg-add-test-cases-for-import-without-uid.patch gnupg-allow-import-of-previously-known-keys-even-without-UIDs.patch Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.iv2dPI/_old 2020-01-16 18:17:55.220862116 +0100 +++ /var/tmp/diff_new_pack.iv2dPI/_new 2020-01-16 18:17:55.228862121 +0100 @@ -1,7 +1,7 @@ # # spec file for package gpg2 # -# Copyright (c) 2019 SUSE LLC +# Copyright (c) 2020 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -37,6 +37,9 @@ Patch9: gnupg-detect_FIPS_mode.patch Patch11:gnupg-add_legacy_FIPS_mode_option.patch Patch12:gnupg-2.2.16-secmem.patch +Patch13: gnupg-accept_subkeys_with_a_good_revocation_but_no_self-sig_during_import.patch +Patch14:gnupg-add-test-cases-for-import-without-uid.patch +Patch15: gnupg-allow-import-of-previously-known-keys-even-without-UIDs.patch BuildRequires: expect BuildRequires: fdupes BuildRequires: libassuan-devel >= 2.5.0 @@ -88,6 +91,9 @@ %patch9 -p1 %patch11 -p1 %patch12 -p1 +%patch13 -p1 +%patch14 -p1 +%patch15 -p1 touch -d 2018-05-04 doc/gpg.texi # to compensate for patch11 in order to not have man pages and info files have the build date (boo#1047218) %build ++ gnupg-accept_subkeys_with_a_good_revocation_but_no_self-sig_during_import.patch ++ >From f361141a44365ff7db2d2cfbf118d5b54b52c3d5 Mon Sep 17 00:00:00 2001 From: Vincent Breitmoser Date: Thu, 13 Jun 2019 21:27:43 +0200 Subject: [PATCH] gpg: accept subkeys with a good revocation but no self-sig during import * g10/import.c (chk_self_sigs): Set the NODE_GOOD_SELFSIG flag when we encounter a valid revocation signature. This allows import of subkey revocation signatures, even in the absence of a corresponding subkey binding signature. -- This fixes the remaining test in import-incomplete.scm. GnuPG-Bug-id: 4393 Signed-off-by: Daniel Kahn Gillmor --- g10/import.c | 1 + 1 file changed, 1 insertion(+) diff --git a/g10/import.c b/g10/import.c index 2be214e63..ae2453803 100644 --- a/g10/import.c +++ b/g10/import.c @@ -3536,6 +3536,7 @@ chk_self_sigs (ctrl_t ctrl, kbnode_t keyblock, u32 *keyid, int *non_self) /* It's valid, so is it newer? */ if (sig->timestamp >= rsdate) { + knode->flag |= NODE_GOOD_SELFSIG; /* Subkey is valid. */ if (rsnode) { /* Delete the last revocation sig since ++ gnupg-add-test-cases-for-import-without-uid.patch ++ >From 4c40bfa90bda748e5dada0bb1cc8fae14d744f07 Mon Sep 17 00:00:00 2001 From: Vincent Breitmoser Date: Thu, 13 Jun 2019 21:27:41 +0200 Subject: [PATCH] tests: add test cases for import without uid This commit adds a test case that does the following, in order: - Import of a primary key plus user id - Check that import of a subkey works, without a user id present in the imported key - Check that import of a subkey revocation works, without a user id or subkey binding signature present in the imported key - Check that import of a primary key revocation works, without a user id present in the imported key -- Note that this test currently fails. The following changesets will fix gpg so that the tests pass. GnuPG-Bug-id: 4393 Signed-Off-By: Daniel Kahn Gillmor --- tests/openpgp/Makefile.am | 1 + tests/openpgp/import-incomplete.scm | 68 +++ .../import-incomplete/primary+revocation.asc | 9 +++ .../primary+subkey+sub-revocation.asc | 10 +++
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2019-12-23 22:33:57 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.6675 (New) Package is "gpg2" Mon Dec 23 22:33:57 2019 rev:144 rq:755139 version:2.2.19 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2019-12-07 15:20:30.887752670 +0100 +++ /work/SRC/openSUSE:Factory/.gpg2.new.6675/gpg2.changes 2019-12-23 22:34:01.153731170 +0100 @@ -1,0 +2,10 @@ +Sat Dec 7 15:20:41 UTC 2019 - Andreas Stieger + +- update to 2.2.19: + * gpg: Fix double free when decrypting for hidden recipients + * gpg: Use auto-key-locate for encryption even for mail addressed +given with angle brackets + * gpgsm: Add special case for certain expired intermediate +certificates + +--- Old: gnupg-2.2.18.tar.bz2 gnupg-2.2.18.tar.bz2.sig New: gnupg-2.2.19.tar.bz2 gnupg-2.2.19.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.D61Iw3/_old 2019-12-23 22:34:04.525732633 +0100 +++ /var/tmp/diff_new_pack.D61Iw3/_new 2019-12-23 22:34:04.565732650 +0100 @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.2.18 +Version:2.2.19 Release:0 Summary:File encryption, decryption, signature creation and verification utility License:GPL-3.0-or-later ++ gnupg-2.2.18.tar.bz2 -> gnupg-2.2.19.tar.bz2 ++ /work/SRC/openSUSE:Factory/gpg2/gnupg-2.2.18.tar.bz2 /work/SRC/openSUSE:Factory/.gpg2.new.6675/gnupg-2.2.19.tar.bz2 differ: char 11, line 1
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2019-12-07 15:17:14 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.4691 (New) Package is "gpg2" Sat Dec 7 15:17:14 2019 rev:143 rq:751577 version:2.2.18 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2019-10-22 15:43:18.525570587 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new.4691/gpg2.changes 2019-12-07 15:20:30.887752670 +0100 @@ -1,0 +2,50 @@ +Wed Nov 27 15:42:22 UTC 2019 - Pedro Monreal Gonzalez + +- Update to 2.2.18 [bsc#1157900, CVE-2019-14855] + * gpg: Changed the way keys are detected on a smartcards; this +allows the use of non-OpenPGP cards. In the case of a not very +likely regression the new option --use-only-openpgp-card is +available. [#4681] + * gpg: The commands --full-gen-key and --quick-gen-key now allow +direct key generation from supported cards. [#4681] + * gpg: Prepare against chosen-prefix SHA-1 collisions in key +signatures. This change removes all SHA-1 based key signature +newer than 2019-01-19 from the web-of-trust. Note that this +includes all key signature created with dsa1024 keys. The new +option --allow-weak-key-signatues can be used to override the new +and safer behaviour. [#4755,CVE-2019-14855] + * gpg: Improve performance for import of large keyblocks. [#4592] + * gpg: Implement a keybox compression run. [#4644] + * gpg: Show warnings from dirmngr about redirect and certificate +problems (details require --verbose as usual). + * gpg: Allow to pass the empty string for the passphrase if the +'--passphase=' syntax is used. [#4633] + * gpg: Fix printing of the KDF object attributes. + * gpg: Avoid surprises with --locate-external-key and certain +--auto-key-locate settings. [#4662] + * gpg: Improve selection of best matching key. [#4713] + * gpg: Delete key binding signature when deletring a subkey. +[#4665,#4457] + * gpg: Fix a potential loss of key sigantures during import with +self-sigs-only active. [#4628] + * gpg: Silence "marked as ultimately trusted" diagnostics if +option --quiet is used. [#4634] + * gpg: Silence some diagnostics during in key listsing even with +option --verbose. [#4627] + * gpg, gpgsm: Change parsing of agent's pkdecrypt results. [#4652] + * gpgsm: Support AES-256 keys. + * gpgsm: Fix a bug in triggering a keybox compression run if +--faked-system-time is used. + * dirmngr: System CA certificates are no longer used for the SKS +pool if GNUTLS instead of NTBTLS is used as TLS library. [#4594] + * dirmngr: On Windows detect usability of IPv4 and IPv6 interfaces +to avoid long timeouts. [#4165] + * scd: Fix BWI value for APDU level transfers to make Gemalto Ezio +Shield and Trustica Cryptoucan work. [#4654,#4566] + * wkd: gpg-wks-client --install-key now installs the required policy +file. +- Rebase patches: + * gnupg-2.2.8-files-are-digests.patch + * gnupg-add_legacy_FIPS_mode_option.patch + +--- Old: gnupg-2.2.17.tar.bz2 gnupg-2.2.17.tar.bz2.sig New: gnupg-2.2.18.tar.bz2 gnupg-2.2.18.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.vrgQy1/_old 2019-12-07 15:20:31.663752563 +0100 +++ /var/tmp/diff_new_pack.vrgQy1/_new 2019-12-07 15:20:31.663752563 +0100 @@ -1,7 +1,7 @@ # # spec file for package gpg2 # -# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2019 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.2.17 +Version:2.2.18 Release:0 Summary:File encryption, decryption, signature creation and verification utility License:GPL-3.0-or-later ++ gnupg-2.2.17.tar.bz2 -> gnupg-2.2.18.tar.bz2 ++ /work/SRC/openSUSE:Factory/gpg2/gnupg-2.2.17.tar.bz2 /work/SRC/openSUSE:Factory/.gpg2.new.4691/gnupg-2.2.18.tar.bz2 differ: char 11, line 1 ++ gnupg-2.2.8-files-are-digests.patch ++ --- /var/tmp/diff_new_pack.vrgQy1/_old 2019-12-07 15:20:31.707752557 +0100 +++ /var/tmp/diff_new_pack.vrgQy1/_new 2019-12-07 15:20:31.707752557 +0100 @@ -4,11 +4,11 @@ g10/sign.c| 68 -- 3 files changed, 67 insertions(+), 6 deletions(-) -Index: gnupg-2.2.8/g10/gpg.c +Index: gnupg-2.2.18/g10/gpg.c === gnupg-2.2.8.orig/g10/gpg.c
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2019-10-22 15:43:14 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.2352 (New) Package is "gpg2" Tue Oct 22 15:43:14 2019 rev:142 rq:741459 version:2.2.17 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2019-07-16 08:37:51.851095168 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new.2352/gpg2.changes 2019-10-22 15:43:18.525570587 +0200 @@ -1,0 +2,6 @@ +Thu Sep 19 12:05:13 UTC 2019 - Ludwig Nussel + +- Do not recommend lang package. The lang package already has a + supplements. + +--- Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.bDd0Ih/_old 2019-10-22 15:43:19.453571645 +0200 +++ /var/tmp/diff_new_pack.bDd0Ih/_new 2019-10-22 15:43:19.457571650 +0200 @@ -60,7 +60,6 @@ Requires: libksba >= 1.3.4 Requires: pinentry Requires(post): %{install_info_prereq} -Recommends: %{name}-lang = %{version} Obsoletes: dirmngr < 2.1.0 Provides: dirmngr = %{version} Provides: gnupg = %{version}
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2019-07-16 08:37:45 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.1887 (New) Package is "gpg2" Tue Jul 16 08:37:45 2019 rev:141 rq:714631 version:2.2.17 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2019-06-27 15:53:27.559943900 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new.1887/gpg2.changes 2019-07-16 08:37:51.851095168 +0200 @@ -1,0 +2,23 @@ +Thu Jul 11 09:51:49 UTC 2019 - Pedro Monreal Gonzalez + +- Update to 2.2.17 [bsc#1141093] + * gpg: Do not try the import fallback if the options are already used. + * gpg: Fix regression in option "self-sigs-only". + * gpg: With --auto-key-retrieve prefer WKD over keyservers. + * gpg: Add "self-sigs-only" and "import-clean" to the keyserver options. + * gpg: Avoid printing false AKL error message. + * gpg: New command --locate-external-key. + * gpg: Make the get_pubkey_byname interface easier to understand. + * gpg: Fallback to import with self-sigs-only on too large keyblocks. + * gpg: New import and keyserver option "self-sigs-only" + * gpg: Make read_block in import.c more flexible. + * dirmngr: fix handling of HTTPS redirections during HKP. + * dirmngr: Avoid endless loop in case of HTTP error 503. + * dirmngr: Do not rewrite the redirection for the "openpgpkey" subdomain. + * dirmngr: Support the new WKD draft with the openpgpkey subdomain. + * wkd: Change client/server limit back to 64 KiB. + * tools: gpgconf: Killing order is children-first. + * Return better error code for some getinfo IPC commands. + * po: Update Russian translation. + +--- Old: gnupg-2.2.16.tar.bz2 gnupg-2.2.16.tar.bz2.sig New: gnupg-2.2.17.tar.bz2 gnupg-2.2.17.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.TvYqZw/_old 2019-07-16 08:37:52.719094894 +0200 +++ /var/tmp/diff_new_pack.TvYqZw/_new 2019-07-16 08:37:52.719094894 +0200 @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.2.16 +Version:2.2.17 Release:0 Summary:File encryption, decryption, signature creation and verification utility License:GPL-3.0-or-later ++ gnupg-2.2.16.tar.bz2 -> gnupg-2.2.17.tar.bz2 ++ /work/SRC/openSUSE:Factory/gpg2/gnupg-2.2.16.tar.bz2 /work/SRC/openSUSE:Factory/.gpg2.new.1887/gnupg-2.2.17.tar.bz2 differ: char 11, line 1
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2019-06-27 15:53:26 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.4615 (New) Package is "gpg2" Thu Jun 27 15:53:26 2019 rev:140 rq:710989 version:2.2.16 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2019-06-02 15:15:37.462097967 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new.4615/gpg2.changes 2019-06-27 15:53:27.559943900 +0200 @@ -1,0 +2,6 @@ +Wed Jun 19 21:02:05 UTC 2019 - Jason Sikes + +- Fix secure memory being disabled before fips checks in libgcrypt [boo#1137307] + * Added gnupg-2.2.16-secmem.patch + +--- New: gnupg-2.2.16-secmem.patch Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.PHpq0k/_old 2019-06-27 15:53:28.211944910 +0200 +++ /var/tmp/diff_new_pack.PHpq0k/_new 2019-06-27 15:53:28.211944910 +0200 @@ -36,6 +36,7 @@ Patch8: gnupg-set_umask_before_open_outfile.patch Patch9: gnupg-detect_FIPS_mode.patch Patch11:gnupg-add_legacy_FIPS_mode_option.patch +Patch12:gnupg-2.2.16-secmem.patch BuildRequires: expect BuildRequires: fdupes BuildRequires: libassuan-devel >= 2.5.0 @@ -87,6 +88,7 @@ %patch8 -p1 %patch9 -p1 %patch11 -p1 +%patch12 -p1 touch -d 2018-05-04 doc/gpg.texi # to compensate for patch11 in order to not have man pages and info files have the build date (boo#1047218) %build ++ gnupg-2.2.16-secmem.patch ++ Index: gnupg-2.2.16/g10/gpg.c === --- gnupg-2.2.16.orig/g10/gpg.c +++ gnupg-2.2.16/g10/gpg.c @@ -973,7 +973,7 @@ make_libversion (const char *libname, co if (maybe_setuid) { - gcry_control (GCRYCTL_INIT_SECMEM, 0, 0); /* Drop setuid. */ + gcry_control (GCRYCTL_INIT_SECMEM, 4096, 0); /* Drop setuid. */ maybe_setuid = 0; } s = getfnc (NULL); @@ -1125,7 +1125,7 @@ build_list (const char *text, char lette char *string; if (maybe_setuid) -gcry_control (GCRYCTL_INIT_SECMEM, 0, 0); /* Drop setuid. */ +gcry_control (GCRYCTL_INIT_SECMEM, 4096, 0); /* Drop setuid. */ indent = utf8_charcount (text, -1); len = 0; Index: gnupg-2.2.16/sm/gpgsm.c === --- gnupg-2.2.16.orig/sm/gpgsm.c +++ gnupg-2.2.16/sm/gpgsm.c @@ -533,7 +533,7 @@ make_libversion (const char *libname, co if (maybe_setuid) { - gcry_control (GCRYCTL_INIT_SECMEM, 0, 0); /* Drop setuid. */ + gcry_control (GCRYCTL_INIT_SECMEM, 4096, 0); /* Drop setuid. */ maybe_setuid = 0; } s = getfnc (NULL);
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2019-06-02 15:15:31 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.5148 (New) Package is "gpg2" Sun Jun 2 15:15:31 2019 rev:139 rq:706484 version:2.2.16 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2019-03-29 20:33:04.714608365 +0100 +++ /work/SRC/openSUSE:Factory/.gpg2.new.5148/gpg2.changes 2019-06-02 15:15:37.462097967 +0200 @@ -1,0 +2,36 @@ +Thu May 30 08:00:37 UTC 2019 - Pedro Monreal Gonzalez + +- Update to 2.2.16 + * gpg: Fixed i18n markup of some strings. + * gpg: Allow deletion of subkeys with --delete-[secret-]key. + * gpg: Do not bail on an invalid packet in the local keyring. + * gpg: Do not allow creation of user ids larger than our parser allows. + * gpg: Do not delete any keys if --dry-run is passed. + * gpg: Fix using --decrypt along with --use-embedded-filename. + * gpg: Improve the photo image viewer selection. + * gpg: enable OpenPGP export of cleartext keys with comments. + * gpg: Do not print a hint to use the deprecated --keyserver option. + * gpg: Change update_keysig_packet to replace SHA-1 by SHA-256. + * gpg: Use just the addrspec from the Signer's UID. + * gpg: Accept also armored data from the WKD. + * gpg: Set a limit of 5 to the number of keys imported from the WKD. + * gpg: Don't use EdDSA algo ID for ECDSA curves. + * agent: Stop scdaemon after reload when disable_scdaemon. + * agent: For SSH key, don't put NUL-byte at the end. + * agent: correct length for uri and comment on 64-bit big-endian platforms + * dirmngr: Allow for other hash algorithms than SHA-1 in OCSP. + * dirmngr: Improve domaininfo cache update algorithm. + * dirmngr: Better error code for http status 413. + * g10: Fix possible null dereference. + * g10: Fix double free when locating by mbox. + * g10: Fix symmetric cipher algo constant for ECDH. + * sm: Avoid confusing diagnostic for the default key. + * sm: Fix a warning in an es_fopencooie function. + * gpgconf: Before --launch check that the config file is fine. + * gpgconf: Support --homedir for --launch. + * build: Update m4/iconv.m4. + * doc: correct documentation for gpgconf --kill. + * scd: Add dummy option --application-priority. + * common: Fix AWK portability. + +--- Old: gnupg-2.2.15.tar.bz2 gnupg-2.2.15.tar.bz2.sig New: gnupg-2.2.16.tar.bz2 gnupg-2.2.16.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.ZWg9tr/_old 2019-06-02 15:15:40.042096850 +0200 +++ /var/tmp/diff_new_pack.ZWg9tr/_new 2019-06-02 15:15:40.066096840 +0200 @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.2.15 +Version:2.2.16 Release:0 Summary:File encryption, decryption, signature creation and verification utility License:GPL-3.0-or-later ++ gnupg-2.2.15.tar.bz2 -> gnupg-2.2.16.tar.bz2 ++ /work/SRC/openSUSE:Factory/gpg2/gnupg-2.2.15.tar.bz2 /work/SRC/openSUSE:Factory/.gpg2.new.5148/gnupg-2.2.16.tar.bz2 differ: char 11, line 1
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2019-03-29 20:33:03 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.25356 (New) Package is "gpg2" Fri Mar 29 20:33:03 2019 rev:138 rq:689296 version:2.2.15 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2019-03-24 14:56:22.887205992 +0100 +++ /work/SRC/openSUSE:Factory/.gpg2.new.25356/gpg2.changes 2019-03-29 20:33:04.714608365 +0100 @@ -1,0 +2,12 @@ +Thu Mar 28 08:48:36 UTC 2019 - Karol Babioch + +- Update to 2.2.15 + * sm: Allow decryption even if expired keys are configured. + * agent: Change command KEYINFO to print ssh fingerprints with other +hash algos. + * dirmngr: Fix build problems on Solaris due to the use of reserved +symbol names. + * wkd: New commands --print-wkd-hash and --print-wkd-url for +gpg-wks-client. + +--- Old: gnupg-2.2.14.tar.bz2 gnupg-2.2.14.tar.bz2.sig New: gnupg-2.2.15.tar.bz2 gnupg-2.2.15.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.AZ1K9M/_old 2019-03-29 20:33:05.08926 +0100 +++ /var/tmp/diff_new_pack.AZ1K9M/_new 2019-03-29 20:33:05.670608928 +0100 @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.2.14 +Version:2.2.15 Release:0 Summary:File encryption, decryption, signature creation and verification utility License:GPL-3.0-or-later ++ gnupg-2.2.14.tar.bz2 -> gnupg-2.2.15.tar.bz2 ++ /work/SRC/openSUSE:Factory/gpg2/gnupg-2.2.14.tar.bz2 /work/SRC/openSUSE:Factory/.gpg2.new.25356/gnupg-2.2.15.tar.bz2 differ: char 11, line 1
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2019-03-24 14:56:19 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.25356 (New) Package is "gpg2" Sun Mar 24 14:56:19 2019 rev:137 rq:686408 version:2.2.14 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2019-03-01 20:25:48.862063309 +0100 +++ /work/SRC/openSUSE:Factory/.gpg2.new.25356/gpg2.changes 2019-03-24 14:56:22.887205992 +0100 @@ -1,0 +2,31 @@ +Tue Mar 19 12:11:23 UTC 2019 - Karol Babioch + +- Update to 2.2.14: + * gpg: Allow import of PGP desktop exported secret keys. Also avoid +importing secret keys if the secret keyblock is not valid. + * gpg: Do not error out on version 5 keys in the local keyring. + * gpg: Make invalid primary key algo obvious in key listings. + * sm: Do not mark a certificate in a key listing as de-vs compliant +if its use for a signature will not be possible. + * sm: Fix certificate creation with key on card. + * sm: Create rsa3072 bit certificates by default. + * sm: Print Yubikey attestation extensions with --dump-cert. + * agent: Fix cancellation handling for scdaemon. + * agent: Support --mode=ssh option for CLEAR_PASSPHRASE. + * scd: Fix flushing of the CA-FPR DOs in app-openpgp. + * scd: Avoid a conflict error with the "undefined" app. + * dirmngr: Add CSRF protection exception for protonmail. + * dirmngr: Fix build problems with gcc 9 in libdns. + * gpgconf: New option --show-socket for use wity --launch. + * gpgtar: Make option -C work for archive creation. +- Removed patches that are included upstream by now: + - 0001-libdns-Avoid-using-compound-literals.patch + - 0002-libdns-Avoid-using-compound-literals-2.patch + - 0003-libdns-Avoid-using-compound-literals-3.patch + - 0004-libdns-Avoid-using-compound-literals-4.patch + - 0005-libdns-Avoid-using-compound-literals-5.patch + - 0006-libdns-Avoid-using-compound-literals-6.patch + - 0007-libdns-Avoid-using-compound-literals-7.patch + - 0008-libdns-Avoid-using-compound-literals-8.patch + +--- Old: 0001-libdns-Avoid-using-compound-literals.patch 0002-libdns-Avoid-using-compound-literals-2.patch 0003-libdns-Avoid-using-compound-literals-3.patch 0004-libdns-Avoid-using-compound-literals-4.patch 0005-libdns-Avoid-using-compound-literals-5.patch 0006-libdns-Avoid-using-compound-literals-6.patch 0007-libdns-Avoid-using-compound-literals-7.patch 0008-libdns-Avoid-using-compound-literals-8.patch gnupg-2.2.13.tar.bz2 gnupg-2.2.13.tar.bz2.sig New: gnupg-2.2.14.tar.bz2 gnupg-2.2.14.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.hFIaFR/_old 2019-03-24 14:56:25.771205687 +0100 +++ /var/tmp/diff_new_pack.hFIaFR/_new 2019-03-24 14:56:25.807205683 +0100 @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.2.13 +Version:2.2.14 Release:0 Summary:File encryption, decryption, signature creation and verification utility License:GPL-3.0-or-later @@ -36,14 +36,6 @@ Patch8: gnupg-set_umask_before_open_outfile.patch Patch9: gnupg-detect_FIPS_mode.patch Patch11:gnupg-add_legacy_FIPS_mode_option.patch -Patch12:0001-libdns-Avoid-using-compound-literals.patch -Patch13:0002-libdns-Avoid-using-compound-literals-2.patch -Patch14:0003-libdns-Avoid-using-compound-literals-3.patch -Patch15:0004-libdns-Avoid-using-compound-literals-4.patch -Patch16:0005-libdns-Avoid-using-compound-literals-5.patch -Patch17:0006-libdns-Avoid-using-compound-literals-6.patch -Patch18:0007-libdns-Avoid-using-compound-literals-7.patch -Patch19:0008-libdns-Avoid-using-compound-literals-8.patch BuildRequires: expect BuildRequires: fdupes BuildRequires: libassuan-devel >= 2.5.0 @@ -95,14 +87,6 @@ %patch8 -p1 %patch9 -p1 %patch11 -p1 -%patch12 -p1 -%patch13 -p1 -%patch14 -p1 -%patch15 -p1 -%patch16 -p1 -%patch17 -p1 -%patch18 -p1 -%patch19 -p1 touch -d 2018-05-04 doc/gpg.texi # to compensate for patch11 in order to not have man pages and info files have the build date (boo#1047218) %build ++ gnupg-2.2.13.tar.bz2 -> gnupg-2.2.14.tar.bz2 ++ /work/SRC/openSUSE:Factory/gpg2/gnupg-2.2.13.tar.bz2 /work/SRC/openSUSE:Factory/.gpg2.new.25356/gnupg-2.2.14.tar.bz2 differ: char 11, line 1
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2019-03-01 20:25:43 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.28833 (New) Package is "gpg2" Fri Mar 1 20:25:43 2019 rev:136 rq:679738 version:2.2.13 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2019-02-24 17:05:02.708633383 +0100 +++ /work/SRC/openSUSE:Factory/.gpg2.new.28833/gpg2.changes 2019-03-01 20:25:48.862063309 +0100 @@ -1,0 +2,24 @@ +Tue Feb 26 11:35:29 UTC 2019 - Pedro Monreal Gonzalez + +- Fix build with gcc9 [bsc#1121223] + * Avoid using compound literals +- Upstream bug: https://dev.gnupg.org/T4367 + * Added upstream patches: +- 0001-libdns-Avoid-using-compound-literals.patch +- 0002-libdns-Avoid-using-compound-literals-2.patch +- 0003-libdns-Avoid-using-compound-literals-3.patch +- 0004-libdns-Avoid-using-compound-literals-4.patch +- 0005-libdns-Avoid-using-compound-literals-5.patch +- 0006-libdns-Avoid-using-compound-literals-6.patch +- 0007-libdns-Avoid-using-compound-literals-7.patch +- 0008-libdns-Avoid-using-compound-literals-8.patch + +--- +Fri Feb 22 19:30:29 UTC 2019 - o...@aepfle.de + +- Allow coredumps in X11 desktop sessions (bsc#1124847) + gpg-agent unconditionally disables coredumps, which is not + supposed to happen in the code path that does just exec(argv[]) + gnupg-gpg-agent-ulimit.patch + +--- New: 0001-libdns-Avoid-using-compound-literals.patch 0002-libdns-Avoid-using-compound-literals-2.patch 0003-libdns-Avoid-using-compound-literals-3.patch 0004-libdns-Avoid-using-compound-literals-4.patch 0005-libdns-Avoid-using-compound-literals-5.patch 0006-libdns-Avoid-using-compound-literals-6.patch 0007-libdns-Avoid-using-compound-literals-7.patch 0008-libdns-Avoid-using-compound-literals-8.patch gnupg-gpg-agent-ulimit.patch Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.3oOeCg/_old 2019-03-01 20:25:49.506063158 +0100 +++ /var/tmp/diff_new_pack.3oOeCg/_new 2019-03-01 20:25:49.506063158 +0100 @@ -29,12 +29,21 @@ Source3:%{name}.keyring Source4:scdaemon.udev Source99: %{name}.changes +Patch1124847: gnupg-gpg-agent-ulimit.patch Patch4: gnupg-2.0.9-langinfo.patch Patch5: gnupg-2.2.8-files-are-digests.patch Patch6: gnupg-dont-fail-with-seahorse-agent.patch Patch8: gnupg-set_umask_before_open_outfile.patch Patch9: gnupg-detect_FIPS_mode.patch Patch11:gnupg-add_legacy_FIPS_mode_option.patch +Patch12:0001-libdns-Avoid-using-compound-literals.patch +Patch13:0002-libdns-Avoid-using-compound-literals-2.patch +Patch14:0003-libdns-Avoid-using-compound-literals-3.patch +Patch15:0004-libdns-Avoid-using-compound-literals-4.patch +Patch16:0005-libdns-Avoid-using-compound-literals-5.patch +Patch17:0006-libdns-Avoid-using-compound-literals-6.patch +Patch18:0007-libdns-Avoid-using-compound-literals-7.patch +Patch19:0008-libdns-Avoid-using-compound-literals-8.patch BuildRequires: expect BuildRequires: fdupes BuildRequires: libassuan-devel >= 2.5.0 @@ -79,12 +88,21 @@ %prep %setup -q -n gnupg-%{version} +%patch1124847 -p1 %patch4 -p1 %patch5 -p1 %patch6 -p1 %patch8 -p1 %patch9 -p1 %patch11 -p1 +%patch12 -p1 +%patch13 -p1 +%patch14 -p1 +%patch15 -p1 +%patch16 -p1 +%patch17 -p1 +%patch18 -p1 +%patch19 -p1 touch -d 2018-05-04 doc/gpg.texi # to compensate for patch11 in order to not have man pages and info files have the build date (boo#1047218) %build @@ -126,23 +144,23 @@ ln -sf gpgv2.1 %{buildroot}%{_mandir}/man1/gpgv.1 # fix rpmlint invalid-lc-messages-dir: rm -rf %{buildroot}/%{_datadir}/locale/en@{bold,}quot -# install scdaemon to %{_bindir} (bnc#863645) +# install scdaemon to %%{_bindir} (bnc#863645) mv %{buildroot}%{_libdir}/scdaemon %{buildroot}%{_bindir} mv %{buildroot}%{_libdir}/dirmngr_ldap %{buildroot}%{_bindir} # install udev rules for scdaemon install -Dm 0644 %{SOURCE4} %{buildroot}%{_udevrulesdir}/60-scdaemon.rules # install legacy tools install -m 755 tools/gpg-zip %{buildroot}/%{_bindir} -# install -m 755 tools/gpgsplit %{buildroot}/%{_bindir} +# install -m 755 tools/gpgsplit %%{buildroot}/%%{_bindir} %find_lang gnupg2 %fdupes -s %{buildroot} %check # Run only localy, fails in OBS -#%if ! 0%{?qemu_user_space_build} -#make %{?_smp_mflags} check -#%endif +#%%if ! 0%%{?qemu_user_space_build} +#make %%{?_smp_mflags} check +#%%endif %post %udev_rules_update ++
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2019-02-24 17:04:59 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.28833 (New) Package is "gpg2" Sun Feb 24 17:04:59 2019 rev:135 rq:674400 version:2.2.13 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2018-12-19 13:48:26.847365635 +0100 +++ /work/SRC/openSUSE:Factory/.gpg2.new.28833/gpg2.changes 2019-02-24 17:05:02.708633383 +0100 @@ -1,0 +2,18 @@ +Wed Feb 13 06:12:32 UTC 2019 - Karol Babioch + +- Update to 2.2.13: + * gpg: Implement key lookup via keygrip (using the & prefix). + * gpg: Allow generating Ed25519 key from existing key. + * gpg: Emit an ERROR status line if no key was found with -k. + * gpg: Stop early when trying to create a primary Elgamal key. + * gpgsm: Print the card's key algorithms along with their keygrips +in interactive key generation. + * agent: Clear bogus pinentry cache in the error case. + * scd: Support "acknowledge button" feature. + * scd: Fix for USB INTERRUPT transfer. + * wks: Do no use compression for the the encrypted challenge and response. + +Release-info: https://dev.gnupg.org/T4290 +See-also: gnupg-announce/2019q1/000434.html + +--- Old: gnupg-2.2.12.tar.bz2 gnupg-2.2.12.tar.bz2.sig New: gnupg-2.2.13.tar.bz2 gnupg-2.2.13.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.fprVnI/_old 2019-02-24 17:05:03.852632839 +0100 +++ /var/tmp/diff_new_pack.fprVnI/_new 2019-02-24 17:05:03.856632837 +0100 @@ -1,7 +1,7 @@ # # spec file for package gpg2 # -# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -12,12 +12,12 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # Name: gpg2 -Version:2.2.12 +Version:2.2.13 Release:0 Summary:File encryption, decryption, signature creation and verification utility License:GPL-3.0-or-later ++ gnupg-2.2.12.tar.bz2 -> gnupg-2.2.13.tar.bz2 ++ /work/SRC/openSUSE:Factory/gpg2/gnupg-2.2.12.tar.bz2 /work/SRC/openSUSE:Factory/.gpg2.new.28833/gnupg-2.2.13.tar.bz2 differ: char 11, line 1
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2018-12-19 13:48:14 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.28833 (New) Package is "gpg2" Wed Dec 19 13:48:14 2018 rev:134 rq:658514 version:2.2.12 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2018-11-14 14:29:43.339539481 +0100 +++ /work/SRC/openSUSE:Factory/.gpg2.new.28833/gpg2.changes 2018-12-19 13:48:26.847365635 +0100 @@ -1,0 +2,25 @@ +Fri Dec 14 16:11:56 UTC 2018 - atoptsog...@suse.com + +-Update to 2.2.12: + * tools: New commands --install-key and --remove-key for +gpg-wks-client. This allows to prepare a Web Key Directory on a +local file system for later upload to a web server. + * gpg: New --list-option "show-only-fpr-mbox". This makes the use +of the new gpg-wks-client --install-key command easier on Windows. + * gpg: Improve processing speed when --skip-verify is used. + * gpg: Fix a bug where a LF was accidentally written to the console. + * gpg: --card-status now shwos whether a card has the new KDF +feature enabled. + * agent: New runtime option --s2k-calibration=MSEC. New configure +option --with-agent-s2k-calibration=MSEC. [#3399] + * dirmngr: Try another keyserver from the pool on receiving a 502, +503, or 504 error. [#4175] + * dirmngr: Avoid possible CSRF attacks via http redirects. A HTTP +query will not anymore follow a 3xx redirect unless the Location +header gives the same host. If the host is different only the +host and port is taken from the Location header and the original +path and query parts are kept. + * dirmngr: New command FLUSHCRL to flush all CRLS from disk and +memory. [#3967] + +--- Old: gnupg-2.2.11.tar.bz2 gnupg-2.2.11.tar.bz2.sig New: gnupg-2.2.12.tar.bz2 gnupg-2.2.12.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.ArDJft/_old 2018-12-19 13:48:28.211363737 +0100 +++ /var/tmp/diff_new_pack.ArDJft/_new 2018-12-19 13:48:28.211363737 +0100 @@ -12,12 +12,12 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# Please submit bugfixes or comments via http://bugs.opensuse.org/ # Name: gpg2 -Version:2.2.11 +Version:2.2.12 Release:0 Summary:File encryption, decryption, signature creation and verification utility License:GPL-3.0-or-later ++ gnupg-2.2.11.tar.bz2 -> gnupg-2.2.12.tar.bz2 ++ /work/SRC/openSUSE:Factory/gpg2/gnupg-2.2.11.tar.bz2 /work/SRC/openSUSE:Factory/.gpg2.new.28833/gnupg-2.2.12.tar.bz2 differ: char 11, line 1
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2018-11-14 14:29:28 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is "gpg2" Wed Nov 14 14:29:28 2018 rev:133 rq:648382 version:2.2.11 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2018-10-12 13:08:05.399522453 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2018-11-14 14:29:43.339539481 +0100 @@ -1,0 +2,25 @@ +Thu Nov 8 15:35:27 UTC 2018 - Cristian Rodríguez + +- Code no longer uses libcurl, remove from buildrequires. + +--- +Tue Nov 6 12:05:35 UTC 2018 - Karol Babioch + +- Update to 2.2.11: + * gpgsm: Fix CRL loading when intermediate certicates are not yet trusted. + * gpgsm: Fix an error message about the digest algo. + * gpg: Fix a wrong warning due to new sign usage check introduced with 2.2.9. + * gpg: Print the "data source" even for an unsuccessful keyserver query. + * gpg: Do not store the TOFU trust model in the trustdb. + * scd: Fix cases of "Bad PIN" after using "forcesig". + * agent: Fix possible hang in the ssh handler. + * dirmngr: Tack the unmodified mail address to a WKD request. + * dirmngr: Tweak diagnostic about missing LDAP server file. + * dirmngr: In verbose mode print the OCSP responder id. + * dirmngr: Fix parsing of the LDAP port. + * wks: Add option --directory/-C to the server. + * wks: Add option --with-colons to the client. + * Fix EBADF when gpg et al. are called by broken CGI scripts. + * Fix some minor memory leaks and bugs. + +--- Old: gnupg-2.2.10.tar.bz2 gnupg-2.2.10.tar.bz2.sig New: gnupg-2.2.11.tar.bz2 gnupg-2.2.11.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.GfzloE/_old 2018-11-14 14:29:44.623538242 +0100 +++ /var/tmp/diff_new_pack.GfzloE/_new 2018-11-14 14:29:44.627538239 +0100 @@ -12,12 +12,12 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # Name: gpg2 -Version:2.2.10 +Version:2.2.11 Release:0 Summary:File encryption, decryption, signature creation and verification utility License:GPL-3.0-or-later @@ -48,7 +48,6 @@ BuildRequires: readline-devel BuildRequires: pkgconfig(bzip2) BuildRequires: pkgconfig(gnutls) >= 3.0 -BuildRequires: pkgconfig(libcurl) >= 7.10 BuildRequires: pkgconfig(libusb-1.0) BuildRequires: pkgconfig(sqlite3) >= 3.7 BuildRequires: pkgconfig(zlib) ++ gnupg-2.2.10.tar.bz2 -> gnupg-2.2.11.tar.bz2 ++ /work/SRC/openSUSE:Factory/gpg2/gnupg-2.2.10.tar.bz2 /work/SRC/openSUSE:Factory/.gpg2.new/gnupg-2.2.11.tar.bz2 differ: char 11, line 1
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2018-10-12 13:08:02 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is "gpg2" Fri Oct 12 13:08:02 2018 rev:132 rq:640771 version:2.2.10 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2018-09-04 22:48:32.139430782 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2018-10-12 13:08:05.399522453 +0200 @@ -1,0 +2,5 @@ +Thu Oct 4 04:09:12 UTC 2018 - Bernhard Wiedemann + +- Make package build reproducible (boo#1047218) + +--- Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.XhBcau/_old 2018-10-12 13:08:06.303521162 +0200 +++ /var/tmp/diff_new_pack.XhBcau/_new 2018-10-12 13:08:06.307521156 +0200 @@ -86,6 +86,7 @@ %patch8 -p1 %patch9 -p1 %patch11 -p1 +touch -d 2018-05-04 doc/gpg.texi # to compensate for patch11 in order to not have man pages and info files have the build date (boo#1047218) %build date=$(date -u +%%Y-%%m-%%dT%%H:%%M+ -r %{SOURCE99})
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2018-09-04 22:48:23 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is "gpg2" Tue Sep 4 22:48:23 2018 rev:131 rq:632346 version:2.2.10 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2018-07-26 10:16:36.763742457 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2018-09-04 22:48:32.139430782 +0200 @@ -1,0 +2,9 @@ +Thu Aug 30 14:14:08 UTC 2018 - kbabi...@suse.com + +- Update to 2.2.10: + * Refresh expired keys originating from the WKD + * Use a 256 KiB limit for a WKD imported key + * New option --known-notation + * dirmngr: Validate SRV records in WKD queries + +--- Old: gnupg-2.2.9.tar.bz2 gnupg-2.2.9.tar.bz2.sig New: gnupg-2.2.10.tar.bz2 gnupg-2.2.10.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.FpXXEZ/_old 2018-09-04 22:48:32.887433355 +0200 +++ /var/tmp/diff_new_pack.FpXXEZ/_new 2018-09-04 22:48:32.891433369 +0200 @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.2.9 +Version:2.2.10 Release:0 Summary:File encryption, decryption, signature creation and verification utility License:GPL-3.0-or-later ++ gnupg-2.2.9.tar.bz2 -> gnupg-2.2.10.tar.bz2 ++ /work/SRC/openSUSE:Factory/gpg2/gnupg-2.2.9.tar.bz2 /work/SRC/openSUSE:Factory/.gpg2.new/gnupg-2.2.10.tar.bz2 differ: char 11, line 1
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2018-07-26 10:16:32 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is "gpg2" Thu Jul 26 10:16:32 2018 rev:130 rq:625188 version:2.2.9 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2018-07-17 09:38:48.850065211 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2018-07-26 10:16:36.763742457 +0200 @@ -1,0 +2,7 @@ +Wed Jul 25 05:50:42 UTC 2018 - tchva...@suse.com + +- Add basic udev rules for smartcards to be used with + scdaemon, taken from debian: + * scdaemon.udev + +--- New: scdaemon.udev Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.sfN3MO/_old 2018-07-26 10:16:39.407747256 +0200 +++ /var/tmp/diff_new_pack.sfN3MO/_new 2018-07-26 10:16:39.411747263 +0200 @@ -27,6 +27,7 @@ Source2:ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-%{version}.tar.bz2.sig # https://www.gnupg.org/signature_key.html Source3:%{name}.keyring +Source4:scdaemon.udev Source99: %{name}.changes Patch4: gnupg-2.0.9-langinfo.patch Patch5: gnupg-2.2.8-files-are-digests.patch @@ -128,6 +129,8 @@ # install scdaemon to %{_bindir} (bnc#863645) mv %{buildroot}%{_libdir}/scdaemon %{buildroot}%{_bindir} mv %{buildroot}%{_libdir}/dirmngr_ldap %{buildroot}%{_bindir} +# install udev rules for scdaemon +install -Dm 0644 %{SOURCE4} %{buildroot}%{_udevrulesdir}/60-scdaemon.rules # install legacy tools install -m 755 tools/gpg-zip %{buildroot}/%{_bindir} # install -m 755 tools/gpgsplit %{buildroot}/%{_bindir} @@ -142,6 +145,7 @@ #%endif %post +%udev_rules_update %install_info --info-dir=%{_infodir} %{_infodir}/gnupg.info.gz %preun @@ -160,6 +164,7 @@ %{_sbindir}/addgnupghome %{_sbindir}/applygnupgdefaults %{_sbindir}/g13-syshelp +%{_udevrulesdir}/60-scdaemon.rules %{_datadir}/gnupg %dir %{_sysconfdir}/gnupg %config(noreplace) %{_sysconfdir}/gnupg/gpgconf.conf ++ scdaemon.udev ++ # do not edit this file, it will be overwritten on update SUBSYSTEM!="usb", GOTO="gnupg_rules_end" ACTION!="add", GOTO="gnupg_rules_end" # USB SmartCard Readers ## Cherry GmbH (XX33, ST2000) SUBSYSTEM=="usb", ATTR{idVendor}=="046a", ATTR{idProduct}=="0005", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg" SUBSYSTEM=="usb", ATTR{idVendor}=="046a", ATTR{idProduct}=="0010", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg" SUBSYSTEM=="usb", ATTR{idVendor}=="046a", ATTR{idProduct}=="003e", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg" ## SCM Microsystems, Inc (SCR331-DI, SCR335, SCR3320, SCR331, SCR3310 and SPR532) SUBSYSTEM=="usb", ATTR{idVendor}=="04e6", ATTR{idProduct}=="5111", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg" SUBSYSTEM=="usb", ATTR{idVendor}=="04e6", ATTR{idProduct}=="5115", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg" SUBSYSTEM=="usb", ATTR{idVendor}=="04e6", ATTR{idProduct}=="5116", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg" SUBSYSTEM=="usb", ATTR{idVendor}=="04e6", ATTR{idProduct}=="5117", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg" SUBSYSTEM=="usb", ATTR{idVendor}=="04e6", ATTR{idProduct}=="e001", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg" SUBSYSTEM=="usb", ATTR{idVendor}=="04e6", ATTR{idProduct}=="e003", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg" ## Omnikey AG (CardMan 3821, CardMan 6121) SUBSYSTEM=="usb", ATTR{idVendor}=="076b", ATTR{idProduct}=="3821", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg" SUBSYSTEM=="usb", ATTR{idVendor}=="076b", ATTR{idProduct}=="6622", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg" ## Gemalto SUBSYSTEM=="usb", ATTR{idVendor}=="08e6", ATTR{idProduct}=="3437", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg" SUBSYSTEM=="usb", ATTR{idVendor}=="08e6", ATTR{idProduct}=="3438", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg" SUBSYSTEM=="usb", ATTR{idVendor}=="08e6", ATTR{idProduct}=="3478", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg" SUBSYSTEM=="usb", ATTR{idVendor}=="08e6", ATTR{idProduct}=="34c2", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg" SUBSYSTEM=="usb", ATTR{idVendor}=="08e6", ATTR{idProduct}=="34ec", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg" ## Reiner (SCT cyberJack) SUBSYSTEM=="usb", ATTR{idVendor}=="0c4b",
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2018-07-17 09:38:39 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is "gpg2" Tue Jul 17 09:38:39 2018 rev:129 rq:622429 version:2.2.9 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2018-06-22 13:11:37.927383805 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2018-07-17 09:38:48.850065211 +0200 @@ -1,0 +2,27 @@ +Fri Jul 13 07:13:12 UTC 2018 - astie...@suse.com + +- GnuPG 2.2.9: + * dirmngr: Fix recursive resolver mode and other bugs in the +libdns code + * dirmngr: When using libgpg-error 1.32 or later a GnuPG build +with NTBTLS support does not anymore block for dozens of +seconds before returning data. + * gpg: Fix bug in --show-keys which actually imported revocation +certificates + * gpg: Ignore too long user-ID and comment packets + * gpg: Fix crash due to bad German translation. Improved printf +format compile time check. + * gpg: Handle missing ISSUER sub packet gracefully in the presence of +the new ISSUER_FPR + * gpg: Allow decryption using several passphrases in most cases. + * gpg: Command --show-keys now enables the list options +show-unusable-uids, show-unusable-subkeys, show-notations and +show-policy-urls by default. + * gpg: Command --show-keys now prints revocation certificates. + * gpg: Add revocation reason to the "rev" and "rvs" records of the +option --with-colons. [#1173] + * gpg: Export option export-clean does now remove certain expired +subkeys; export-minimal removes all expired subkeys. + * gpg: New "usage" property for the drop-subkey filters. + +--- Old: gnupg-2.2.8.tar.bz2 gnupg-2.2.8.tar.bz2.sig New: gnupg-2.2.9.tar.bz2 gnupg-2.2.9.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.xPSZGu/_old 2018-07-17 09:38:49.526062856 +0200 +++ /var/tmp/diff_new_pack.xPSZGu/_new 2018-07-17 09:38:49.530062843 +0200 @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.2.8 +Version:2.2.9 Release:0 Summary:File encryption, decryption, signature creation and verification utility License:GPL-3.0-or-later ++ gnupg-2.2.8.tar.bz2 -> gnupg-2.2.9.tar.bz2 ++ /work/SRC/openSUSE:Factory/gpg2/gnupg-2.2.8.tar.bz2 /work/SRC/openSUSE:Factory/.gpg2.new/gnupg-2.2.9.tar.bz2 differ: char 11, line 1
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2018-06-22 13:11:25 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is "gpg2" Fri Jun 22 13:11:25 2018 rev:128 rq:615264 version:2.2.8 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2018-05-08 13:32:16.480520492 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2018-06-22 13:11:37.927383805 +0200 @@ -1,0 +2,22 @@ +Fri Jun 8 14:37:06 UTC 2018 - kbabi...@suse.com + +- Update to version 2.2.8: + * gpg: Decryption of messages not using the MDC mode will now lead to a +hard failure even if a legacy cipher algorithm was used. The option +--ignore-mdc-error can be used to turn this failure into a warning. Take +care: Never use that option unconditionally or without a prior warning. + * gpg: The MDC encryption mode is now always used regardless of the +cipher algorithm or any preferences. For testing --rfc2440 can be +used to create a message without an MDC. + * gpg: Sanitize the diagnostic output of the original file name in +verbose mode (bsc#1096745, CVE-2018-12020) + * gpg: Detect suspicious multiple plaintext packets in a more reliable way. + * gpg: Fix the duplicate key signature detection code. + * gpg: The options --no-mdc-warn, --force-mdc, --no-force-mdc, +--disable-mdc and --no-disable-mdc have no more effect. + * agent: Add DBUS_SESSION_BUS_ADDRESS and a few other envvars to the +list of startup environment variables. +- Refresh gnupg-2.0.18-files-are-digests.patch + to gnupg-2.2.8-files-are-digests.patch + +--- Old: gnupg-2.0.18-files-are-digests.patch gnupg-2.2.7.tar.bz2 gnupg-2.2.7.tar.bz2.sig New: gnupg-2.2.8-files-are-digests.patch gnupg-2.2.8.tar.bz2 gnupg-2.2.8.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.eHwCAt/_old 2018-06-22 13:11:38.875348649 +0200 +++ /var/tmp/diff_new_pack.eHwCAt/_new 2018-06-22 13:11:38.879348501 +0200 @@ -17,19 +17,19 @@ Name: gpg2 -Version:2.2.7 +Version:2.2.8 Release:0 Summary:File encryption, decryption, signature creation and verification utility -License:GPL-3.0+ +License:GPL-3.0-or-later Group: Productivity/Networking/Security -Url:http://www.gnupg.org/aegypten2/ +URL:https://www.gnupg.org Source: ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-%{version}.tar.bz2 Source2:ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-%{version}.tar.bz2.sig # https://www.gnupg.org/signature_key.html Source3:%{name}.keyring Source99: %{name}.changes Patch4: gnupg-2.0.9-langinfo.patch -Patch5: gnupg-2.0.18-files-are-digests.patch +Patch5: gnupg-2.2.8-files-are-digests.patch Patch6: gnupg-dont-fail-with-seahorse-agent.patch Patch8: gnupg-set_umask_before_open_outfile.patch Patch9: gnupg-detect_FIPS_mode.patch ++ gnupg-2.0.18-files-are-digests.patch -> gnupg-2.2.8-files-are-digests.patch ++ --- /work/SRC/openSUSE:Factory/gpg2/gnupg-2.0.18-files-are-digests.patch 2017-09-04 12:26:34.241779443 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gnupg-2.2.8-files-are-digests.patch 2018-06-22 13:11:30.627654521 +0200 @@ -4,11 +4,11 @@ g10/sign.c| 68 -- 3 files changed, 67 insertions(+), 6 deletions(-) -Index: gnupg-2.1.23/g10/gpg.c +Index: gnupg-2.2.8/g10/gpg.c === gnupg-2.1.23.orig/g10/gpg.c2017-08-09 15:46:17.0 +0200 -+++ gnupg-2.1.23/g10/gpg.c 2017-08-10 16:21:26.692847431 +0200 -@@ -380,6 +380,7 @@ enum cmd_and_opt_values +--- gnupg-2.2.8.orig/g10/gpg.c 2018-06-06 11:59:06.0 +0200 gnupg-2.2.8/g10/gpg.c 2018-06-08 16:34:33.287514003 +0200 +@@ -376,6 +376,7 @@ enum cmd_and_opt_values oTTYtype, oLCctype, oLCmessages, @@ -16,7 +16,7 @@ oXauthority, oGroup, oUnGroup, -@@ -829,6 +830,7 @@ static ARGPARSE_OPTS opts[] = { +@@ -824,6 +825,7 @@ static ARGPARSE_OPTS opts[] = { ARGPARSE_s_s (oWeakDigest, "weak-digest","@"), ARGPARSE_s_n (oUnwrap, "unwrap", "@"), ARGPARSE_s_n (oOnlySignTextIDs, "only-sign-text-ids", "@"), @@ -24,7 +24,7 @@ /* Aliases. I constantly mistype these, and assume other people do as well. */ -@@ -2388,6 +2390,7 @@ main (int argc, char **argv) +@@ -2392,6 +2394,7 @@ main (int argc, char **argv) opt.def_cert_expire = "0"; gnupg_set_homedir
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2018-05-08 13:32:14 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is "gpg2" Tue May 8 13:32:14 2018 rev:127 rq:604049 version:2.2.7 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2018-04-17 11:15:27.620198410 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2018-05-08 13:32:16.480520492 +0200 @@ -1,0 +2,22 @@ +Fri May 4 14:15:27 UTC 2018 - astie...@suse.com + +- GnuPG 2.2.7: + * gpg: New option --no-symkey-cache to disable the passphrase +cache for symmetrical en- and decryption. + * gpg: The ERRSIG status now prints the fingerprint if that is +part of the signature + * gpg: Relax emitting of FAILURE status lines + * gpg: Add a status flag to "sig" lines printed with --list-sigs + * gpg: Fix "Too many open files" when using --multifile + * ssh: Return an error for unknown ssh-agent flags + * dirmngr: Fix a CNAME problem with pools and TLS. Also use a +fixed mapping of keys.gnupg.net to sks-keyservers.net + * dirmngr: Try resurrecting dead hosts earlier (from 3h to 1.5h) + * dirmngr: Fallback to CRL if no default OCSP responder is +configured + * dirmngr: Implement CRL fetching via https. Here a redirection +to http is explictly allowed + * agent,dirmngr: New sub-command "getenv" for "getinfo" to ease +debugging + +--- Old: gnupg-2.2.6.tar.bz2 gnupg-2.2.6.tar.bz2.sig New: gnupg-2.2.7.tar.bz2 gnupg-2.2.7.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.2OMLQl/_old 2018-05-08 13:32:17.496483834 +0200 +++ /var/tmp/diff_new_pack.2OMLQl/_new 2018-05-08 13:32:17.500483690 +0200 @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.2.6 +Version:2.2.7 Release:0 Summary:File encryption, decryption, signature creation and verification utility License:GPL-3.0+ ++ gnupg-2.2.6.tar.bz2 -> gnupg-2.2.7.tar.bz2 ++ /work/SRC/openSUSE:Factory/gpg2/gnupg-2.2.6.tar.bz2 /work/SRC/openSUSE:Factory/.gpg2.new/gnupg-2.2.7.tar.bz2 differ: char 11, line 1 ++ gnupg-add_legacy_FIPS_mode_option.patch ++ --- /var/tmp/diff_new_pack.2OMLQl/_old 2018-05-08 13:32:17.556481669 +0200 +++ /var/tmp/diff_new_pack.2OMLQl/_new 2018-05-08 13:32:17.556481669 +0200 @@ -3,11 +3,11 @@ g10/gpg.c|9 + 2 files changed, 27 insertions(+) -Index: gnupg-2.2.6/doc/gpg.texi +Index: gnupg-2.2.7/doc/gpg.texi === gnupg-2.2.6.orig/doc/gpg.texi 2018-04-10 09:05:55.807324463 +0200 -+++ gnupg-2.2.6/doc/gpg.texi 2018-04-10 09:05:58.627349563 +0200 -@@ -2094,6 +2094,24 @@ implies, this option is for experts only +--- gnupg-2.2.7.orig/doc/gpg.texi 2018-05-04 16:14:30.949580264 +0200 gnupg-2.2.7/doc/gpg.texi 2018-05-04 16:14:34.025609243 +0200 +@@ -2097,6 +2097,24 @@ implies, this option is for experts only understand the implications of what it allows you to do, leave this off. @option{--no-expert} disables this option. @@ -32,19 +32,19 @@ @end table -Index: gnupg-2.2.6/g10/gpg.c +Index: gnupg-2.2.7/g10/gpg.c === gnupg-2.2.6.orig/g10/gpg.c 2018-04-10 09:05:55.807324463 +0200 -+++ gnupg-2.2.6/g10/gpg.c 2018-04-10 09:06:21.583553887 +0200 -@@ -424,6 +424,7 @@ enum cmd_and_opt_values - oSender, +--- gnupg-2.2.7.orig/g10/gpg.c 2018-05-04 16:14:30.949580264 +0200 gnupg-2.2.7/g10/gpg.c 2018-05-04 16:15:00.441858109 +0200 +@@ -425,6 +425,7 @@ enum cmd_and_opt_values oKeyOrigin, oRequestOrigin, + oNoSymkeyCache, +oSetLegacyFips, oNoop }; -@@ -871,6 +872,7 @@ static ARGPARSE_OPTS opts[] = { +@@ -872,6 +873,7 @@ static ARGPARSE_OPTS opts[] = { ARGPARSE_s_n (oAllowMultipleMessages, "allow-multiple-messages", "@"), ARGPARSE_s_n (oNoAllowMultipleMessages, "no-allow-multiple-messages", "@"), ARGPARSE_s_n (oAllowWeakDigestAlgos, "allow-weak-digest-algos", "@"), @@ -52,7 +52,7 @@ ARGPARSE_s_s (oDefaultNewKeyAlgo, "default-new-key-algo", "@"), -@@ -3565,6 +3567,13 @@ main (int argc, char **argv) +@@ -3568,6 +3570,13 @@ main (int argc, char **argv) opt.def_new_key_algo = pargs.r.ret_str; break;
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2018-04-17 11:15:25 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is "gpg2" Tue Apr 17 11:15:25 2018 rev:126 rq:597193 version:2.2.6 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2018-04-07 20:47:32.599050510 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2018-04-17 11:15:27.620198410 +0200 @@ -1,0 +2,29 @@ +Tue Apr 10 06:32:22 UTC 2018 - kbabi...@suse.com + +- GnuPG 2.2.6: + * gpg,gpgsm: New option --request-origin to pretend requests coming +from a browser or a remote site. + * gpg: Fix race condition on trustdb.gpg updates due to too early +released lock. + * gpg: Emit FAILURE status lines in almost all cases. + * gpg: Implement --dry-run for --passwd to make checking a key's +passphrase straightforward. + * gpg: Make sure to only accept a certification capable key for key +signatures. + * gpg: Better user interaction in --card-edit for the factory-reset +sub-command. + * gpg: Improve changing key attributes in --card-edit by adding an +explicit "key-attr" sub-command. + * gpg: Print the keygrips in the --card-status. + * scd: Support KDF DO setup. + * scd: Fix suspend/resume handling in the CCID driver. + * agent: Evict cached passphrases also via a timer. + * agent: Use separate passphrase caches depending on the request +origin. + * ssh: Support signature flags. + * dirmngr: Handle failures related to missing IPv6 support +gracefully. + * Allow the use of UNC directory names as homedir. [#3818] +- Dropped gnupg-CVE-2018-9234.patch since it is included upstream + +--- Old: gnupg-2.2.5.tar.bz2 gnupg-2.2.5.tar.bz2.sig gnupg-CVE-2018-9234.patch New: gnupg-2.2.6.tar.bz2 gnupg-2.2.6.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.BTnZ8f/_old 2018-04-17 11:15:28.412161275 +0200 +++ /var/tmp/diff_new_pack.BTnZ8f/_new 2018-04-17 11:15:28.412161275 +0200 @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.2.5 +Version:2.2.6 Release:0 Summary:File encryption, decryption, signature creation and verification utility License:GPL-3.0+ @@ -34,7 +34,6 @@ Patch8: gnupg-set_umask_before_open_outfile.patch Patch9: gnupg-detect_FIPS_mode.patch Patch11:gnupg-add_legacy_FIPS_mode_option.patch -Patch12:gnupg-CVE-2018-9234.patch BuildRequires: expect BuildRequires: fdupes BuildRequires: libassuan-devel >= 2.5.0 @@ -86,7 +85,6 @@ %patch8 -p1 %patch9 -p1 %patch11 -p1 -%patch12 -p1 %build date=$(date -u +%%Y-%%m-%%dT%%H:%%M+ -r %{SOURCE99}) ++ gnupg-2.2.5.tar.bz2 -> gnupg-2.2.6.tar.bz2 ++ /work/SRC/openSUSE:Factory/gpg2/gnupg-2.2.5.tar.bz2 /work/SRC/openSUSE:Factory/.gpg2.new/gnupg-2.2.6.tar.bz2 differ: char 11, line 1 ++ gnupg-add_legacy_FIPS_mode_option.patch ++ --- /var/tmp/diff_new_pack.BTnZ8f/_old 2018-04-17 11:15:28.460159024 +0200 +++ /var/tmp/diff_new_pack.BTnZ8f/_new 2018-04-17 11:15:28.464158837 +0200 @@ -3,11 +3,11 @@ g10/gpg.c|9 + 2 files changed, 27 insertions(+) -Index: gnupg-2.1.22/doc/gpg.texi +Index: gnupg-2.2.6/doc/gpg.texi === gnupg-2.1.22.orig/doc/gpg.texi -+++ gnupg-2.1.22/doc/gpg.texi -@@ -2079,6 +2079,24 @@ implies, this option is for experts only +--- gnupg-2.2.6.orig/doc/gpg.texi 2018-04-10 09:05:55.807324463 +0200 gnupg-2.2.6/doc/gpg.texi 2018-04-10 09:05:58.627349563 +0200 +@@ -2094,6 +2094,24 @@ implies, this option is for experts only understand the implications of what it allows you to do, leave this off. @option{--no-expert} disables this option. @@ -32,19 +32,19 @@ @end table -Index: gnupg-2.1.22/g10/gpg.c +Index: gnupg-2.2.6/g10/gpg.c === gnupg-2.1.22.orig/g10/gpg.c -+++ gnupg-2.1.22/g10/gpg.c -@@ -422,6 +422,7 @@ enum cmd_and_opt_values - oDisableSignerUID, +--- gnupg-2.2.6.orig/g10/gpg.c 2018-04-10 09:05:55.807324463 +0200 gnupg-2.2.6/g10/gpg.c 2018-04-10 09:06:21.583553887 +0200 +@@ -424,6 +424,7 @@ enum cmd_and_opt_values oSender, oKeyOrigin, + oRequestOrigin, +oSetLegacyFips, oNoop }; -@@ -867,6 +868,7 @@ static ARGPARSE_OPTS opts[] = { +@@ -871,6 +872,7 @@ static ARGPARSE_OPTS opts[] = { ARGPARSE_s_n (oAllowMultipleMessages, "allow-multiple-messages", "@"), ARGPARSE_s_n (oNoAllowMultipleMessages,
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2018-04-07 20:47:23 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is "gpg2" Sat Apr 7 20:47:23 2018 rev:125 rq:593728 version:2.2.5 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2018-02-28 19:54:38.277536341 +0100 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2018-04-07 20:47:32.599050510 +0200 @@ -1,0 +2,7 @@ +Thu Apr 5 08:38:58 UTC 2018 - kbabi...@suse.com + +- Added gnupg-CVE-2018-9234.patch: Enforce that key certification + can only be done with the master key, and not a signing subkey. + (bnc#1088255 CVE-2018-9234) + +--- New: gnupg-CVE-2018-9234.patch Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.jHYOmD/_old 2018-04-07 20:47:33.715010121 +0200 +++ /var/tmp/diff_new_pack.jHYOmD/_new 2018-04-07 20:47:33.719009976 +0200 @@ -34,6 +34,7 @@ Patch8: gnupg-set_umask_before_open_outfile.patch Patch9: gnupg-detect_FIPS_mode.patch Patch11:gnupg-add_legacy_FIPS_mode_option.patch +Patch12:gnupg-CVE-2018-9234.patch BuildRequires: expect BuildRequires: fdupes BuildRequires: libassuan-devel >= 2.5.0 @@ -85,6 +86,7 @@ %patch8 -p1 %patch9 -p1 %patch11 -p1 +%patch12 -p1 %build date=$(date -u +%%Y-%%m-%%dT%%H:%%M+ -r %{SOURCE99}) ++ gnupg-CVE-2018-9234.patch ++ From: Karol BabiochDate: Thu Apr 5 10:32:21 CEST 2018 Upstream: merged References: https://dev.gnupg.org/rGa17d2d1f690ebe5d005b4589a5fe378b6487c657 References: https://dev.gnupg.org/T3844 Subject: Fix for bnc#1088255 (CVE-2018-9234) --- g10/getkey.c |2 ++ 1 file changed, 2 insertions(+) Index: gnupg-2.2.5/g10/getkey.c === --- gnupg-2.2.5.orig/g10/getkey.c +++ gnupg-2.2.5/g10/getkey.c @@ -1810,6 +1810,8 @@ get_pubkey_byfprint (ctrl_t ctrl, PKT_pu ctx.items[0].mode = fprint_len == 16 ? KEYDB_SEARCH_MODE_FPR16 : KEYDB_SEARCH_MODE_FPR20; memcpy (ctx.items[0].u.fpr, fprint, fprint_len); + if (pk) +ctx.req_usage = pk->req_usage; rc = lookup (ctrl, , 0, , _key); if (!rc && pk) pk_from_block (pk, kb, found_key);
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2017-12-23 12:11:05 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is "gpg2" Sat Dec 23 12:11:05 2017 rev:123 rq:559114 version:2.2.4 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2017-11-25 08:40:06.955817012 +0100 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2017-12-23 12:11:10.003922930 +0100 @@ -1,0 +2,24 @@ +Thu Dec 21 09:44:03 UTC 2017 - astie...@suse.com + +- GnuPG 2.2.4: + * gpg: Change default preferences to prefer SHA512. + * gpg: Print a warning when more than 150 MiB are encrypted using +a cipher with 64 bit block size. + * gpg: Print a warning if the MDC feature has not been used for a +message. + * gpg: Fix regular expression of domain addresses in trust +signatures + * agent: New option --auto-expand-secmem to help with high +numbers of concurrent connections. Requires libgcrypt 1.8.2 +for having an effect. + * dirmngr: Cache responses of WKD queries. + * gpgconf: Add option --status-fd. + * wks: Add commands --check and --remove-key to gpg-wks-server + * Increase the backlog parameter of the daemons to 64 and add +option --listen-backlog. +- Not enabled features: + * New configure option --enable-run-gnupg-user-socket to first +try a socket directory which is not removed by systemd at +session end. + +--- Old: gnupg-2.2.3.tar.bz2 gnupg-2.2.3.tar.bz2.sig New: gnupg-2.2.4.tar.bz2 gnupg-2.2.4.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.BbIJQ6/_old 2017-12-23 12:11:13.079772954 +0100 +++ /var/tmp/diff_new_pack.BbIJQ6/_new 2017-12-23 12:11:13.083772759 +0100 @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.2.3 +Version:2.2.4 Release:0 Summary:File encryption, decryption, signature creation and verification utility License:GPL-3.0+ ++ gnupg-2.2.3.tar.bz2 -> gnupg-2.2.4.tar.bz2 ++ /work/SRC/openSUSE:Factory/gpg2/gnupg-2.2.3.tar.bz2 /work/SRC/openSUSE:Factory/.gpg2.new/gnupg-2.2.4.tar.bz2 differ: char 11, line 1
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2017-11-25 08:40:01 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is "gpg2" Sat Nov 25 08:40:01 2017 rev:122 rq:544086 version:2.2.3 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2017-11-14 12:36:52.663592699 +0100 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2017-11-25 08:40:06.955817012 +0100 @@ -1,0 +2,10 @@ +Tue Nov 21 08:25:48 UTC 2017 - astie...@suse.com + +- GnuPG 2.2.3: + * dirmngr: Fix crash in case of a CRL loading error + * gpgtar: Fix wrong behaviour of --set-filename + * gpg: Silence AKL retrieval messages + * agent: Use clock or clock_gettime for calibration + * agent: Improve robustness of the shutdown pending state + +--- Old: gnupg-2.2.2.tar.bz2 gnupg-2.2.2.tar.bz2.sig New: gnupg-2.2.3.tar.bz2 gnupg-2.2.3.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.2aNUec/_old 2017-11-25 08:40:11.715643592 +0100 +++ /var/tmp/diff_new_pack.2aNUec/_new 2017-11-25 08:40:11.715643592 +0100 @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.2.2 +Version:2.2.3 Release:0 Summary:File encryption, decryption, signature creation and verification utility License:GPL-3.0+ ++ gnupg-2.2.2.tar.bz2 -> gnupg-2.2.3.tar.bz2 ++ /work/SRC/openSUSE:Factory/gpg2/gnupg-2.2.2.tar.bz2 /work/SRC/openSUSE:Factory/.gpg2.new/gnupg-2.2.3.tar.bz2 differ: char 11, line 1
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2017-11-14 12:36:43 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is "gpg2" Tue Nov 14 12:36:43 2017 rev:121 rq:539677 version:2.2.2 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2017-09-22 21:32:09.959417409 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2017-11-14 12:36:52.663592699 +0100 @@ -1,0 +2,27 @@ +Tue Nov 7 20:08:04 UTC 2017 - astie...@suse.com + +- GnuPG 2.2.2: + * gpg: Avoid duplicate key imports by concurrently running gpg +processes + * gpg: Fix creating on-disk subkey with on-card primary key + * gpg: Fix validity retrieval for multiple keyrings + * gpg: Fix --dry-run and import option show-only for secret keys + * gpg: Print "sec" or "sbb" for secret keys with import option +import-show + * gpg: Make import less verbose + * gpg: Add alias "Key-Grip" for parameter "Keygrip" and new +parameter "Subkey-Grip" to unattended key generation + * gpg: Improve "factory-reset" command for OpenPGP cards + * gpg: Ease switching Gnuk tokens into ECC mode by using the magic +keysize value 25519 + * gpgsm: Fix --with-colon listing in crt records for fields > 12. + * gpgsm: Do not expect X.509 keyids to be unique + * agent: Fix stucked Pinentry when using --max-passphrase-days + * agent: New option --s2k-count + * dirmngr: Do not follow https-to-http redirects + * dirmngr: Reduce default LDAP timeout from 100 to 15 seconds + * gpgconf: Ignore non-installed components for commands +--apply-profile and --apply-defaults + * Add configure option --enable-werror + +--- Old: gnupg-2.2.1.tar.bz2 gnupg-2.2.1.tar.bz2.sig New: gnupg-2.2.2.tar.bz2 gnupg-2.2.2.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.mgE8hI/_old 2017-11-14 12:36:54.803514499 +0100 +++ /var/tmp/diff_new_pack.mgE8hI/_new 2017-11-14 12:36:54.803514499 +0100 @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.2.1 +Version:2.2.2 Release:0 Summary:File encryption, decryption, signature creation and verification utility License:GPL-3.0+ @@ -106,6 +106,7 @@ --with-default-trust-store-file=%{_sysconfdir}/ssl/ca-bundle.pem \ --enable-build-timestamp=$date \ --enable-gpg-is-gpg2 \ +--enable-Werror make %{?_smp_mflags} ++ gnupg-2.2.1.tar.bz2 -> gnupg-2.2.2.tar.bz2 ++ /work/SRC/openSUSE:Factory/gpg2/gnupg-2.2.1.tar.bz2 /work/SRC/openSUSE:Factory/.gpg2.new/gnupg-2.2.2.tar.bz2 differ: char 11, line 1
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2017-09-22 21:32:08 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is "gpg2" Fri Sep 22 21:32:08 2017 rev:120 rq:527382 version:2.2.1 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2017-09-04 12:26:34.789702409 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2017-09-22 21:32:09.959417409 +0200 @@ -1,0 +2,15 @@ +Tue Sep 19 19:12:53 UTC 2017 - astie...@suse.com + +- GnuPG 2.2.1: + * gpg: Fix formatting of the user id in batch mode key generation +if only "name-email" is given. + * gpgv: Fix annoying "not suitable for" warnings. + * wks: Convey only the newest user id to the provider. This is +the case if different names are used with the same addr-spec. + * wks: Create a complying user id for provider policy mailbox-only. + * wks: Add workaround for posteo.de. + * scd: Fix the use of large ECC keys with an OpenPGP card. + * dirmngr: Use system provided root certificates if no specific +HKP certificates are configured. If bu + +--- Old: gnupg-2.2.0.tar.bz2 gnupg-2.2.0.tar.bz2.sig New: gnupg-2.2.1.tar.bz2 gnupg-2.2.1.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.GEXTDl/_old 2017-09-22 21:32:10.999271032 +0200 +++ /var/tmp/diff_new_pack.GEXTDl/_new 2017-09-22 21:32:11.003270470 +0200 @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.2.0 +Version:2.2.1 Release:0 Summary:File encryption, decryption, signature creation and verification utility License:GPL-3.0+ ++ gnupg-2.2.0.tar.bz2 -> gnupg-2.2.1.tar.bz2 ++ /work/SRC/openSUSE:Factory/gpg2/gnupg-2.2.0.tar.bz2 /work/SRC/openSUSE:Factory/.gpg2.new/gnupg-2.2.1.tar.bz2 differ: char 11, line 1
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2017-09-04 12:26:32 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is "gpg2" Mon Sep 4 12:26:32 2017 rev:119 rq:519193 version:2.2.0 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2017-08-04 11:56:54.336583235 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2017-09-04 12:26:34.789702409 +0200 @@ -1,0 +2,34 @@ +Mon Aug 28 17:21:30 UTC 2017 - astie...@suse.com + +- GnuPG 2.2.0: + * New long term stable branch, replacing the 2.0.x series + * gpg: Reverted change in 2.1.23 so that --no-auto-key-retrieve +is again the default boo#1054088 + * Fixed a few minor bugs + +--- +Sat Aug 12 16:56:26 UTC 2017 - astie...@suse.com + +- GnuPG 2.1.23: + * gpg: Options --auto-key-retrieve and --auto-key-locate "local,wkd" +are now used by default. Note: this enables keyserver and Web Key +Directory operators to notice when a signature from a locally +non-available key is being verified for the first time or when +you intend to encrypt to a mail address without having the key +locally. This new behaviour will eventually make key discovery +much easier and mostly automatic. Disable this by adding + no-auto-key-retrieve + auto-key-locate local +to your gpg.conf. + * agent: Option --no-grab is now the default. The new option --grab +allows to revert this. + * gpg: New import option "show-only". + * gpg: New option --disable-dirmngr to entirely disable network +access for gpg. + * gpg,gpgsm: Tweaked DE-VS compliance behaviour. + * New configure flag --enable-all-tests to run more extensive tests +during "make check". + * gpgsm: The keygrip is now always printed in colon mode as +documented in the man page. + +--- Old: gnupg-2.1.22.tar.bz2 gnupg-2.1.22.tar.bz2.sig New: gnupg-2.2.0.tar.bz2 gnupg-2.2.0.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.EkfFsC/_old 2017-09-04 12:26:36.277493237 +0200 +++ /var/tmp/diff_new_pack.EkfFsC/_new 2017-09-04 12:26:36.281492673 +0200 @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.1.22 +Version:2.2.0 Release:0 Summary:File encryption, decryption, signature creation and verification utility License:GPL-3.0+ @@ -103,8 +103,9 @@ --enable-large-secmem \ --enable-wks-tools \ --with-gnu-ld \ ---with-default-trust-store=%{_sysconfdir}/ssl/ca-bundle.pem \ +--with-default-trust-store-file=%{_sysconfdir}/ssl/ca-bundle.pem \ --enable-build-timestamp=$date \ +--enable-gpg-is-gpg2 \ make %{?_smp_mflags} ++ gnupg-2.0.18-files-are-digests.patch ++ --- /var/tmp/diff_new_pack.EkfFsC/_old 2017-09-04 12:26:36.325486488 +0200 +++ /var/tmp/diff_new_pack.EkfFsC/_new 2017-09-04 12:26:36.329485926 +0200 @@ -4,11 +4,11 @@ g10/sign.c| 68 -- 3 files changed, 67 insertions(+), 6 deletions(-) -Index: gnupg-2.1.22/g10/gpg.c +Index: gnupg-2.1.23/g10/gpg.c === gnupg-2.1.22.orig/g10/gpg.c -+++ gnupg-2.1.22/g10/gpg.c -@@ -379,6 +379,7 @@ enum cmd_and_opt_values +--- gnupg-2.1.23.orig/g10/gpg.c2017-08-09 15:46:17.0 +0200 gnupg-2.1.23/g10/gpg.c 2017-08-10 16:21:26.692847431 +0200 +@@ -380,6 +380,7 @@ enum cmd_and_opt_values oTTYtype, oLCctype, oLCmessages, @@ -16,7 +16,7 @@ oXauthority, oGroup, oUnGroup, -@@ -828,6 +829,7 @@ static ARGPARSE_OPTS opts[] = { +@@ -829,6 +830,7 @@ static ARGPARSE_OPTS opts[] = { ARGPARSE_s_s (oWeakDigest, "weak-digest","@"), ARGPARSE_s_n (oUnwrap, "unwrap", "@"), ARGPARSE_s_n (oOnlySignTextIDs, "only-sign-text-ids", "@"), @@ -24,15 +24,15 @@ /* Aliases. I constantly mistype these, and assume other people do as well. */ -@@ -2383,6 +2385,7 @@ main (int argc, char **argv) +@@ -2388,6 +2390,7 @@ main (int argc, char **argv) opt.def_cert_expire = "0"; gnupg_set_homedir (NULL); opt.passphrase_repeat = 1; +opt.files_are_digests=0; opt.emit_version = 0; opt.weak_digests = NULL; - additional_weak_digest("MD5"); -@@ -2944,6 +2947,7 @@ main (int argc, char **argv) + +@@ -2952,6 +2955,7 @@ main (int argc, char **argv) opt.verify_options&=~VERIFY_SHOW_PHOTOS; break; case oPhotoViewer: opt.photo_viewer = pargs.r.ret_str; break;
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2017-08-04 11:56:51 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is "gpg2" Fri Aug 4 11:56:51 2017 rev:118 rq:512957 version:2.1.22 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2017-06-01 16:28:27.187344568 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2017-08-04 11:56:54.336583235 +0200 @@ -1,0 +2,26 @@ +Fri Jul 28 19:29:52 UTC 2017 - astie...@suse.com + +- GnuPG 2.1.22: + * gpg: Extend command --quick-set-expire to allow for setting the +expiration time of subkeys. + * gpg: By default try to repair keys during import. New sub-option +no-repair-keys for --import-options. + * gpg,gpgsm: Improved checking and reporting of DE-VS compliance. + * gpg: New options --key-origin and --with-key-origin. Store the +time of the last key update from keyservers, WKD, or DANE. + * agent: New option --ssh-fingerprint-digest. + * dimngr: Lower timeouts on keyserver connection attempts and made +it configurable. + * dirmngr: Tor will now automatically be detected and used. The +option --no-use-tor disables Tor detection. + * dirmngr: Now detects a changed /etc/resolv.conf. + * agent,dirmngr: Initiate shutdown on removal of the GnuPG home +directory. + * gpg: Avoid caching passphrase for failed symmetric encryption. + * agent: Support for unprotected ssh keys. + * dirmngr: Fixed name resolving on systems using only v6 +nameservers. + * dirmngr: Allow the use of TLS over http proxies. + * wks: New man pages for client and server. + +--- Old: gnupg-2.1.21.tar.bz2 gnupg-2.1.21.tar.bz2.sig New: gnupg-2.1.22.tar.bz2 gnupg-2.1.22.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.7rOJWi/_old 2017-08-04 11:56:56.576267114 +0200 +++ /var/tmp/diff_new_pack.7rOJWi/_new 2017-08-04 11:56:56.584265985 +0200 @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.1.21 +Version:2.1.22 Release:0 Summary:File encryption, decryption, signature creation and verification utility License:GPL-3.0+ @@ -67,7 +67,6 @@ # special feature needed for OBS signd Provides: gpg2_signd_support Obsoletes: gpg < 1.4.9 -BuildRoot: %{_tmppath}/%{name}-%{version}-build %description GnuPG is a hybrid-encryption software program; it uses a combination @@ -104,13 +103,13 @@ --enable-large-secmem \ --enable-wks-tools \ --with-gnu-ld \ ---with-default-trust-store=/etc/ssl/ca-bundle.pem \ +--with-default-trust-store=%{_sysconfdir}/ssl/ca-bundle.pem \ --enable-build-timestamp=$date \ make %{?_smp_mflags} %install -make %{?_smp_mflags} DESTDIR=%{buildroot} install +%make_install mkdir -p %{buildroot}%{_sysconfdir}/gnupg/ # bnc#391347 install -m 644 doc/examples/gpgconf.conf %{buildroot}%{_sysconfdir}/gnupg @@ -125,7 +124,7 @@ # fix rpmlint invalid-lc-messages-dir: rm -rf %{buildroot}/%{_datadir}/locale/en@{bold,}quot # additional files to documentation directory -install -m 644 AUTHORS COPYING ChangeLog NEWS THANKS TODO doc/FAQ %{buildroot}/%{_docdir}/%{name} +install -m 644 AUTHORS COPYING* ChangeLog NEWS THANKS TODO doc/FAQ %{buildroot}/%{_docdir}/%{name} # install scdaemon to %{_bindir} (bnc#863645) mv %{buildroot}%{_libdir}/scdaemon %{buildroot}%{_bindir} mv %{buildroot}%{_libdir}/dirmngr_ldap %{buildroot}%{_bindir} @@ -149,10 +148,8 @@ %install_info_delete --info-dir=%{_infodir} %{_infodir}/gnupg.info.gz %files lang -f gnupg2.lang -%defattr(-,root,root) %files -%defattr(-,root,root) %{_infodir}/gnupg* %{_mandir}/*/*%{ext_man} %doc %{_docdir}/%{name} ++ gnupg-2.0.18-files-are-digests.patch ++ --- /var/tmp/diff_new_pack.7rOJWi/_old 2017-08-04 11:56:56.644257518 +0200 +++ /var/tmp/diff_new_pack.7rOJWi/_new 2017-08-04 11:56:56.648256953 +0200 @@ -4,11 +4,11 @@ g10/sign.c| 68 -- 3 files changed, 67 insertions(+), 6 deletions(-) -Index: gnupg-2.1.21/g10/gpg.c +Index: gnupg-2.1.22/g10/gpg.c === gnupg-2.1.21.orig/g10/gpg.c2017-04-03 17:13:56.0 +0200 -+++ gnupg-2.1.21/g10/gpg.c 2017-04-04 15:59:20.823799866 +0200 -@@ -374,6 +374,7 @@ enum cmd_and_opt_values +--- gnupg-2.1.22.orig/g10/gpg.c gnupg-2.1.22/g10/gpg.c +@@ -379,6 +379,7 @@ enum cmd_and_opt_values oTTYtype, oLCctype, oLCmessages, @@ -16,7 +16,7 @@ oXauthority, oGroup, oUnGroup, -@@
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2017-06-01 16:28:24 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is "gpg2" Thu Jun 1 16:28:24 2017 rev:117 rq:497286 version:2.1.21 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2017-05-20 14:29:31.494874378 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2017-06-01 16:28:27.187344568 +0200 @@ -1,0 +2,7 @@ +Fri May 19 11:59:24 UTC 2017 - marco.str...@suse.com + +- GnuPG 2.1.21: + * modified gnupg-2.0.18-files-are-digests.patch to work with +obs-sign again bsc#1039899 + +--- Other differences: -- ++ gnupg-2.0.18-files-are-digests.patch ++ --- /var/tmp/diff_new_pack.7m638q/_old 2017-06-01 16:28:27.995230654 +0200 +++ /var/tmp/diff_new_pack.7m638q/_new 2017-06-01 16:28:27.995230654 +0200 @@ -4,10 +4,10 @@ g10/sign.c| 68 -- 3 files changed, 67 insertions(+), 6 deletions(-) -Index: gnupg-2.1.20/g10/gpg.c +Index: gnupg-2.1.21/g10/gpg.c === gnupg-2.1.20.orig/g10/gpg.c2017-04-03 17:13:56.0 +0200 -+++ gnupg-2.1.20/g10/gpg.c 2017-04-04 15:59:20.823799866 +0200 +--- gnupg-2.1.21.orig/g10/gpg.c2017-04-03 17:13:56.0 +0200 gnupg-2.1.21/g10/gpg.c 2017-04-04 15:59:20.823799866 +0200 @@ -374,6 +374,7 @@ enum cmd_and_opt_values oTTYtype, oLCctype, @@ -40,10 +40,10 @@ case oForceMDC: opt.force_mdc = 1; break; case oNoForceMDC: opt.force_mdc = 0; break; -Index: gnupg-2.1.20/g10/options.h +Index: gnupg-2.1.21/g10/options.h === gnupg-2.1.20.orig/g10/options.h2017-04-03 17:13:56.0 +0200 -+++ gnupg-2.1.20/g10/options.h 2017-04-04 15:59:20.827799905 +0200 +--- gnupg-2.1.21.orig/g10/options.h2017-04-03 17:13:56.0 +0200 gnupg-2.1.21/g10/options.h 2017-04-04 15:59:20.827799905 +0200 @@ -214,6 +214,7 @@ struct int no_auto_check_trustdb; int preserve_permissions; @@ -52,10 +52,10 @@ struct groupitem *grouplist; int mangle_dos_filenames; int enable_progress_filter; -Index: gnupg-2.1.20/g10/sign.c +Index: gnupg-2.1.21/g10/sign.c === gnupg-2.1.20.orig/g10/sign.c 2017-04-03 17:13:56.0 +0200 -+++ gnupg-2.1.20/g10/sign.c2017-04-04 15:59:27.515864763 +0200 +--- gnupg-2.1.21.orig/g10/sign.c 2017-04-03 17:13:56.0 +0200 gnupg-2.1.21/g10/sign.c2017-04-04 15:59:27.515864763 +0200 @@ -42,6 +42,8 @@ #include "call-agent.h" #include "../common/mbox-util.h" @@ -65,6 +65,15 @@ #ifdef HAVE_DOSISH_SYSTEM #define LF "\r\n" #else +@@ -695,6 +697,8 @@ write_signature_packets(ctrl_t ctrl, + if (duration || opt.sig_policy_url + || opt.sig_notations || opt.sig_keyserver_url) + sig->version = 4; ++ else if (opt.files_are_digests) ++sig->version = 3; + else + sig->version = pk->version; + @@ -718,8 +720,12 @@ write_signature_packets (ctrl_t ctrl, mk_notation_policy_etc (sig, NULL, pk); }
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2017-05-20 14:29:25 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is "gpg2" Sat May 20 14:29:25 2017 rev:116 rq:495114 version:2.1.21 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2017-04-11 09:29:51.134848533 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2017-05-20 14:29:31.494874378 +0200 @@ -1,0 +2,16 @@ +Mon May 15 20:49:25 UTC 2017 - astie...@suse.com + +- GnuPG 2.1.21: + * gpg,gpgsm: Fix corruption of old style keyring.gpg files, +regression in 2.1.20 + * gpg,dirmngr: Removed the skeleton config file support +New installations no longer generate a configuration file. +In the absence of a file, SHA-2 family hashes are used. +Existing configurations are not touched. +drop gnupg-2.1.19-stronger-defaults.patch FATE#323084 + * gpg: Fixed import filter property match bug. + * scd: Removed Linux support for Cardman 4040 PCMCIA reader. + * scd: Fixed some corner case bugs in resume/suspend handling. + * Many minor bug fixes and code cleanup. + +--- Old: gnupg-2.1.19-stronger-defaults.patch gnupg-2.1.20.tar.bz2 gnupg-2.1.20.tar.bz2.sig New: gnupg-2.1.21.tar.bz2 gnupg-2.1.21.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.llziwR/_old 2017-05-20 14:29:32.698704057 +0200 +++ /var/tmp/diff_new_pack.llziwR/_new 2017-05-20 14:29:32.702703491 +0200 @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.1.20 +Version:2.1.21 Release:0 Summary:File encryption, decryption, signature creation and verification utility License:GPL-3.0+ @@ -34,7 +34,6 @@ Patch8: gnupg-set_umask_before_open_outfile.patch Patch9: gnupg-detect_FIPS_mode.patch Patch11:gnupg-add_legacy_FIPS_mode_option.patch -Patch12:gnupg-2.1.19-stronger-defaults.patch BuildRequires: expect BuildRequires: fdupes BuildRequires: libassuan-devel >= 2.4.3 @@ -87,7 +86,6 @@ %patch8 -p1 %patch9 -p1 %patch11 -p1 -%patch12 -p1 %build date=$(date -u +%%Y-%%m-%%dT%%H:%%M+ -r %{SOURCE99}) ++ gnupg-2.1.20.tar.bz2 -> gnupg-2.1.21.tar.bz2 ++ /work/SRC/openSUSE:Factory/gpg2/gnupg-2.1.20.tar.bz2 /work/SRC/openSUSE:Factory/.gpg2.new/gnupg-2.1.21.tar.bz2 differ: char 11, line 1
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2017-04-11 09:29:46 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is "gpg2" Tue Apr 11 09:29:46 2017 rev:115 rq:485787 version:2.1.20 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2017-03-18 20:48:59.675104158 +0100 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2017-04-11 09:29:51.134848533 +0200 @@ -1,0 +2,30 @@ +Tue Apr 4 14:00:36 UTC 2017 - astie...@suse.com + +- GnuPG 2.1.20: + * gpg: New properties 'expired', 'revoked', and 'disabled' for the +import and export filters. + * gpg: New command --quick-set-primary-uid. + * gpg: New compliance field for the --with-colon key listing. + * gpg: Changed the key parser to generalize the processing of local +meta data packets. + * gpg: Fixed assertion failure in the TOFU trust model. + * gpg: Fixed exporting of zero length user ID packets. + * scd: Improved support for multiple readers. + * scd: Fixed timeout handling for key generation. + * agent: New option --enable-extended-key-format. + * dirmngr: Do not add a keyserver to a new dirmngr.conf. Dirmngr +uses a default keyserver. + * dimngr: Do not treat TLS warning alerts as severe error when +building with GNUTLS. + * dirmngr: Actually take /etc/hosts in account. + * wks: Fixed client problems on Windows. Published keys are now set +to world-readable. + * tests: Fixed creation of temporary directories. + * A socket directory for a non standard GNUGHOME is now created on +the fly under /run/user. Thus "gpgconf --create-socketdir" is now +optional. The use of "gpgconf --remove-socketdir" to clean up +obsolete socket directories is however recommended to avoid +cluttering /run/user with useless directories. + * Fixed build problems on some platforms. + +--- Old: gnupg-2.1.19.tar.bz2 gnupg-2.1.19.tar.bz2.sig New: gnupg-2.1.20.tar.bz2 gnupg-2.1.20.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.C59Dr9/_old 2017-04-11 09:29:52.270688118 +0200 +++ /var/tmp/diff_new_pack.C59Dr9/_new 2017-04-11 09:29:52.270688118 +0200 @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.1.19 +Version:2.1.20 Release:0 Summary:File encryption, decryption, signature creation and verification utility License:GPL-3.0+ ++ gnupg-2.0.18-files-are-digests.patch ++ --- /var/tmp/diff_new_pack.C59Dr9/_old 2017-04-11 09:29:52.286685859 +0200 +++ /var/tmp/diff_new_pack.C59Dr9/_new 2017-04-11 09:29:52.286685859 +0200 @@ -4,11 +4,11 @@ g10/sign.c| 68 -- 3 files changed, 67 insertions(+), 6 deletions(-) -Index: gnupg-2.1.15/g10/gpg.c +Index: gnupg-2.1.20/g10/gpg.c === gnupg-2.1.15.orig/g10/gpg.c -+++ gnupg-2.1.15/g10/gpg.c -@@ -368,6 +368,7 @@ enum cmd_and_opt_values +--- gnupg-2.1.20.orig/g10/gpg.c2017-04-03 17:13:56.0 +0200 gnupg-2.1.20/g10/gpg.c 2017-04-04 15:59:20.823799866 +0200 +@@ -374,6 +374,7 @@ enum cmd_and_opt_values oTTYtype, oLCctype, oLCmessages, @@ -16,7 +16,7 @@ oXauthority, oGroup, oUnGroup, -@@ -791,6 +792,7 @@ static ARGPARSE_OPTS opts[] = { +@@ -820,6 +821,7 @@ static ARGPARSE_OPTS opts[] = { ARGPARSE_s_s (oWeakDigest, "weak-digest","@"), ARGPARSE_s_n (oUnwrap, "unwrap", "@"), ARGPARSE_s_n (oOnlySignTextIDs, "only-sign-text-ids", "@"), @@ -24,7 +24,7 @@ /* Aliases. I constantly mistype these, and assume other people do as well. */ -@@ -2239,6 +2241,7 @@ main (int argc, char **argv) +@@ -2393,6 +2395,7 @@ main (int argc, char **argv) opt.def_cert_expire = "0"; gnupg_set_homedir (NULL); opt.passphrase_repeat = 1; @@ -32,7 +32,7 @@ opt.emit_version = 0; opt.weak_digests = NULL; additional_weak_digest("MD5"); -@@ -2807,6 +2810,7 @@ main (int argc, char **argv) +@@ -2942,6 +2945,7 @@ main (int argc, char **argv) opt.verify_options&=~VERIFY_SHOW_PHOTOS; break; case oPhotoViewer: opt.photo_viewer = pargs.r.ret_str; break; @@ -40,11 +40,11 @@ case oForceMDC: opt.force_mdc = 1; break; case oNoForceMDC: opt.force_mdc = 0; break; -Index: gnupg-2.1.15/g10/options.h +Index: gnupg-2.1.20/g10/options.h === gnupg-2.1.15.orig/g10/options.h -+++ gnupg-2.1.15/g10/options.h -@@ -212,6 +212,7 @@
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2017-03-18 20:48:59 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is "gpg2" Sat Mar 18 20:48:59 2017 rev:114 rq:479947 version:2.1.19 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2017-03-11 15:18:44.791114549 +0100 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2017-03-18 20:48:59.675104158 +0100 @@ -1,0 +2,7 @@ +Tue Mar 14 20:41:55 UTC 2017 - astie...@suse.com + +- Use stronger defaults for new users, using SHA-2 digest family + for certificates and message signatures - FATE#323084 + adding gnupg-2.1.19-stronger-defaults.patch + +--- New: gnupg-2.1.19-stronger-defaults.patch Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.P6lO6l/_old 2017-03-18 20:49:00.490988574 +0100 +++ /var/tmp/diff_new_pack.P6lO6l/_new 2017-03-18 20:49:00.494988007 +0100 @@ -34,6 +34,7 @@ Patch8: gnupg-set_umask_before_open_outfile.patch Patch9: gnupg-detect_FIPS_mode.patch Patch11:gnupg-add_legacy_FIPS_mode_option.patch +Patch12:gnupg-2.1.19-stronger-defaults.patch BuildRequires: expect BuildRequires: fdupes BuildRequires: libassuan-devel >= 2.4.3 @@ -86,6 +87,7 @@ %patch8 -p1 %patch9 -p1 %patch11 -p1 +%patch12 -p1 %build date=$(date -u +%%Y-%%m-%%dT%%H:%%M+ -r %{SOURCE99}) ++ gnupg-2.1.19-stronger-defaults.patch ++ From: Andreas StiegerDate: Tue, 14 Mar 2017 20:43:20 + Subject; FATE#323084: Stronger GnuPG defaults References: FATE#323084 Upstream: no Index: gnupg-2.1.19/g10/options.skel === --- gnupg-2.1.19.orig/g10/options.skel +++ gnupg-2.1.19/g10/options.skel @@ -137,3 +137,15 @@ # Uncomment the following option to get rid of the copyright notice #no-greeting + +# SUSE recommended output options +with-fingerprint +keyid-format 0xlong +no-emit-version + +# SUSE recommends SHA-2 family of hashes for all +personal-digest-preferences SHA512 SHA384 SHA256 SHA224 +default-preference-list SHA512 SHA384 SHA256 AES256 AES192 AES CAST5 BZIP2 ZLIB ZIP Uncompressed +cert-digest-algo SHA512 +digest-algo SHA512 +
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2017-03-11 15:18:43 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is "gpg2" Sat Mar 11 15:18:43 2017 rev:113 rq:477543 version:2.1.19 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2017-02-03 17:41:27.800750755 +0100 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2017-03-11 15:18:44.791114549 +0100 @@ -1,0 +2,38 @@ +Tue Mar 7 12:55:14 UTC 2017 - astie...@suse.com + +- GnuPG 2.1.19: + * gpg: Print a warning if Tor mode is requested but the Tor +daemon is not running. + * gpg: New status code DECRYPTION_KEY to print the actual private +key used for decryption. + * gpgv: New options --log-file and --debug. + * gpg-agent: Revamp the prompts to ask for card PINs. + * scd: Support for multiple card readers. + * scd: Removed option --debug-disable-ticker. Ticker is used +only when it is required to watch removal of device/card. + * scd: Improved detection of card inserting and removal. + * dirmngr: New option --disable-ipv4. + * dirmngr: New option --no-use-tor to explicitly disable the use +of Tor. + * dirmngr: The option --allow-version-check is now required even +if the option --use-tor is also used. + * dirmngr: Handle a missing nsswitch.conf gracefully. + * dirmngr: Avoid PTR lookups for keyserver pools. The are only +done for the debug command "keyserver --hosttable". + * dirmngr: Rework the internal certificate cache to support +classes of certificates. Load system provided certificates on +startup. + * Add options --tls, --no-crl, and --systrust to the "VALIDATE" +command. + * dirmngr: Add support for the ntbtls library. + * wks: Create mails with a "WKS-Phase" header. Fix detection of +Draft-2 mode. + * Many other bug fixes and new regression tests. +- dirmngr: use system certificate store + +--- +Thu Mar 2 10:12:09 UTC 2017 - jeng...@inai.de + +- Rewrite descriptions + +--- Old: gnupg-2.1.18.tar.bz2 gnupg-2.1.18.tar.bz2.sig New: gnupg-2.1.19.tar.bz2 gnupg-2.1.19.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.NXhMvU/_old 2017-03-11 15:18:46.158920988 +0100 +++ /var/tmp/diff_new_pack.NXhMvU/_new 2017-03-11 15:18:46.162920422 +0100 @@ -17,9 +17,9 @@ Name: gpg2 -Version:2.1.18 +Version:2.1.19 Release:0 -Summary:GnuPG 2 +Summary:File encryption, decryption, signature creation and verification utility License:GPL-3.0+ Group: Productivity/Networking/Security Url:http://www.gnupg.org/aegypten2/ @@ -70,8 +70,11 @@ BuildRoot: %{_tmppath}/%{name}-%{version}-build %description -GnuPG 2 is the successor of "GnuPG" or GPG. It provides: GPGSM, -gpg-agent, and a keybox library. +GnuPG is a hybrid-encryption software program; it uses a combination +of symmetric-key and public-key cryptography to encrypt/decrypt +messages and/or to sign and verify them. + +gpg2 provides GPGSM, gpg-agent, and a keybox library. %lang_package @@ -101,7 +104,8 @@ --enable-large-secmem \ --enable-wks-tools \ --with-gnu-ld \ ---enable-build-timestamp=$date +--with-default-trust-store=/etc/ssl/ca-bundle.pem \ +--enable-build-timestamp=$date \ make %{?_smp_mflags} ++ gnupg-2.1.18.tar.bz2 -> gnupg-2.1.19.tar.bz2 ++ /work/SRC/openSUSE:Factory/gpg2/gnupg-2.1.18.tar.bz2 /work/SRC/openSUSE:Factory/.gpg2.new/gnupg-2.1.19.tar.bz2 differ: char 11, line 1
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2017-02-01 09:48:26 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is "gpg2" Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2017-01-10 10:36:58.378402345 +0100 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2017-02-03 17:41:27.800750755 +0100 @@ -1,0 +2,42 @@ +Tue Jan 24 16:32:04 UTC 2017 - astie...@suse.com + +- GnuPG 2.1.18: + * gpg: Remove bogus subkey signature while cleaning a key (with +export-clean, import-clean, or --edit-key's sub-command clean) + * gpg: Allow freezing the clock with --faked-system-time. + * gpg: New --export-option flag "backup", new --import-option flag +"restore". + * gpg-agent: Fixed long delay due to a regression in the progress +callback code. + * scd: Lots of code cleanup and internal changes. + * scd: Improved the internal CCID driver. + * dirmngr: Fixed problem with the DNS glue code (removal of the +trailing dot in domain names). + * dirmngr: Make sure that Tor is actually enabled after changing the +conf file and sending SIGHUP or "gpgconf --reload dirmngr". + * dirmngr: Fixed Tor access to IPv6 addresses. Note that current +versions of Tor may require that the flag "IPv6Traffic" is used +with the option "SocksPort" in torrc to actually allow IPv6 +traffic. + * dirmngr: Fixed HKP for literally given IPv6 addresses. + * dirmngr: Enabled reverse DNS lookups via Tor. + * dirmngr: Added experimental SRV record lookup for WKD. +See commit 88dc3af3d4ae1afe1d5e136bc4c38bc4e7d4cd10 for details. + * dirmngr: For HKP use "pgpkey-hkps" and "pgpkey-hkp" in SRV record +lookups. Avoid SRV record lookup when a port is explicitly +specified. This fixes a regression from the 1.4 and 2.0 behavior. + * dirmngr: Gracefully handle a missing /etc/nsswitch.conf. Ignore +negation terms (e.g. "[!UNAVAIL=return]" instead of bailing out. + * dirmngr: Better debug output for flags "dns" and "network". + * dirmngr: On reload mark all known HKP servers alive. + * gpgconf: Allow keyword "all" for --launch, --kill, and --reload. + * tools: gpg-wks-client now ignores a missing policy file on the +server. + * Avoid unnecessary ambiguity error message in the option parsing. + * Further improvements of the regression test suite. + * Fixed building with --disable-libdns configure option. + * Fixed a crash running the tests on 32 bit architectures. + * Fixed spurious failures on BSD system in the spawn functions. +This affected for example gpg-wks-client and gpgconf. + +--- Old: gnupg-2.1.17.tar.bz2 gnupg-2.1.17.tar.bz2.sig New: gnupg-2.1.18.tar.bz2 gnupg-2.1.18.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.Vnmgqe/_old 2017-02-03 17:41:28.628633576 +0100 +++ /var/tmp/diff_new_pack.Vnmgqe/_new 2017-02-03 17:41:28.632633010 +0100 @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.1.17 +Version:2.1.18 Release:0 Summary:GnuPG 2 License:GPL-3.0+ ++ gnupg-2.1.17.tar.bz2 -> gnupg-2.1.18.tar.bz2 ++ /work/SRC/openSUSE:Factory/gpg2/gnupg-2.1.17.tar.bz2 /work/SRC/openSUSE:Factory/.gpg2.new/gnupg-2.1.18.tar.bz2 differ: char 11, line 1
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2016-11-22 18:57:36 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is "gpg2" Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2016-09-17 14:32:23.0 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2016-11-22 18:57:37.0 +0100 @@ -1,0 +2,47 @@ +Sat Nov 19 22:07:13 UTC 2016 - astie...@suse.com + +- GnuPG 2.1.16: + * gpg: New algorithm for selecting the best ranked public key when + using a mail address with -r, -R, or --locate-key. + * gpg: New option --with-tofu-info to print a new "tfs" record in + colon formatted key listings. + * gpg: New option --compliance as an alternative way to specify + options like --rfc2440, --rfc4880, et al. + * gpg: Many changes to the TOFU implementation. + * gpg: Improve usability of --quick-gen-key. + * gpg: In --verbose mode print a diagnostic when a pinentry is + launched. + * gpg: Remove code which warns for old versions of gnome-keyring. + * gpg: New option --override-session-key-fd. + * gpg: Option --output does now work with --verify. + * gpgv: New option --output to allow saving the verified data. + * gpgv: New option --enable-special-filenames. + * agent, dirmngr: New --supervised mode for use by systemd and alike. + * agent: By default listen on all available sockets using standard + names. + * agent: Invoke scdaemon with --homedir. + * dirmngr: On Linux now detects the removal of its own socket and + terminates. + * scd: Support ECC key generation. + * scd: Support more card readers. + * dirmngr: New option --allow-version-check to download a software + version database in the background. + * dirmngr: Use system provided CAs if no --hkp-cacert is given. + * dirmngr: Use a default keyserver if none is explicitly set + * gpgconf: New command --query-swdb to check software versions + against an copy of an online database. + * gpgconf: Print the socket directory with --list-dirs. + * tools: The WKS tools now support draft version -02. + * tools: Always build gpg-wks-client and install under libexec. + * tools: New option --supported for gpg-wks-client. + * The log-file option now accepts a value "socket://" to log to the + socket named "S.log" in the standard socket directory. + * Provide fake pinentries for use by tests cases of downstream + developers. + * Fixed many bugs and regressions. + * Many changes and improvements for the test suite. +- drop upstreamed patches: + * 0001-common-Follow-up-to-14479e2-fix-void-return-in-non-v.patch + * gnupg-2.1.15-bsc993324-status-output.patch + +--- Old: 0001-common-Follow-up-to-14479e2-fix-void-return-in-non-v.patch gnupg-2.1.15-bsc993324-status-output.patch gnupg-2.1.15.tar.bz2 gnupg-2.1.15.tar.bz2.sig New: gnupg-2.1.16.tar.bz2 gnupg-2.1.16.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.bDpN3M/_old 2016-11-22 18:57:38.0 +0100 +++ /var/tmp/diff_new_pack.bDpN3M/_new 2016-11-22 18:57:38.0 +0100 @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.1.15 +Version:2.1.16 Release:0 Summary:GnuPG 2 License:GPL-3.0+ @@ -34,8 +34,6 @@ Patch8: gnupg-set_umask_before_open_outfile.patch Patch9: gnupg-detect_FIPS_mode.patch Patch11:gnupg-add_legacy_FIPS_mode_option.patch -Patch12:0001-common-Follow-up-to-14479e2-fix-void-return-in-non-v.patch -Patch13:gnupg-2.1.15-bsc993324-status-output.patch BuildRequires: expect BuildRequires: fdupes BuildRequires: libadns-devel @@ -86,8 +84,6 @@ %patch8 -p1 %patch9 -p1 %patch11 -p1 -%patch12 -p1 -%patch13 -p1 %build date=$(date -u +%%Y-%%m-%%dT%%H:%%M+ -r %{SOURCE99}) ++ gnupg-2.1.15.tar.bz2 -> gnupg-2.1.16.tar.bz2 ++ 336691 lines of diff (skipped)
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2016-09-17 14:32:21 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is "gpg2" Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2016-08-31 00:00:38.0 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2016-09-17 14:32:23.0 +0200 @@ -1,0 +2,17 @@ +Tue Sep 13 13:50:52 UTC 2016 - astie...@suse.com + +- avoid mixing up status and colon line output - bsc#993324 + add gnupg-2.1.15-bsc993324-status-output.patch + +--- +Thu Sep 1 08:23:28 UTC 2016 - astie...@suse.com + +- enable web key discovery tools + +--- +Wed Aug 31 13:06:28 UTC 2016 - astie...@suse.com + +- Add an explicit runtime dependency on libgcrypt >= 1.7.0 to + match runtime version check + +--- New: gnupg-2.1.15-bsc993324-status-output.patch Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.OKCpLo/_old 2016-09-17 14:32:24.0 +0200 +++ /var/tmp/diff_new_pack.OKCpLo/_new 2016-09-17 14:32:24.0 +0200 @@ -35,12 +35,11 @@ Patch9: gnupg-detect_FIPS_mode.patch Patch11:gnupg-add_legacy_FIPS_mode_option.patch Patch12:0001-common-Follow-up-to-14479e2-fix-void-return-in-non-v.patch +Patch13:gnupg-2.1.15-bsc993324-status-output.patch BuildRequires: expect BuildRequires: fdupes BuildRequires: libadns-devel BuildRequires: libassuan-devel >= 2.4.3 -# patch11 (gnupg-add_legacy_FIPS_mode_option.patch) mentions GCRYCTL_INACTIVATE_FIPS_FLAG -# raising gcrypt requirement from 1.4.0 BuildRequires: libgcrypt-devel >= 1.7.0 BuildRequires: libgpg-error-devel >= 1.24 BuildRequires: libksba-devel >= 1.3.4 @@ -56,7 +55,9 @@ BuildRequires: pkgconfig(sqlite3) >= 3.7 BuildRequires: pkgconfig(zlib) # Add an explicit runtime dependency to match boo#955982 -Requires: libassuan0 >= 2.4.1 +Requires: libassuan0 >= 2.4.3 +# Explicit runtime depencency - runtime version check +Requires: libgcrypt20 >= 1.7.0 Requires: pinentry # FIXME: use proper Requires(pre/post/preun/...) PreReq: %{install_info_prereq} @@ -86,6 +87,7 @@ %patch9 -p1 %patch11 -p1 %patch12 -p1 +%patch13 -p1 %build date=$(date -u +%%Y-%%m-%%dT%%H:%%M+ -r %{SOURCE99}) @@ -102,6 +104,7 @@ --enable-gpgtar \ --enable-g13 \ --enable-large-secmem \ +--enable-wks-tools \ --with-gnu-ld \ --enable-build-timestamp=$date ++ gnupg-2.1.15-bsc993324-status-output.patch ++ >From 31fc420727f45dd081f8ad5d056da6675dad29f2 Mon Sep 17 00:00:00 2001 From: Werner KochDate: Mon, 12 Sep 2016 17:42:50 +0200 Subject: [PATCH] gpg: Avoid mixing up status and colon line output. * g10/keylist.c (list_keyblock_colon): Avoid calling functions which trigger a status line output before having printed a LF. -- Status lines like KEY_CONSIDERED and KEYEPXIRED were messing up the colons output, like here: pub:[GNUPG:] KEY_CONSIDERED 94A5C9A03C2FE5CA3B095D8E1FDF723CF46[...] Reported-by: Andreas Stieger Signed-off-by: Werner Koch --- This version of the patch backported onto the 2.1.15 tag -- astie...@suse.com --- g10/keylist.c | 83 +-- 1 file changed, 47 insertions(+), 36 deletions(-) Index: gnupg-2.1.15/g10/keylist.c === --- gnupg-2.1.15.orig/g10/keylist.c 2016-09-13 15:40:30.178482877 +0200 +++ gnupg-2.1.15/g10/keylist.c 2016-09-13 15:45:53.605670795 +0200 @@ -1183,9 +1183,10 @@ list_keyblock_colon (ctrl_t ctrl, kbnode PKT_public_key *pk; u32 keyid[2]; int trustletter = 0; + int trustletter_print; + int ownertrust_print; int ulti_hack = 0; int i; - char *p; char *hexgrip_buffer = NULL; const char *hexgrip = NULL; char *serialno = NULL; @@ -1217,31 +1218,38 @@ list_keyblock_colon (ctrl_t ctrl, kbnode stubkey = 1; /* Key not found. */ keyid_from_pk (pk, keyid); - es_fputs (secret? "sec:":"pub:", es_stdout); if (!pk->flags.valid) -es_putc ('i', es_stdout); +trustletter_print = 'i'; else if (pk->flags.revoked) -es_putc ('r', es_stdout); +trustletter_print = 'r'; else if (pk->has_expired) -es_putc ('e', es_stdout); +trustletter_print = 'e'; else if (opt.fast_list_mode || opt.no_expensive_trust_checks) -; +trustletter_print = 0; else { trustletter =
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2016-08-31 00:00:37 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is "gpg2" Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2016-08-06 20:36:25.0 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2016-08-31 00:00:38.0 +0200 @@ -1,0 +2,71 @@ +Fri Aug 19 21:22:22 UTC 2016 - astie...@suse.com + +- GnuPG 2.1.15: + * gpg: Remove the --tofu-db-format option and support for the + split TOFU database. + * gpg: Add option --sender to prepare for coming features. + * gpg: Add option --input-size-hint to help progress indicators. + * gpg: Extend the PROGRESS status line with the counted unit. + * gpg: Avoid publishing the GnuPG version by default with --armor. + * gpg: Properly ignore legacy keys in the keyring cache. + * gpg: Always print fingerprint records in --with-colons mode. + * gpg: Make sure that keygrips are printed for each subkey in + --with-colons mode. + * gpg: New import filter "drop-sig". + * gpgsm: Fix a bug in the machine-readable key listing. + * gpg,gpgsm: Block signals during keyring updates to limits the + effects of a Ctrl-C at the wrong time. + * g13: Add command --umount and other fixes for dm-crypt. + * agent: Fix regression in SIGTERM handling. + * agent: Cleanup of the ssh-agent code. + * agent: Allow import of overly long keys. + * scd: Fix problems with card removal. + * dirmngr: Remove all code for running as a system service. + * tools: Make gpg-wks-client conforming to the specs. + * tests: Improve the output of the new regression test tool. + * tests: Distribute the standalone test runner. + * tests: Run each test in a clean environment. + * Spelling and grammar fixes. +- fix build error, adding + 0001-common-Follow-up-to-14479e2-fix-void-return-in-non-v.patch + +--- +Sun Aug 14 14:12:40 UTC 2016 - astie...@suse.com + +- GnuPG 2.1.14: + * gpg: Removed options --print-dane-records and --print-pka-records. +The new export options "export-pka" and "export-dane" can instead +be used with the export command. + * gpg: New options --import-filter and --export-filter. + * gpg: New import options "import-show" and "import-export". + * gpg: New option --no-keyring. + * gpg: New command --quick-revuid. + * gpg: New options -f/--recipient-file and -F/--hidden-recipient-file +to directly specify encryption keys. + * gpg: New option --mimemode to indicate that the content is a MIME +part. Does only enable --textmode right now. + * gpg: New option --rfc4880bis to allow experiments with proposed +changes to the current OpenPGP specs. + * gpg: Fix regression in the "fetch" sub-command of --card-edit. + * gpg: Fix regression since 2.1 in option --try-all-secrets. + * gpgv: Change default options for extra security. + * gpgsm: No more root certificates are installed by default. + * agent: "updatestartuptty" does now affect more environment +variables. + * scd: The option --homedir does now work with scdaemon. + * scd: Support some more GEMPlus card readers. + * gpgtar: Fix handling of '-' as file name. + * gpgtar: New commands --create and --extract. + * gpgconf: Tweak for --list-dirs to better support shell scripts. + * tools: Add programs gpg-wks-client and gpg-wks-server to implement +a Web Key Service. The configure option --enable-wks-tools is +required to build them; they should be considered Beta software. + * tests: Complete rework of the openpgp part of the test suite. The +test scripts have been changed from Bourne shell scripts to Scheme +programs. A customized scheme interpreter (gpgscm) is included. +This change was triggered by the need to run the test suite on +non-Unix platforms. + * The rendering of the man pages has been improved. +- drop upstream gnupg-make_--try-all-secrets_work.patch + +--- Old: gnupg-2.1.13.tar.bz2 gnupg-2.1.13.tar.bz2.sig gnupg-make_--try-all-secrets_work.patch New: 0001-common-Follow-up-to-14479e2-fix-void-return-in-non-v.patch gnupg-2.1.15.tar.bz2 gnupg-2.1.15.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.MbMIeW/_old 2016-08-31 00:00:40.0 +0200 +++ /var/tmp/diff_new_pack.MbMIeW/_new 2016-08-31 00:00:40.0 +0200 @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.1.13 +Version:2.1.15 Release:0 Summary:GnuPG 2 License:GPL-3.0+ @@ -34,18 +34,18 @@ Patch8:
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2016-08-06 20:36:23 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is "gpg2" Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2016-07-09 09:17:32.0 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2016-08-06 20:36:25.0 +0200 @@ -1,0 +2,15 @@ +Thu Aug 4 12:17:14 UTC 2016 - tchva...@suse.com + +- Fix date call as the curlified parameter for sure are not parsed + correctly by escaping it with % + +--- +Wed Aug 3 11:56:58 UTC 2016 - astie...@suse.com + +- Fix upstream bug 1985: --try-all-secrets doesn't work when + decrypting messages encrypted with --hidden-recipient, fixes unit + tests of the duplicity package. + Adding gnupg-make_--try-all-secrets_work.patch +- record the fact that gpg-error 1.21 is required + +--- New: gnupg-make_--try-all-secrets_work.patch Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.jke44S/_old 2016-08-06 20:36:26.0 +0200 +++ /var/tmp/diff_new_pack.jke44S/_new 2016-08-06 20:36:26.0 +0200 @@ -34,6 +34,7 @@ Patch8: gnupg-set_umask_before_open_outfile.patch Patch9: gnupg-detect_FIPS_mode.patch Patch11:gnupg-add_legacy_FIPS_mode_option.patch +Patch12:gnupg-make_--try-all-secrets_work.patch BuildRequires: expect BuildRequires: fdupes BuildRequires: libadns-devel @@ -41,7 +42,7 @@ # patch11 (gnupg-add_legacy_FIPS_mode_option.patch) mentions GCRYCTL_INACTIVATE_FIPS_FLAG # raising gcrypt requirement from 1.4.0 BuildRequires: libgcrypt-devel >= 1.6.1 -BuildRequires: libgpg-error-devel >= 1.16 +BuildRequires: libgpg-error-devel >= 1.21 BuildRequires: libksba-devel >= 1.2.0 BuildRequires: makeinfo BuildRequires: npth-devel >= 0.91 @@ -84,9 +85,10 @@ %patch8 -p1 %patch9 -p1 %patch11 -p1 +%patch12 -p1 %build -date=$(date -u +%{Y}-%{m}-%{dT}%{H}:%{M}+ -r %{SOURCE99}) +date=$(date -u +%%Y-%%m-%%dT%%H:%%M+ -r %{SOURCE99}) %configure \ --libexecdir=%{_libdir} \ --docdir=%{_docdir}/%{name} \ ++ gnupg-make_--try-all-secrets_work.patch ++ >From 82b90eee100cf1c9680517059b2d35e295dd992a Mon Sep 17 00:00:00 2001 From: Daiki UenoDate: Tue, 18 Aug 2015 16:57:44 +0900 Subject: [PATCH] gpg: Make --try-all-secrets work for hidden recipients Upstream: committed * g10/getkey.c (enum_secret_keys): Really enumerate all secret keys if --try-all-secrets is specified. -- GnuPG-bug-id: 1985 Signed-off-by: Daiki Ueno - Add new arg CTRL to getkey_byname call. Signed-off-by: Werner Koch --- g10/getkey.c | 60 ++-- 1 file changed, 50 insertions(+), 10 deletions(-) On openSUSE, this fixes the unit tests of the duplicity package. diff --git a/g10/getkey.c b/g10/getkey.c index 90fd175..3fe8274 100644 --- a/g10/getkey.c +++ b/g10/getkey.c @@ -3555,6 +3555,7 @@ enum_secret_keys (ctrl_t ctrl, void **context, PKT_public_key *sk) { gpg_error_t err = 0; const char *name; + kbnode_t keyblock; struct { int eof; @@ -3562,6 +3563,7 @@ enum_secret_keys (ctrl_t ctrl, void **context, PKT_public_key *sk) strlist_t sl; kbnode_t keyblock; kbnode_t node; +getkey_ctx_t ctx; } *c = *context; if (!c) @@ -3577,6 +3579,7 @@ enum_secret_keys (ctrl_t ctrl, void **context, PKT_public_key *sk) { /* Free the context. */ release_kbnode (c->keyblock); + getkey_end (c->ctx); xfree (c); *context = NULL; return 0; @@ -3594,6 +3597,7 @@ enum_secret_keys (ctrl_t ctrl, void **context, PKT_public_key *sk) do { name = NULL; + keyblock = NULL; switch (c->state) { case 0: /* First try to use the --default-key. */ @@ -3616,24 +3620,60 @@ enum_secret_keys (ctrl_t ctrl, void **context, PKT_public_key *sk) c->state++; break; +case 3: /* Init search context to try all keys. */ + if (opt.try_all_secrets) +{ + err = getkey_bynames (>ctx, NULL, NULL, 1, ); + if (err) +{ + release_kbnode (keyblock); + keyblock = NULL; + getkey_end (c->ctx); + c->ctx = NULL; +} +
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2016-07-09 09:17:21 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is "gpg2" Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2016-06-07 23:43:38.0 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2016-07-09 09:17:32.0 +0200 @@ -1,0 +2,31 @@ +Thu Jun 16 20:21:39 UTC 2016 - astie...@suse.com + +- GnuPG 2.1.13: + * gpg: New command --quick-addkey. Extend the --quick-gen-key + command. + * gpg: New --keyid-format "none" which is now also the default. + * gpg: New option --with-subkey-fingerprint. + * gpg: Include Signer's UID subpacket in signatures if the secret key + has been specified using a mail address and the new option + --disable-signer-uid is not used. + * gpg: Allow unattended deletion of a secret key. + * gpg: Allow export of non-passphrase protected secret keys. + * gpg: New status lines KEY_CONSIDERED and NOTATION_FLAGS. + * gpg: Change status line TOFU_STATS_LONG to use '~' as + a non-breaking-space character. + * gpg: Speedup key listings in Tofu mode. + * gpg: Make sure that the current and total values of a PROGRESS + status line are small enough. + * gpgsm: Allow the use of AES192 and SERPENT ciphers. + * dirmngr: Adjust WKD lookup to current specs. + * dirmngr: Fallback to LDAP v3 if v2 is is not supported. + * gpgconf: New commands --create-socketdir and --remove-socketdir, + new option --homedir. + * If a /run/user/$UID directory exists, that directory is now used + for IPC sockets instead of the GNUPGHOME directory. This fixes + problems with NFS and too long socket names and thus avoids the + need for redirection files. + * Speedup fd closing after a fork. +- drop upstreamed gnupg-fix-signature-checking.patch + +--- Old: gnupg-2.1.12.tar.bz2 gnupg-2.1.12.tar.bz2.sig gnupg-fix-signature-checking.patch New: gnupg-2.1.13.tar.bz2 gnupg-2.1.13.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.WxvJ77/_old 2016-07-09 09:17:35.0 +0200 +++ /var/tmp/diff_new_pack.WxvJ77/_new 2016-07-09 09:17:35.0 +0200 @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.1.12 +Version:2.1.13 Release:0 Summary:GnuPG 2 License:GPL-3.0+ @@ -34,7 +34,6 @@ Patch8: gnupg-set_umask_before_open_outfile.patch Patch9: gnupg-detect_FIPS_mode.patch Patch11:gnupg-add_legacy_FIPS_mode_option.patch -Patch12:gnupg-fix-signature-checking.patch BuildRequires: expect BuildRequires: fdupes BuildRequires: libadns-devel @@ -85,7 +84,6 @@ %patch8 -p1 %patch9 -p1 %patch11 -p1 -%patch12 -p1 %build date=$(date -u +%{Y}-%{m}-%{dT}%{H}:%{M}+ -r %{SOURCE99}) ++ gnupg-2.0.18-files-are-digests.patch ++ --- /var/tmp/diff_new_pack.WxvJ77/_old 2016-07-09 09:17:35.0 +0200 +++ /var/tmp/diff_new_pack.WxvJ77/_new 2016-07-09 09:17:35.0 +0200 @@ -4,11 +4,11 @@ g10/sign.c| 68 -- 3 files changed, 67 insertions(+), 6 deletions(-) -Index: gnupg-2.1.10/g10/gpg.c +Index: gnupg-2.1.13/g10/gpg.c === gnupg-2.1.10.orig/g10/gpg.c2015-12-04 14:25:25.749577555 +0100 -+++ gnupg-2.1.10/g10/gpg.c 2015-12-04 14:26:04.777192262 +0100 -@@ -355,6 +355,7 @@ enum cmd_and_opt_values +--- gnupg-2.1.13.orig/g10/gpg.c gnupg-2.1.13/g10/gpg.c +@@ -358,6 +358,7 @@ enum cmd_and_opt_values oTTYtype, oLCctype, oLCmessages, @@ -16,7 +16,7 @@ oXauthority, oGroup, oUnGroup, -@@ -757,6 +758,7 @@ static ARGPARSE_OPTS opts[] = { +@@ -770,6 +771,7 @@ static ARGPARSE_OPTS opts[] = { ARGPARSE_s_s (oWeakDigest, "weak-digest","@"), ARGPARSE_s_n (oUnwrap, "unwrap", "@"), ARGPARSE_s_n (oOnlySignTextIDs, "only-sign-text-ids", "@"), @@ -24,15 +24,15 @@ /* Aliases. I constantly mistype these, and assume other people do as well. */ -@@ -2483,6 +2485,7 @@ main (int argc, char **argv) +@@ -2247,6 +2249,7 @@ main (int argc, char **argv) opt.def_cert_expire = "0"; - set_homedir (default_homedir ()); + gnupg_set_homedir (NULL); opt.passphrase_repeat = 1; +opt.files_are_digests=0; opt.emit_version = 1; /* Limit to the major number. */ opt.weak_digests = NULL; additional_weak_digest("MD5"); -@@ -3022,6 +3025,7 @@ main (int argc, char **argv) +@@ -2797,6 +2800,7 @@ main (int argc, char **argv)
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2016-06-07 23:43:36 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is "gpg2" Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2016-05-17 17:07:02.0 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2016-06-07 23:43:38.0 +0200 @@ -1,0 +2,6 @@ +Thu Jun 2 16:01:40 UTC 2016 - pjano...@suse.de + +- add gnupg-fix-signature-checking.patch (bsc#981020) + https://bugs.gnupg.org/gnupg/issue2351 + +--- New: gnupg-fix-signature-checking.patch Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.O0ykhB/_old 2016-06-07 23:43:39.0 +0200 +++ /var/tmp/diff_new_pack.O0ykhB/_new 2016-06-07 23:43:39.0 +0200 @@ -34,6 +34,7 @@ Patch8: gnupg-set_umask_before_open_outfile.patch Patch9: gnupg-detect_FIPS_mode.patch Patch11:gnupg-add_legacy_FIPS_mode_option.patch +Patch12:gnupg-fix-signature-checking.patch BuildRequires: expect BuildRequires: fdupes BuildRequires: libadns-devel @@ -84,6 +85,7 @@ %patch8 -p1 %patch9 -p1 %patch11 -p1 +%patch12 -p1 %build date=$(date -u +%{Y}-%{m}-%{dT}%{H}:%{M}+ -r %{SOURCE99}) ++ gnupg-fix-signature-checking.patch ++ >From 83a90a916e8e2f8e44c3b11d11e1dd75f65a87fb Mon Sep 17 00:00:00 2001 From: NIIBE YutakaDate: Wed, 11 May 2016 19:27:03 +0900 Subject: [PATCH] g10: Fix signature checking. * g10/sig-check.c (check_signature_over_key_or_uid): Fix call to walk_kbnode. -- Thanks to Vincent Brillault (Feandil). GnuPG-bug-id: 2351 Signed-off-by: NIIBE Yutaka --- g10/sig-check.c | 13 + 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/g10/sig-check.c b/g10/sig-check.c index 290f19a..7000b48 100644 --- a/g10/sig-check.c +++ b/g10/sig-check.c @@ -797,15 +797,20 @@ check_signature_over_key_or_uid (PKT_public_key *signer, *is_selfsig = 1; } else -/* See if one of the subkeys was the signer (although this is - extremely unlikely). */ { kbnode_t ctx = NULL; kbnode_t n; - while ((n = walk_kbnode (kb, , PKT_PUBLIC_SUBKEY))) + /* See if one of the subkeys was the signer (although this + is extremely unlikely). */ + while ((n = walk_kbnode (kb, , 0))) { - PKT_public_key *subk = n->pkt->pkt.public_key; + PKT_public_key *subk; + + if (n->pkt->pkttype != PKT_PUBLIC_SUBKEY) +continue; + + subk = n->pkt->pkt.public_key; if (sig->keyid[0] == subk->keyid[0] && sig->keyid[1] == subk->keyid[1]) /* Issued by a subkey. */ -- 2.8.0.rc3
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2016-05-17 17:07:00 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is "gpg2" Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2016-03-09 15:16:28.0 +0100 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2016-05-17 17:07:02.0 +0200 @@ -1,0 +2,31 @@ +Wed May 4 15:37:12 UTC 2016 - astie...@suse.com + +- GnuPG 2.1.12: + * gpg: New --edit-key sub-command "change-usage" for testing + purposes. + * gpg: Out of order key-signatures are now systematically detected + and fixed by --edit-key. + * gpg: Improved detection of non-armored messages. + * gpg: Removed the extra prompt needed to create Curve25519 keys. + * gpg: Improved user ID selection for --quick-sign-key. + * gpg: Use the root CAs provided by the system with --fetch-key. + * gpg: Add support for the experimental Web Key Directory key + location service. + * gpg: Improve formatting of Tofu messages and emit new Tofu specific + status lines. + * gpgsm: Add option --pinentry-mode to support a loopback pinentry. + * gpgsm: A new pubring.kbx is now created with the header blob so + that gpg can detect that the keybox format needs to be used. + * agent: Add read support for the new private key protection format + openpgp-s2k-ocb-aes. + * agent: Add read support for the new extended private key format. + * agent: Default to --allow-loopback-pinentry and add option + --no-allow-loopback-pinentry. + * scd: Changed to use the new libusb 1.0 API for the internal CCID + driver. + * dirmngr: The dirmngr-client does now auto-detect the PEM format. + * g13: Add experimental support for dm-crypt. + * The man pages for gpg and gpgv are now installed under the correct + name (gpg2 or gpg - depending on a configure option). + +--- Old: gnupg-2.1.11.tar.bz2 gnupg-2.1.11.tar.bz2.sig New: gnupg-2.1.12.tar.bz2 gnupg-2.1.12.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.wjUbny/_old 2016-05-17 17:07:03.0 +0200 +++ /var/tmp/diff_new_pack.wjUbny/_new 2016-05-17 17:07:03.0 +0200 @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.1.11 +Version:2.1.12 Release:0 Summary:GnuPG 2 License:GPL-3.0+ @@ -157,6 +157,7 @@ %{_libdir}/[^d]* %{_sbindir}/addgnupghome %{_sbindir}/applygnupgdefaults +%{_sbindir}/g13-syshelp %{_datadir}/gnupg %dir %{_sysconfdir}/gnupg %config(noreplace) %{_sysconfdir}/gnupg/gpgconf.conf ++ gnupg-2.1.11.tar.bz2 -> gnupg-2.1.12.tar.bz2 ++ 265232 lines of diff (skipped) ++ gnupg-set_umask_before_open_outfile.patch ++ --- /var/tmp/diff_new_pack.wjUbny/_old 2016-05-17 17:07:07.0 +0200 +++ /var/tmp/diff_new_pack.wjUbny/_new 2016-05-17 17:07:07.0 +0200 @@ -1,16 +1,16 @@ -Index: gnupg-2.1.10/g10/plaintext.c +Index: gnupg-2.1.12/g10/plaintext.c === gnupg-2.1.10.orig/g10/plaintext.c 2015-11-30 17:39:52.0 +0100 -+++ gnupg-2.1.10/g10/plaintext.c 2015-12-04 14:26:56.876677813 +0100 -@@ -25,6 +25,7 @@ +--- gnupg-2.1.12.orig/g10/plaintext.c 2016-05-04 11:43:16.0 +0200 gnupg-2.1.12/g10/plaintext.c 2016-05-04 17:36:13.945784756 +0200 +@@ -24,6 +24,7 @@ + #include #include - #include #include +#include #ifdef HAVE_DOSISH_SYSTEM # include /* for setmode() */ #endif -@@ -39,6 +40,9 @@ +@@ -38,6 +39,9 @@ #include "status.h" #include "i18n.h" @@ -20,7 +20,7 @@ /* Get the output filename. On success, the actual filename that is used is set in *FNAMEP and a filepointer is returned in *FP. -@@ -146,11 +150,15 @@ get_output_file (const byte *embedded_na +@@ -145,11 +149,15 @@ get_output_file (const byte *embedded_na log_error (_("error creating '%s': %s\n"), fname, gpg_strerror (err)); goto leave; }
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2016-03-09 15:16:27 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is "gpg2" Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2016-01-28 17:20:07.0 +0100 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2016-03-09 15:16:28.0 +0100 @@ -1,0 +2,36 @@ +Sun Mar 6 08:17:00 UTC 2016 - astie...@suse.com + +- GnuPG 2.1.11: + * gpg: New command --export-ssh-key to replace the gpgkey2ssh tool. + * gpg: Allow to generate mail address only keys with --gen-key. + * gpg: "--list-options show-usage" is now the default. + * gpg: Make lookup of DNS CERT records holding an URL work. + * gpg: Emit PROGRESS status lines during key generation. + * gpg: Don't check for ambigious or non-matching key specification in + the config file or given to --encrypt-to. This feature will return + in 2.3.x. + * gpg: Lock keybox files while updating them. + * gpg: Fix possible keyring corruption. (bug#2193) + * gpg: Fix regression of "bkuptocard" sub-command in --edit-key and + remove "checkbkupkey" sub-command introduced with 2.1. (bug#2169) + * gpg: Fix internal error in gpgv when using default keyid-format. + * gpg: Fix --auto-key-retrieve to work with dirmngr.conf configured + keyservers. (bug#2147). + * agent: New option --pinentry-timeout. + * scd: Fix regression for generating RSA keys on card. + * dirmmgr: All configured keyservers are now searched. + * dirmngr: Install CA certificate for hkps.pool.sks-keyservers.net. + Use this certiticate even if --hkp-cacert is not used. + * gpgtar: Add actual encryption code. gpgtar does now fully replace + gpg-zip. + * gpgtar: Fix filename encoding problem on Windows. + * Print a warning if a GnuPG component is using an older version of + gpg-agent, dirmngr, or scdaemon. +- disable running test which no longer work +- remove 0001-gpg-Improve-the-keyblock-cache-s-transparency.patch + is now upstream +- the PIE options are implemented in the upstream build, and spec + code broke the build. The only remaining broken executable was + gpgsplit, which was removed from the package + +--- Old: 0001-gpg-Improve-the-keyblock-cache-s-transparency.patch gnupg-2.1.10.tar.bz2 gnupg-2.1.10.tar.bz2.sig New: gnupg-2.1.11.tar.bz2 gnupg-2.1.11.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.PpUcLP/_old 2016-03-09 15:16:30.0 +0100 +++ /var/tmp/diff_new_pack.PpUcLP/_new 2016-03-09 15:16:30.0 +0100 @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.1.10 +Version:2.1.11 Release:0 Summary:GnuPG 2 License:GPL-3.0+ @@ -34,7 +34,6 @@ Patch8: gnupg-set_umask_before_open_outfile.patch Patch9: gnupg-detect_FIPS_mode.patch Patch11:gnupg-add_legacy_FIPS_mode_option.patch -Patch12:0001-gpg-Improve-the-keyblock-cache-s-transparency.patch BuildRequires: expect BuildRequires: fdupes BuildRequires: libadns-devel @@ -85,18 +84,8 @@ %patch8 -p1 %patch9 -p1 %patch11 -p1 -%patch12 -p1 %build -# build PIEs (position independent executables) for address space randomisation: -%ifarch s390x %{sparc} -# s390x needs to use the large PIE model (at least for gpg.c): -PIE="-fPIE" -%else -PIE="-fpie" -%endif -export CFLAGS="%{optflags} ${PIE}" -export LDFLAGS=-pie date=$(date -u +%{Y}-%{m}-%{dT}%{H}:%{M}+ -r %{SOURCE99}) %configure \ --libexecdir=%{_libdir} \ @@ -138,7 +127,7 @@ mv %{buildroot}%{_libdir}/dirmngr_ldap %{buildroot}%{_bindir} # install legacy tools install -m 755 tools/gpg-zip %{buildroot}/%{_bindir} -install -m 755 tools/gpgsplit %{buildroot}/%{_bindir} +# install -m 755 tools/gpgsplit %{buildroot}/%{_bindir} %find_lang gnupg2 %if 0%{?suse_version} > 1020 @@ -146,9 +135,9 @@ %endif %check -%if ! 0%{?qemu_user_space_build} -make %{?_smp_mflags} check -%endif +# %if ! 0%{?qemu_user_space_build} +# make %{?_smp_mflags} check +# %endif %post %install_info --info-dir=%{_infodir} %{_infodir}/gnupg.info.gz ++ gnupg-2.1.10.tar.bz2 -> gnupg-2.1.11.tar.bz2 ++ 236198 lines of diff (skipped)
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2016-01-28 17:20:05 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is "gpg2" Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2015-12-25 13:05:57.0 +0100 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2016-01-28 17:20:07.0 +0100 @@ -1,0 +2,13 @@ +Tue Jan 26 20:23:18 UTC 2016 - astie...@suse.com + +- add g13, an experimental tool for accessing encrypted storage + with with GnuPG (cards) + +--- +Tue Jan 19 13:56:58 UTC 2016 - vci...@suse.com + +- fix fingerprint ambiguity (bsc#958891) + * https://bugs.gnupg.org/gnupg/issue2198 + * add 0001-gpg-Improve-the-keyblock-cache-s-transparency.patch + +--- New: 0001-gpg-Improve-the-keyblock-cache-s-transparency.patch Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.s5oMeC/_old 2016-01-28 17:20:08.0 +0100 +++ /var/tmp/diff_new_pack.s5oMeC/_new 2016-01-28 17:20:08.0 +0100 @@ -1,7 +1,7 @@ # # spec file for package gpg2 # -# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -34,6 +34,7 @@ Patch8: gnupg-set_umask_before_open_outfile.patch Patch9: gnupg-detect_FIPS_mode.patch Patch11:gnupg-add_legacy_FIPS_mode_option.patch +Patch12:0001-gpg-Improve-the-keyblock-cache-s-transparency.patch BuildRequires: expect BuildRequires: fdupes BuildRequires: libadns-devel @@ -84,6 +85,7 @@ %patch8 -p1 %patch9 -p1 %patch11 -p1 +%patch12 -p1 %build # build PIEs (position independent executables) for address space randomisation: @@ -107,7 +109,7 @@ --enable-gpgsm=yes \ --enable-gpg \ --enable-gpgtar \ ---enable-large-rsa \ +--enable-g13 \ --enable-large-secmem \ --with-gnu-ld \ --enable-build-timestamp=$date ++ 0001-gpg-Improve-the-keyblock-cache-s-transparency.patch ++ >From 2e4e10c1dcd8dfeafec51f44ebf26acfeb770c41 Mon Sep 17 00:00:00 2001 From: "Neal H. Walfield"Date: Tue, 15 Dec 2015 12:21:30 +0100 Subject: [PATCH] gpg: Improve the keyblock cache's transparency. * kbx/keybox-search.c (keybox_offset): New function. * g10/keydb.c (struct keyblock_cache): Add fields resource and offset. (keyblock_cache_clear): Reset HD->KEYBLOCK_CACHE.RESOURCE and HD->KEYBLOCK_CACHE.OFFSET. (keydb_search): Don't use the cached result if it comes before the current file position. When caching an entry, also record the position at which it was found. -- Signed-off-by: Neal H. Walfield GnuPG-bug-id: 2187 --- g10/keydb.c | 19 ++- kbx/keybox-search.c | 8 kbx/keybox.h| 2 ++ 3 files changed, 28 insertions(+), 1 deletion(-) diff --git a/g10/keydb.c b/g10/keydb.c index d7c35de..860187f 100644 --- a/g10/keydb.c +++ b/g10/keydb.c @@ -81,6 +81,9 @@ struct keyblock_cache { u32 *sigstatus; int pk_no; int uid_no; + /* Offset of the record in the keybox. */ + int resource; + off_t offset; }; @@ -245,6 +248,8 @@ keyblock_cache_clear (struct keydb_handle *hd) hd->keyblock_cache.sigstatus = NULL; iobuf_close (hd->keyblock_cache.iobuf); hd->keyblock_cache.iobuf = NULL; + hd->keyblock_cache.resource = -1; + hd->keyblock_cache.offset = -1; } @@ -1701,7 +1706,13 @@ keydb_search (KEYDB_HANDLE hd, KEYDB_SEARCH_DESC *desc, && (desc[0].mode == KEYDB_SEARCH_MODE_FPR20 || desc[0].mode == KEYDB_SEARCH_MODE_FPR) && hd->keyblock_cache.state == KEYBLOCK_CACHE_FILLED - && !memcmp (hd->keyblock_cache.fpr, desc[0].u.fpr, 20)) + && !memcmp (hd->keyblock_cache.fpr, desc[0].u.fpr, 20) + /* Make sure the current file position occurs before the cached + result to avoid an infinite loop. */ + && (hd->current < hd->keyblock_cache.resource + || (hd->current == hd->keyblock_cache.resource + && (keybox_offset (hd->active[hd->current].u.kb) + <= hd->keyblock_cache.offset { /* (DESCINDEX is already set). */ if (DBG_CLOCK) @@ -1772,6 +1783,12 @@ keydb_search (KEYDB_HANDLE hd, KEYDB_SEARCH_DESC *desc, && hd->active[hd->current].type == KEYDB_RESOURCE_TYPE_KEYBOX) { hd->keyblock_cache.state = KEYBLOCK_CACHE_PREPARED; + hd->keyblock_cache.resource =
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2015-12-25 13:05:41 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is "gpg2" Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2015-12-09 22:18:33.0 +0100 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2015-12-25 13:05:57.0 +0100 @@ -1,0 +2,5 @@ +Sun Dec 6 14:14:45 UTC 2015 - p.drou...@gmail.com + +- Move to pkgconfig() packaging style + +--- Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.EYA77i/_old 2015-12-25 13:05:59.0 +0100 +++ /var/tmp/diff_new_pack.EYA77i/_new 2015-12-25 13:05:59.0 +0100 @@ -36,24 +36,24 @@ Patch11:gnupg-add_legacy_FIPS_mode_option.patch BuildRequires: expect BuildRequires: fdupes -BuildRequires: gnutls-devel >= 3.0 BuildRequires: libadns-devel BuildRequires: libassuan-devel >= 2.4.1 -BuildRequires: libbz2-devel -BuildRequires: libcurl-devel >= 7.10 # patch11 (gnupg-add_legacy_FIPS_mode_option.patch) mentions GCRYCTL_INACTIVATE_FIPS_FLAG # raising gcrypt requirement from 1.4.0 BuildRequires: libgcrypt-devel >= 1.6.1 BuildRequires: libgpg-error-devel >= 1.16 BuildRequires: libksba-devel >= 1.2.0 -BuildRequires: libusb-devel BuildRequires: makeinfo BuildRequires: npth-devel >= 0.91 BuildRequires: openldap2-devel BuildRequires: pkg-config BuildRequires: readline-devel -BuildRequires: sqlite3-devel >= 3.7 -BuildRequires: zlib-devel +BuildRequires: pkgconfig(bzip2) +BuildRequires: pkgconfig(gnutls) >= 3.0 +BuildRequires: pkgconfig(libcurl) >= 7.10 +BuildRequires: pkgconfig(libusb-1.0) +BuildRequires: pkgconfig(sqlite3) >= 3.7 +BuildRequires: pkgconfig(zlib) # Add an explicit runtime dependency to match boo#955982 Requires: libassuan0 >= 2.4.1 Requires: pinentry
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2015-12-09 20:33:47 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is "gpg2" Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2015-12-01 09:16:52.0 +0100 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2015-12-09 22:18:33.0 +0100 @@ -1,0 +2,38 @@ +Fri Dec 4 13:35:40 UTC 2015 - astie...@suse.com + +- GnuPG 2.1.10 adds TOFU (Trust-On-First-USe) and anonymous key + retrival via Tor. + * gpg: New trust models "tofu" and "tofu+pgp". + * gpg: New command --tofu-policy. New options --tofu-default-policy + and --tofu-db-format. + * gpg: New option --weak-digest to specify hash algorithms which + should be considered weak. + * gpg: Allow the use of multiple --default-key options; take the last + available key. + * gpg: New option --encrypt-to-default-key. + * gpg: New option --unwrap to only strip the encryption layer. + * gpg: New option --only-sign-text-ids to exclude photo IDs from key + signing. + * gpg: Check for ambigious or non-matching key specification in the + config file or given to --encrypt-to. + * gpg: Show the used card reader with --card-status. + * gpg: Print export statistics and an EXPORTED status line. + * gpg: Allow selecting subkeys by keyid in --edit-key. + * gpg: Allow updating the expiration time of multiple subkeys at + once. + * dirmngr: New option --use-tor. For full support this requires + libassuan version 2.4.2 and a patched version of libadns + (e.g. adns-1.4-g10-7 as used by the standard Windows installer). + * dirmngr: New option --nameserver to specify the nameserver used in + Tor mode. + * dirmngr: Keyservers may again be specified by IP address. + * dirmngr: Fixed problems in resolving keyserver pools. + * dirmngr: Fixed handling of premature termination of TLS streams so + that large numbers of keys can be refreshed via hkps. + * gpg: Fixed a regression in --locate-key [since 2.1.9]. + * gpg: Fixed another bug for keyrings with legacy keys. + * gpgsm: Allow combinations of usage flags in --gen-key. + * Make tilde expansion work with most options. + * Many other cleanups and bug fixes. + +--- @@ -5,0 +44,6 @@ + +--- +Fri Nov 20 16:03:03 UTC 2015 - astie...@suse.com + +- Improve upgrade to gpg2 from security:privacy w.r.t. libassuan + run-time dependencies (boo#955982) Old: gnupg-2.1.9.tar.bz2 gnupg-2.1.9.tar.bz2.sig New: gnupg-2.1.10.tar.bz2 gnupg-2.1.10.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.Tk9sHs/_old 2015-12-09 22:18:34.0 +0100 +++ /var/tmp/diff_new_pack.Tk9sHs/_new 2015-12-09 22:18:34.0 +0100 @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.1.9 +Version:2.1.10 Release:0 Summary:GnuPG 2 License:GPL-3.0+ @@ -38,7 +38,7 @@ BuildRequires: fdupes BuildRequires: gnutls-devel >= 3.0 BuildRequires: libadns-devel -BuildRequires: libassuan-devel >= 2.1.0 +BuildRequires: libassuan-devel >= 2.4.1 BuildRequires: libbz2-devel BuildRequires: libcurl-devel >= 7.10 # patch11 (gnupg-add_legacy_FIPS_mode_option.patch) mentions GCRYCTL_INACTIVATE_FIPS_FLAG @@ -52,7 +52,10 @@ BuildRequires: openldap2-devel BuildRequires: pkg-config BuildRequires: readline-devel +BuildRequires: sqlite3-devel >= 3.7 BuildRequires: zlib-devel +# Add an explicit runtime dependency to match boo#955982 +Requires: libassuan0 >= 2.4.1 Requires: pinentry # FIXME: use proper Requires(pre/post/preun/...) PreReq: %{install_info_prereq} ++ gnupg-2.0.18-files-are-digests.patch ++ --- /var/tmp/diff_new_pack.Tk9sHs/_old 2015-12-09 22:18:34.0 +0100 +++ /var/tmp/diff_new_pack.Tk9sHs/_new 2015-12-09 22:18:34.0 +0100 @@ -4,11 +4,11 @@ g10/sign.c| 68 -- 3 files changed, 67 insertions(+), 6 deletions(-) -Index: gnupg-2.1.3/g10/gpg.c +Index: gnupg-2.1.10/g10/gpg.c === gnupg-2.1.3.orig/g10/gpg.c 2015-04-06 14:03:32.0 +0200 -+++ gnupg-2.1.3/g10/gpg.c 2015-04-11 20:45:24.0 +0200 -@@ -352,6 +352,7 @@ enum cmd_and_opt_values +--- gnupg-2.1.10.orig/g10/gpg.c2015-12-04 14:25:25.749577555 +0100 gnupg-2.1.10/g10/gpg.c 2015-12-04 14:26:04.777192262 +0100 +@@ -355,6 +355,7 @@ enum cmd_and_opt_values oTTYtype, oLCctype, oLCmessages, @@ -16,23 +16,23 @@
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2015-12-01 09:16:50 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is "gpg2" Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2015-10-20 16:20:55.0 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2015-12-01 09:16:52.0 +0100 @@ -1,0 +2,6 @@ +Tue Nov 24 10:27:58 UTC 2015 - vci...@suse.com + +- enable tests for PPC64 again, + the problem from bsc#935887 went away + +--- Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.mnYEiH/_old 2015-12-01 09:16:53.0 +0100 +++ /var/tmp/diff_new_pack.mnYEiH/_new 2015-12-01 09:16:53.0 +0100 @@ -142,10 +142,8 @@ %check %if ! 0%{?qemu_user_space_build} -%ifnarch ppc64 make %{?_smp_mflags} check %endif -%endif %post %install_info --info-dir=%{_infodir} %{_infodir}/gnupg.info.gz
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2015-10-20 16:20:54 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is "gpg2" Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2015-09-16 10:37:07.0 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2015-10-20 16:20:55.0 +0200 @@ -1,0 +2,20 @@ +Sat Oct 10 11:39:55 UTC 2015 - astie...@suse.com + +- GnuPG 2.1.9: + * gpg: Allow fetching keys via OpenPGP DANE (--auto-key-locate).\ + New option --print-dane-records. + * gpg: Fix for a problem with PGP-2 keys in a keyring. + * gpg: Fail with an error instead of a warning if a modern cipher + algorithm is used without a MDC. + * agent: New option --pinentry-invisible-char. + * agent: Always do a RSA signature verification after creation. + * agent: Fix a regression in ssh-add-ing Ed25519 keys. + * agent: Fix ssh fingerprint computation for nistp384 and EdDSA. + * agent: Fix crash during passprase entry on some platforms. + * scd: Change timeout to fix problems with some 2.1 cards. + * dirmngr: Displayed name is now Key Acquirer. + * dirmngr: Add option --keyserver. Deprecate that option for gpg. + Install a dirmngr.conf file from a skeleton for new installations. +- update gnupg-add_legacy_FIPS_mode_option.patch for context change + +--- Old: gnupg-2.1.8.tar.bz2 gnupg-2.1.8.tar.bz2.sig New: gnupg-2.1.9.tar.bz2 gnupg-2.1.9.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.Yvmdpo/_old 2015-10-20 16:20:56.0 +0200 +++ /var/tmp/diff_new_pack.Yvmdpo/_new 2015-10-20 16:20:56.0 +0200 @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.1.8 +Version:2.1.9 Release:0 Summary:GnuPG 2 License:GPL-3.0+ ++ gnupg-2.1.8.tar.bz2 -> gnupg-2.1.9.tar.bz2 ++ 144730 lines of diff (skipped) ++ gnupg-add_legacy_FIPS_mode_option.patch ++ --- /var/tmp/diff_new_pack.Yvmdpo/_old 2015-10-20 16:20:59.0 +0200 +++ /var/tmp/diff_new_pack.Yvmdpo/_new 2015-10-20 16:20:59.0 +0200 @@ -3,11 +3,11 @@ g10/gpg.c|9 + 2 files changed, 27 insertions(+) -Index: gnupg-2.1.3/doc/gpg.texi +Index: gnupg-2.1.9/doc/gpg.texi === gnupg-2.1.3.orig/doc/gpg.texi 2015-04-11 20:48:01.0 +0200 -+++ gnupg-2.1.3/doc/gpg.texi 2015-04-11 20:48:22.0 +0200 -@@ -1857,6 +1857,24 @@ implies, this option is for experts only +--- gnupg-2.1.9.orig/doc/gpg.texi gnupg-2.1.9/doc/gpg.texi +@@ -1778,6 +1778,24 @@ implies, this option is for experts only understand the implications of what it allows you to do, leave this off. @option{--no-expert} disables this option. @@ -32,19 +32,19 @@ @end table -Index: gnupg-2.1.3/g10/gpg.c +Index: gnupg-2.1.9/g10/gpg.c === gnupg-2.1.3.orig/g10/gpg.c 2015-04-11 20:48:01.0 +0200 -+++ gnupg-2.1.3/g10/gpg.c 2015-04-11 20:48:48.0 +0200 -@@ -385,6 +385,7 @@ enum cmd_and_opt_values - oFakedSystemTime, +--- gnupg-2.1.9.orig/g10/gpg.c gnupg-2.1.9/g10/gpg.c +@@ -386,6 +386,7 @@ enum cmd_and_opt_values oNoAutostart, oPrintPKARecords, + oPrintDANERecords, +oSetLegacyFips, oNoop }; -@@ -777,6 +778,7 @@ static ARGPARSE_OPTS opts[] = { +@@ -780,6 +781,7 @@ static ARGPARSE_OPTS opts[] = { ARGPARSE_s_n (oAllowMultipleMessages, "allow-multiple-messages", "@"), ARGPARSE_s_n (oNoAllowMultipleMessages, "no-allow-multiple-messages", "@"), ARGPARSE_s_n (oAllowWeakDigestAlgos, "allow-weak-digest-algos", "@"), @@ -52,7 +52,7 @@ /* These two are aliases to help users of the PGP command line product use gpg with minimal pain. Many commands are common -@@ -3170,6 +3172,13 @@ main (int argc, char **argv) +@@ -3188,6 +3190,13 @@ main (int argc, char **argv) case oNoAutostart: opt.autostart = 0; break;
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2015-09-16 10:37:06 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is "gpg2" Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2015-08-17 15:33:42.0 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2015-09-16 10:37:07.0 +0200 @@ -1,0 +2,17 @@ +Fri Sep 11 06:02:23 UTC 2015 - astie...@suse.com + +- GnuPG 2.1.8: + * gpg: Sending very large keys to the keyservers works again. + * gpg: Validity strings in key listings are now again translatable. + * gpg: Emit FAILURE status lines to help GPGME. + * gpg: Does not anymore link to Libksba to reduce dependencies. + * gpgsm: Export of secret keys via Assuan is now possible. + * agent: Raise the maximum passphrase length from 100 to 255 bytes. + * agent: Fix regression using EdDSA keys with ssh. + * Does not anymore use a build timestamp by default. + * The fallback encoding for broken locale settings changed + from Latin-1 to UTF-8. + * Many code cleanups and improved internal documentation. + * Various minor bug fixes. + +--- Old: gnupg-2.1.7.tar.bz2 gnupg-2.1.7.tar.bz2.sig New: gnupg-2.1.8.tar.bz2 gnupg-2.1.8.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.3bplCk/_old 2015-09-16 10:37:08.0 +0200 +++ /var/tmp/diff_new_pack.3bplCk/_new 2015-09-16 10:37:08.0 +0200 @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.1.7 +Version:2.1.8 Release:0 Summary:GnuPG 2 License:GPL-3.0+ @@ -27,6 +27,7 @@ Source2:ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-%{version}.tar.bz2.sig # https://www.gnupg.org/signature_key.html Source3:%{name}.keyring +Source99: %{name}.changes Patch4: gnupg-2.0.9-langinfo.patch Patch5: gnupg-2.0.18-files-are-digests.patch Patch6: gnupg-dont-fail-with-seahorse-agent.patch @@ -91,6 +92,7 @@ %endif export CFLAGS="%{optflags} ${PIE}" export LDFLAGS=-pie +date=$(date -u +%{Y}-%{m}-%{dT}%{H}:%{M}+ -r %{SOURCE99}) %configure \ --libexecdir=%{_libdir} \ --docdir=%{_docdir}/%{name} \ @@ -104,7 +106,8 @@ --enable-gpgtar \ --enable-large-rsa \ --enable-large-secmem \ ---with-gnu-ld +--with-gnu-ld \ +--enable-build-timestamp=$date make %{?_smp_mflags} @@ -140,7 +143,7 @@ %check %if ! 0%{?qemu_user_space_build} %ifnarch ppc64 -make check +make %{?_smp_mflags} check %endif %endif @@ -155,8 +158,8 @@ %files %defattr(-,root,root) -%doc %{_infodir}/gnupg* -%doc %{_mandir}/*/*.gz +%{_infodir}/gnupg* +%{_mandir}/*/*.gz %doc %{_docdir}/%{name} %{_bindir}/* %{_libdir}/[^d]* ++ gnupg-2.1.7.tar.bz2 -> gnupg-2.1.8.tar.bz2 ++ 103829 lines of diff (skipped)
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2015-08-17 15:33:41 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is gpg2 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2015-07-16 17:18:48.0 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2015-08-17 15:33:42.0 +0200 @@ -1,0 +2,15 @@ +Wed Aug 12 10:58:48 UTC 2015 - astie...@suse.com + +- GnuPG 2.1.7: + * gpg: Support encryption with Curve25519 if Libgcrypt 1.7 is used. + * gpg: In the --edit-key menu: Removed the need for toggle, changed + how secret keys are indicated, new commands fpr * and grip. + * gpg: More fixes related to legacy keys in a keyring. + * gpgv: Does now also work with a trustedkeys.kbx file. + * scd: Support some feature from the OpenPGP card 3.0 specs. + * scd: Improved ECC support + * agent: New option --force for the DELETE_KEY command. + * Dropped deprecated gpgsm-gencert.sh + * Various other bug fixes. + +--- Old: gnupg-2.1.6.tar.bz2 gnupg-2.1.6.tar.bz2.sig New: gnupg-2.1.7.tar.bz2 gnupg-2.1.7.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.ac1BSP/_old 2015-08-17 15:33:43.0 +0200 +++ /var/tmp/diff_new_pack.ac1BSP/_new 2015-08-17 15:33:43.0 +0200 @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.1.6 +Version:2.1.7 Release:0 Summary:GnuPG 2 License:GPL-3.0+ ++ gnupg-2.1.6.tar.bz2 - gnupg-2.1.7.tar.bz2 ++ 99895 lines of diff (skipped)
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2015-07-16 17:18:47 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is gpg2 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2015-06-24 20:28:23.0 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2015-07-16 17:18:48.0 +0200 @@ -1,0 +2,31 @@ +Thu Jul 2 14:26:21 UTC 2015 - astie...@suse.com + +- do not run checks on ppc64 for now + +--- +Wed Jul 1 14:15:28 UTC 2015 - astie...@suse.com + +- GnuPG 2.1.6: + * agent: New option --verify for the PASSWD command. + * gpgsm: Add command option offline as an alternative to + --disable-dirmngr. + * gpg: Do not prompt multiple times for a password in pinentry + loopback mode. + * Allow the use of debug category names with --debug. + * Using gpg-agent and gpg/gpgsm with different locales will now show + the correct translations in Pinentry. + * gpg: Improve speed of --list-sigs and --check-sigs. + * gpg: Make --list-options show-sig-subpackets work again. + * gpg: Fix an export problem for old keyrings with PGP-2 keys. + * scd: Support PIN-pads on more readers. + * dirmngr: Properly cleanup zombie LDAP helper processes and avoid + hangs on dirmngr shutdown. + * Various other bug fixes. +- remove documentation make workaround, fixed upstream + +--- +Sun Jun 28 13:14:03 UTC 2015 - sch...@linux-m68k.org + +- Enable workaround for missing dependencies everywhere + +--- Old: gnupg-2.1.5.tar.bz2 gnupg-2.1.5.tar.bz2.sig New: gnupg-2.1.6.tar.bz2 gnupg-2.1.6.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.o5Qo5U/_old 2015-07-16 17:18:49.0 +0200 +++ /var/tmp/diff_new_pack.o5Qo5U/_new 2015-07-16 17:18:49.0 +0200 @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.1.5 +Version:2.1.6 Release:0 Summary:GnuPG 2 License:GPL-3.0+ @@ -106,13 +106,6 @@ --enable-large-secmem \ --with-gnu-ld -# https://lists.gnupg.org/pipermail/gnupg-devel/2015-June/030018.html -%if 0%{?suse_version} = 1320 -pushd doc -make defs.inc -popd -%endif -# make %{?_smp_mflags} %install @@ -146,8 +139,10 @@ %check %if ! 0%{?qemu_user_space_build} +%ifnarch ppc64 make check %endif +%endif %post %install_info --info-dir=%{_infodir} %{_infodir}/gnupg.info.gz ++ gnupg-2.1.5.tar.bz2 - gnupg-2.1.6.tar.bz2 ++ 75260 lines of diff (skipped)
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2015-06-24 20:28:22 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is gpg2 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2015-06-12 20:24:46.0 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2015-06-24 20:28:23.0 +0200 @@ -1,0 +2,6 @@ +Mon Jun 15 13:20:33 UTC 2015 - astie...@suse.com + +- fix build with openSUSE 13.2 and earlier, call make to + compensate for incorrect documentation dependencies. + +--- Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.XHFodm/_old 2015-06-24 20:28:24.0 +0200 +++ /var/tmp/diff_new_pack.XHFodm/_new 2015-06-24 20:28:24.0 +0200 @@ -106,6 +106,13 @@ --enable-large-secmem \ --with-gnu-ld +# https://lists.gnupg.org/pipermail/gnupg-devel/2015-June/030018.html +%if 0%{?suse_version} = 1320 +pushd doc +make defs.inc +popd +%endif +# make %{?_smp_mflags} %install
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2015-06-12 20:24:45 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is gpg2 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2015-05-19 23:28:49.0 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2015-06-12 20:24:46.0 +0200 @@ -1,0 +2,10 @@ +Thu Jun 11 14:32:09 UTC 2015 - astie...@suse.com + +- GnuPG 2.1.5: + * Support for an external passphrase cache. + * Support for the forthcoming version 3 OpenPGP smartcard. + * Manuals now show the actual used file names. + * Prepared for improved integration with Emacs. + * Code cleanups and minor bug fixes. + +--- Old: gnupg-2.1.4.tar.bz2 gnupg-2.1.4.tar.bz2.sig New: gnupg-2.1.5.tar.bz2 gnupg-2.1.5.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.IQL2sS/_old 2015-06-12 20:24:48.0 +0200 +++ /var/tmp/diff_new_pack.IQL2sS/_new 2015-06-12 20:24:48.0 +0200 @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.1.4 +Version:2.1.5 Release:0 Summary:GnuPG 2 License:GPL-3.0+ ++ gnupg-2.1.4.tar.bz2 - gnupg-2.1.5.tar.bz2 ++ 61149 lines of diff (skipped)
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2015-05-19 23:28:47 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is gpg2 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2015-05-15 09:02:46.0 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2015-05-19 23:28:49.0 +0200 @@ -1,0 +2,5 @@ +Sun May 17 08:24:15 UTC 2015 - meiss...@suse.com + +- info deinstall needs to be in %preun + +--- Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.lhKSvn/_old 2015-05-19 23:28:50.0 +0200 +++ /var/tmp/diff_new_pack.lhKSvn/_new 2015-05-19 23:28:50.0 +0200 @@ -145,7 +145,7 @@ %post %install_info --info-dir=%{_infodir} %{_infodir}/gnupg.info.gz -%postun +%preun %install_info_delete --info-dir=%{_infodir} %{_infodir}/gnupg.info.gz %files lang -f gnupg2.lang
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2015-05-15 09:02:43 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is gpg2 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2015-04-13 20:29:47.0 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2015-05-15 09:02:46.0 +0200 @@ -1,0 +2,17 @@ +Tue May 12 18:04:36 UTC 2015 - astie...@suse.com + +- update to 2.1.4: + * gpg: Add command --quick-adduid to non-interacitivly add a new + user id to an existing key. + * gpg: Do no enable honor-keyserver-url by default. Make it work + if enabled. + * gpg: Display the serial number in the --card-staus output again. + * agent: Support for external password managers. + Add option --no-allow-external-cache. + * scdaemon: Improved handling of extended APDUs. + * Make HTTP proxies work again. + * All network access including DNS as been moved to Dirmngr. + * Allow building without LDAP support. + * Fixed lots of smaller bugs. + +--- Old: gnupg-2.1.3.tar.bz2 gnupg-2.1.3.tar.bz2.sig New: gnupg-2.1.4.tar.bz2 gnupg-2.1.4.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.6dXdHJ/_old 2015-05-15 09:02:47.0 +0200 +++ /var/tmp/diff_new_pack.6dXdHJ/_new 2015-05-15 09:02:47.0 +0200 @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.1.3 +Version:2.1.4 Release:0 Summary:GnuPG 2 License:GPL-3.0+ ++ gnupg-2.1.3.tar.bz2 - gnupg-2.1.4.tar.bz2 ++ 194452 lines of diff (skipped)
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2015-04-13 20:29:46 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is gpg2 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2015-03-27 09:38:02.0 +0100 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2015-04-13 20:29:47.0 +0200 @@ -1,0 +2,30 @@ +Sat Apr 11 18:59:42 UTC 2015 - astie...@suse.com + +- update to 2.1.3: + * gpg: LDAP keyservers are now supported by 2.1. + * gpg: New option --with-icao-spelling. + * gpg: New option --print-pka-records. Changed the PKA method to + use CERT records and hashed names. + * gpg: New command --list-gcrypt-config. New parameter curve + for --list-config. + * gpg: Print a NEWSIG status line like gpgsm always did. + * gpg: Print MPI values with --list-packets and --verbose. + * gpg: Write correct MPI lengths with ECC keys. + * gpg: Skip legacy PGP-2 keys while searching. + (drop 0001-gpg-Skip-legacy-keys-while-searching-keyrings.patch +now upstream) + * gpg: Improved searching for mail addresses when using a keybox. + * gpgsm: Changed default algos to AES-128 and SHA-256. + * gpgtar: Fixed extracting files with sizes of a multiple of 512. + * dirmngr: Fixed SNI handling for hkps pools. + (drop hkps-fix-host-name-verification-when-using-pools.patch +now upstream) + * dirmngr: extra-certs and trusted-certs are now always loaded + from the sysconfig dir instead of the homedir. + * Fixed possible problems due to compiler optimization, two minor + regressions, and other bugs. +- refreshed for context changes: + * gnupg-2.0.18-files-are-digests.patch + * gnupg-add_legacy_FIPS_mode_option.patch + +--- Old: 0001-gpg-Skip-legacy-keys-while-searching-keyrings.patch gnupg-2.1.2.tar.bz2 gnupg-2.1.2.tar.bz2.sig hkps-fix-host-name-verification-when-using-pools.patch New: gnupg-2.1.3.tar.bz2 gnupg-2.1.3.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.aFFBcv/_old 2015-04-13 20:29:48.0 +0200 +++ /var/tmp/diff_new_pack.aFFBcv/_new 2015-04-13 20:29:48.0 +0200 @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.1.2 +Version:2.1.3 Release:0 Summary:GnuPG 2 License:GPL-3.0+ @@ -33,8 +33,6 @@ Patch8: gnupg-set_umask_before_open_outfile.patch Patch9: gnupg-detect_FIPS_mode.patch Patch11:gnupg-add_legacy_FIPS_mode_option.patch -Patch15:0001-gpg-Skip-legacy-keys-while-searching-keyrings.patch -Patch16:hkps-fix-host-name-verification-when-using-pools.patch BuildRequires: expect BuildRequires: fdupes BuildRequires: gnutls-devel = 3.0 @@ -82,8 +80,6 @@ %patch8 -p1 %patch9 -p1 %patch11 -p1 -%patch15 -p1 -%patch16 -p1 %build # build PIEs (position independent executables) for address space randomisation: ++ gnupg-2.0.18-files-are-digests.patch ++ --- /var/tmp/diff_new_pack.aFFBcv/_old 2015-04-13 20:29:48.0 +0200 +++ /var/tmp/diff_new_pack.aFFBcv/_new 2015-04-13 20:29:48.0 +0200 @@ -1,14 +1,14 @@ --- g10/gpg.c |4 +++ g10/options.h |1 - g10/sign.c| 66 +- - 3 files changed, 66 insertions(+), 5 deletions(-) + g10/sign.c| 68 -- + 3 files changed, 67 insertions(+), 6 deletions(-) -Index: gnupg-2.1.2/g10/gpg.c +Index: gnupg-2.1.3/g10/gpg.c === gnupg-2.1.2.orig/g10/gpg.c -+++ gnupg-2.1.2/g10/gpg.c -@@ -349,6 +349,7 @@ enum cmd_and_opt_values +--- gnupg-2.1.3.orig/g10/gpg.c 2015-04-06 14:03:32.0 +0200 gnupg-2.1.3/g10/gpg.c 2015-04-11 20:45:24.0 +0200 +@@ -352,6 +352,7 @@ enum cmd_and_opt_values oTTYtype, oLCctype, oLCmessages, @@ -16,7 +16,7 @@ oXauthority, oGroup, oUnGroup, -@@ -730,6 +731,7 @@ static ARGPARSE_OPTS opts[] = { +@@ -738,6 +739,7 @@ static ARGPARSE_OPTS opts[] = { ARGPARSE_s_s (oPersonalCompressPreferences, personal-compress-preferences, @), ARGPARSE_s_s (oFakedSystemTime, faked-system-time, @), @@ -24,7 +24,7 @@ /* Aliases. I constantly mistype these, and assume other people do as well. */ -@@ -2127,6 +2129,7 @@ main (int argc, char **argv) +@@ -2148,6 +2150,7 @@ main (int argc, char **argv) opt.def_cert_expire = 0; set_homedir (default_homedir ()); opt.passphrase_repeat = 1; @@ -32,7 +32,7 @@
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2015-03-27 09:38:00 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is gpg2 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2015-03-23 12:16:23.0 +0100 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2015-03-27 09:38:02.0 +0100 @@ -1,0 +2,6 @@ +Mon Mar 23 11:48:24 UTC 2015 - idon...@suse.com + +- Add hkps-fix-host-name-verification-when-using-pools.patch to + fix hkps support w/ pools. Upstream commit dc10d46. + +--- New: hkps-fix-host-name-verification-when-using-pools.patch Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.rBpEon/_old 2015-03-27 09:38:03.0 +0100 +++ /var/tmp/diff_new_pack.rBpEon/_new 2015-03-27 09:38:03.0 +0100 @@ -34,6 +34,7 @@ Patch9: gnupg-detect_FIPS_mode.patch Patch11:gnupg-add_legacy_FIPS_mode_option.patch Patch15:0001-gpg-Skip-legacy-keys-while-searching-keyrings.patch +Patch16:hkps-fix-host-name-verification-when-using-pools.patch BuildRequires: expect BuildRequires: fdupes BuildRequires: gnutls-devel = 3.0 @@ -82,6 +83,7 @@ %patch9 -p1 %patch11 -p1 %patch15 -p1 +%patch16 -p1 %build # build PIEs (position independent executables) for address space randomisation: ++ hkps-fix-host-name-verification-when-using-pools.patch ++ From dc10d466bff53821f23d2cb4814c259d40c5d9c5 Mon Sep 17 00:00:00 2001 From: Werner Koch w...@gnupg.org Date: Thu, 19 Mar 2015 15:37:05 +0100 Subject: [PATCH] hkps: Fix host name verification when using pools. * common/http.c (send_request): Set the requested for SNI. * dirmngr/ks-engine-hkp.c (map_host): Return the poolname and not the selecting a host. -- GnuPG-bug-id: 1792 Thanks to davidw for figuring out the problem. Signed-off-by: Werner Koch w...@gnupg.org --- common/http.c | 6 -- dirmngr/ks-engine-hkp.c | 25 ++--- 2 files changed, 22 insertions(+), 9 deletions(-) diff --git a/common/http.c b/common/http.c index 50c0692..12e3fcb 100644 --- a/common/http.c +++ b/common/http.c @@ -1443,7 +1443,8 @@ send_request (http_t hd, const char *httphost, const char *auth, } # if HTTP_USE_NTBTLS - err = ntbtls_set_hostname (hd-session-tls_session, server); + err = ntbtls_set_hostname (hd-session-tls_session, + hd-session-servername); if (err) { log_info (ntbtls_set_hostname failed: %s\n, gpg_strerror (err)); @@ -1452,7 +1453,8 @@ send_request (http_t hd, const char *httphost, const char *auth, # elif HTTP_USE_GNUTLS rc = gnutls_server_name_set (hd-session-tls_session, GNUTLS_NAME_DNS, - server, strlen (server)); + hd-session-servername, + strlen (hd-session-servername)); if (rc 0) log_info (gnutls_server_name_set failed: %s\n, gnutls_strerror (rc)); # endif /*HTTP_USE_GNUTLS*/ diff --git a/dirmngr/ks-engine-hkp.c b/dirmngr/ks-engine-hkp.c index ea607cb..0568094 100644 --- a/dirmngr/ks-engine-hkp.c +++ b/dirmngr/ks-engine-hkp.c @@ -521,6 +521,14 @@ map_host (ctrl_t ctrl, const char *name, int force_reselect, hi = hosttable[idx]; if (hi-pool) { + /* Deal with the pool name before selecting a host. */ + if (r_poolname hi-cname) +{ + *r_poolname = xtrystrdup (hi-cname); + if (!*r_poolname) +return gpg_error_from_syserror (); +} + /* If the currently selected host is now marked dead, force a re-selection . */ if (force_reselect) @@ -536,6 +544,11 @@ map_host (ctrl_t ctrl, const char *name, int force_reselect, if (hi-poolidx == -1) { log_error (no alive host found in pool '%s'\n, name); + if (r_poolname) +{ + xfree (*r_poolname); + *r_poolname = NULL; +} return gpg_error (GPG_ERR_NO_KEYSERVER); } } @@ -548,6 +561,11 @@ map_host (ctrl_t ctrl, const char *name, int force_reselect, if (hi-dead) { log_error (host '%s' marked as dead\n, hi-name); + if (r_poolname) +{ + xfree (*r_poolname); + *r_poolname = NULL; +} return gpg_error (GPG_ERR_NO_KEYSERVER); } @@ -564,13 +582,6 @@ map_host (ctrl_t ctrl, const char *name, int force_reselect, *r_httpflags |=
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2015-03-23 12:16:22 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is gpg2 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2015-03-01 14:52:10.0 +0100 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2015-03-23 12:16:23.0 +0100 @@ -1,0 +2,9 @@ +Thu Mar 19 15:56:12 UTC 2015 - astie...@suse.com + +- Ensure secure memory can be used with default 64k memlock limit + Fixes [boo#915931], removes gnupg-large_keys.patch +- Removed gnupg-remove_development_version_warning.patch, obsolete +- Removed gnupg-2.0.4-install_tools.diff, replaced by spec install +- Removed autoconf requirement and autoreconf calls thus obsoleted + +--- Old: gnupg-2.0.4-install_tools.diff gnupg-large_keys.patch gnupg-remove_development_version_warning.patch Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.ivuJ8t/_old 2015-03-23 12:16:24.0 +0100 +++ /var/tmp/diff_new_pack.ivuJ8t/_new 2015-03-23 12:16:24.0 +0100 @@ -27,17 +27,13 @@ Source2:ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-%{version}.tar.bz2.sig # https://www.gnupg.org/signature_key.html Source3:%{name}.keyring -Patch2: gnupg-2.0.4-install_tools.diff Patch4: gnupg-2.0.9-langinfo.patch Patch5: gnupg-2.0.18-files-are-digests.patch Patch6: gnupg-dont-fail-with-seahorse-agent.patch Patch8: gnupg-set_umask_before_open_outfile.patch Patch9: gnupg-detect_FIPS_mode.patch Patch11:gnupg-add_legacy_FIPS_mode_option.patch -Patch12:gnupg-remove_development_version_warning.patch -Patch14:gnupg-large_keys.patch Patch15:0001-gpg-Skip-legacy-keys-while-searching-keyrings.patch -BuildRequires: automake = 1.14 BuildRequires: expect BuildRequires: fdupes BuildRequires: gnutls-devel = 3.0 @@ -79,19 +75,15 @@ %prep %setup -q -n gnupg-%{version} -%patch2 %patch4 -p1 %patch5 -p1 %patch6 -p1 %patch8 -p1 %patch9 -p1 %patch11 -p1 -%patch12 -p1 -%patch14 -p1 %patch15 -p1 %build -autoreconf -fi # build PIEs (position independent executables) for address space randomisation: %ifarch s390x %{sparc} # s390x needs to use the large PIE model (at least for gpg.c): @@ -138,6 +130,10 @@ # install scdaemon to %{_bindir} (bnc#863645) mv %{buildroot}%{_libdir}/scdaemon %{buildroot}%{_bindir} mv %{buildroot}%{_libdir}/dirmngr_ldap %{buildroot}%{_bindir} +# install legacy tools +install -m 755 tools/gpg-zip %{buildroot}/%{_bindir} +install -m 755 tools/gpgsplit %{buildroot}/%{_bindir} + %find_lang gnupg2 %if 0%{?suse_version} 1020 %fdupes %{buildroot} -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2015-03-01 14:52:09 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is gpg2 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2015-02-14 13:54:24.0 +0100 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2015-03-01 14:52:10.0 +0100 @@ -1,0 +2,6 @@ +Tue Feb 24 08:10:22 UTC 2015 - astie...@suse.com + +- Fix invalid packet read error when reading keyrings [boo#914625] + add 0001-gpg-Skip-legacy-keys-while-searching-keyrings.patch + +--- New: 0001-gpg-Skip-legacy-keys-while-searching-keyrings.patch Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.mREGL8/_old 2015-03-01 14:52:11.0 +0100 +++ /var/tmp/diff_new_pack.mREGL8/_new 2015-03-01 14:52:11.0 +0100 @@ -1,7 +1,7 @@ # # spec file for package gpg2 # -# Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -36,6 +36,7 @@ Patch11:gnupg-add_legacy_FIPS_mode_option.patch Patch12:gnupg-remove_development_version_warning.patch Patch14:gnupg-large_keys.patch +Patch15:0001-gpg-Skip-legacy-keys-while-searching-keyrings.patch BuildRequires: automake = 1.14 BuildRequires: expect BuildRequires: fdupes @@ -87,6 +88,7 @@ %patch11 -p1 %patch12 -p1 %patch14 -p1 +%patch15 -p1 %build autoreconf -fi ++ 0001-gpg-Skip-legacy-keys-while-searching-keyrings.patch ++ From a8116aacd91b7e775762a62c268fab6cc3c77438 Mon Sep 17 00:00:00 2001 From: Werner Koch w...@gnupg.org Date: Mon, 23 Feb 2015 16:37:57 +0100 Subject: [PATCH] gpg: Skip legacy keys while searching keyrings. * g10/getkey.c (search_modes_are_fingerprint): New. (lookup): Skip over legacy keys. -- GnuPG-bug-id: 1847 Signed-off-by: Werner Koch w...@gnupg.org --- g10/getkey.c | 39 +-- 1 file changed, 37 insertions(+), 2 deletions(-) diff --git a/g10/getkey.c b/g10/getkey.c index 76ee493..116753c 100644 --- a/g10/getkey.c +++ b/g10/getkey.c @@ -2525,6 +2525,29 @@ found: } +/* Return true if all the search modes are fingerprints. */ +static int +search_modes_are_fingerprint (getkey_ctx_t ctx) +{ + size_t n, found; + + for (n=found=0; n ctx-nitems; n++) +{ + switch (ctx-items[n].mode) +{ +case KEYDB_SEARCH_MODE_FPR16: +case KEYDB_SEARCH_MODE_FPR20: +case KEYDB_SEARCH_MODE_FPR: + found++; + break; +default: + break; +} +} + return found found == ctx-nitems; +} + + /* The main function to lookup a key. On success the found keyblock is stored at RET_KEYBLOCK and also in CTX. If WANT_SECRET is true a corresponding secret key is required. */ @@ -2534,9 +2557,21 @@ lookup (getkey_ctx_t ctx, kbnode_t *ret_keyblock, int want_secret) int rc; int no_suitable_key = 0; - rc = 0; - while (!(rc = keydb_search (ctx-kr_handle, ctx-items, ctx-nitems, NULL))) + for (;;) { + rc = keydb_search (ctx-kr_handle, ctx-items, ctx-nitems, NULL); + /* Skip over all legacy keys but only if they are not requested + by fingerprints. + Fixme: The lower level keydb code should actually do that but + then it would be harder to report the number of skipped + legacy keys during import. */ + if (gpg_err_code (rc) == GPG_ERR_LEGACY_KEY + !(ctx-nitems ctx-items-mode == KEYDB_SEARCH_MODE_FIRST) + !search_modes_are_fingerprint (ctx)) +continue; + if (rc) +break; + /* If we are searching for the first key we have to make sure that the next iteration does not do an implicit reset. This can be triggered by an empty key ring. */ -- 2.1.4 -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2015-02-14 13:54:21 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is gpg2 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2015-01-21 21:50:37.0 +0100 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2015-02-14 13:54:24.0 +0100 @@ -1,0 +2,26 @@ +Wed Feb 11 21:48:13 UTC 2015 - astie...@suse.com + +- update to 2.1.2: + * gpg: The parameter 'Passphrase' for batch key generation works + again. + * gpg: Using a passphrase option in batch mode now has the + expected effect on --quick-gen-key. + * gpg: Improved reporting of unsupported PGP-2 keys. + * gpg: Added support for algo names when generating keys using + --command-fd. + * gpg: Fixed DoS based on bogus and overlong key packets. + * agent: When setting --default-cache-ttl the value + for --max-cache-ttl is adjusted to be not lower than the former. + * agent: Fixed problems with the new --extra-socket. + * agent: Made --allow-loopback-pinentry changeable with gpgconf. + * agent: Fixed importing of unprotected openpgp keys. + * agent: Now tries to use a fallback pinentry if the standard + pinentry is not installed. + * scd: Added support for ECDH. + * Fixed several bugs related to bogus keyrings and improved some + other code. +- in gnupg-2.0.18-files-are-digests.patch, change buffer_to_u32 to + buf32_to_u32 from host2net.h to match upstream changes +- now requires automake 1.14 + +--- Old: gnupg-2.1.1.tar.bz2 gnupg-2.1.1.tar.bz2.sig New: gnupg-2.1.2.tar.bz2 gnupg-2.1.2.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.B36gId/_old 2015-02-14 13:54:25.0 +0100 +++ /var/tmp/diff_new_pack.B36gId/_new 2015-02-14 13:54:25.0 +0100 @@ -1,7 +1,7 @@ # # spec file for package gpg2 # -# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.1.1 +Version:2.1.2 Release:0 Summary:GnuPG 2 License:GPL-3.0+ @@ -36,7 +36,7 @@ Patch11:gnupg-add_legacy_FIPS_mode_option.patch Patch12:gnupg-remove_development_version_warning.patch Patch14:gnupg-large_keys.patch -BuildRequires: automake = 1.10 +BuildRequires: automake = 1.14 BuildRequires: expect BuildRequires: fdupes BuildRequires: gnutls-devel = 3.0 ++ gnupg-2.0.18-files-are-digests.patch ++ --- /var/tmp/diff_new_pack.B36gId/_old 2015-02-14 13:54:25.0 +0100 +++ /var/tmp/diff_new_pack.B36gId/_new 2015-02-14 13:54:25.0 +0100 @@ -4,10 +4,10 @@ g10/sign.c| 66 +- 3 files changed, 66 insertions(+), 5 deletions(-) -Index: gnupg-2.1.1/g10/gpg.c +Index: gnupg-2.1.2/g10/gpg.c === gnupg-2.1.1.orig/g10/gpg.c -+++ gnupg-2.1.1/g10/gpg.c +--- gnupg-2.1.2.orig/g10/gpg.c gnupg-2.1.2/g10/gpg.c @@ -349,6 +349,7 @@ enum cmd_and_opt_values oTTYtype, oLCctype, @@ -24,7 +24,7 @@ /* Aliases. I constantly mistype these, and assume other people do as well. */ -@@ -2125,6 +2127,7 @@ main (int argc, char **argv) +@@ -2127,6 +2129,7 @@ main (int argc, char **argv) opt.def_cert_expire = 0; set_homedir (default_homedir ()); opt.passphrase_repeat = 1; @@ -32,7 +32,7 @@ opt.emit_version = 1; /* Limit to the major number. */ /* Check whether we have a config file on the command line. */ -@@ -2630,6 +2633,7 @@ main (int argc, char **argv) +@@ -2632,6 +2635,7 @@ main (int argc, char **argv) opt.verify_options=~VERIFY_SHOW_PHOTOS; break; case oPhotoViewer: opt.photo_viewer = pargs.r.ret_str; break; @@ -40,10 +40,10 @@ case oForceMDC: opt.force_mdc = 1; break; case oNoForceMDC: opt.force_mdc = 0; break; -Index: gnupg-2.1.1/g10/options.h +Index: gnupg-2.1.2/g10/options.h === gnupg-2.1.1.orig/g10/options.h -+++ gnupg-2.1.1/g10/options.h +--- gnupg-2.1.2.orig/g10/options.h gnupg-2.1.2/g10/options.h @@ -192,6 +192,7 @@ struct int no_auto_check_trustdb; int preserve_permissions; @@ -52,10 +52,19 @@ struct groupitem *grouplist; int
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2015-01-21 21:50:33 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is gpg2 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2014-12-29 00:32:01.0 +0100 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2015-01-21 21:50:37.0 +0100 @@ -1,0 +2,36 @@ +Fri Dec 26 21:15:55 UTC 2014 - andreas.stie...@gmx.de + +- update to 2.1.1: + * gpg: Detect faulty use of --verify on detached signatures. + * gpg: New import option keep-ownertrust. + * gpg: New sub-command factory-reset for --card-edit. + * gpg: A stub key for smartcards is now created by --card-status. + * gpg: Fixed regression in --refresh-keys. + * gpg: Fixed regresion in %g and %p codes for --sig-notation. + * gpg: Fixed best matching hash algo detection for ECDSA and EdDSA. + * gpg: Improved perceived speed of secret key listisngs. + * gpg: Print number of skipped PGP-2 keys on import. + * gpg: Removed the option aliases --throw-keyid and --notation-data; +use --throw-keyids and --set-notation instead. + * gpg: New import option keep-ownertrust. + * gpg: Skip too large keys during import. + * gpg,gpgsm: New option --no-autostart to avoid starting gpg-agent or +dirmngr. + * gpg-agent: New option --extra-socket to provide a restricted +command set for use with remote clients. + * gpgconf --kill does not anymore start a service only to kill it. + * gpg-pconnect-agent: Add convenience option --uiserver. + * More translations (but most of them are not complete). + * To support remotely mounted home directories, the IPC sockets may +now be redirected. This feature requires Libassuan 2.2.0. + * Improved portability and the usual bunch of bug fixes. +- removed patch not part of upstream release: +gnupg-2.1.0-boo-907198-openpgp_oid_to_str-buffer-overflow.patch +- refresh for context changes: +gnupg-2.0.18-files-are-digests.patch +gnupg-2.0.4-install_tools.diff +- refresh for upstream code changes: +gnupg-add_legacy_FIPS_mode_option.patch +gnupg-detect_FIPS_mode.patch (MD5 removed) + +--- Old: gnupg-2.1.0-boo-907198-openpgp_oid_to_str-buffer-overflow.patch gnupg-2.1.0.tar.bz2 gnupg-2.1.0.tar.bz2.sig New: gnupg-2.1.1.tar.bz2 gnupg-2.1.1.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.6urktz/_old 2015-01-21 21:50:39.0 +0100 +++ /var/tmp/diff_new_pack.6urktz/_new 2015-01-21 21:50:39.0 +0100 @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.1.0 +Version:2.1.1 Release:0 Summary:GnuPG 2 License:GPL-3.0+ @@ -35,7 +35,6 @@ Patch9: gnupg-detect_FIPS_mode.patch Patch11:gnupg-add_legacy_FIPS_mode_option.patch Patch12:gnupg-remove_development_version_warning.patch -Patch13:gnupg-2.1.0-boo-907198-openpgp_oid_to_str-buffer-overflow.patch Patch14:gnupg-large_keys.patch BuildRequires: automake = 1.10 BuildRequires: expect @@ -48,7 +47,7 @@ # patch11 (gnupg-add_legacy_FIPS_mode_option.patch) mentions GCRYCTL_INACTIVATE_FIPS_FLAG # raising gcrypt requirement from 1.4.0 BuildRequires: libgcrypt-devel = 1.6.1 -BuildRequires: libgpg-error-devel = 1.15 +BuildRequires: libgpg-error-devel = 1.16 BuildRequires: libksba-devel = 1.2.0 BuildRequires: libusb-devel BuildRequires: makeinfo @@ -87,7 +86,6 @@ %patch9 -p1 %patch11 -p1 %patch12 -p1 -%patch13 -p1 %patch14 -p1 %build ++ gnupg-2.0.18-files-are-digests.patch ++ --- /var/tmp/diff_new_pack.6urktz/_old 2015-01-21 21:50:39.0 +0100 +++ /var/tmp/diff_new_pack.6urktz/_new 2015-01-21 21:50:39.0 +0100 @@ -4,10 +4,10 @@ g10/sign.c| 66 +- 3 files changed, 66 insertions(+), 5 deletions(-) -Index: gnupg-2.1.0/g10/gpg.c +Index: gnupg-2.1.1/g10/gpg.c === gnupg-2.1.0.orig/g10/gpg.c 2014-11-07 11:35:21.599605797 +0100 -+++ gnupg-2.1.0/g10/gpg.c 2014-11-07 16:50:14.742067262 +0100 +--- gnupg-2.1.1.orig/g10/gpg.c gnupg-2.1.1/g10/gpg.c @@ -349,6 +349,7 @@ enum cmd_and_opt_values oTTYtype, oLCctype, @@ -16,7 +16,7 @@ oXauthority, oGroup, oUnGroup, -@@ -733,6 +734,7 @@ static ARGPARSE_OPTS opts[] = { +@@ -730,6 +731,7 @@ static ARGPARSE_OPTS opts[] = { ARGPARSE_s_s (oPersonalCompressPreferences, personal-compress-preferences, @), ARGPARSE_s_s
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2014-12-16 14:50:42 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is gpg2 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2014-12-09 09:13:29.0 +0100 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2014-12-16 14:50:24.0 +0100 @@ -1,0 +2,5 @@ +Wed Dec 3 22:37:59 UTC 2014 - andreas.stie...@gmx.de + +- update build requirement versions that changed with 2.1.0 + +--- Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.f7k0XN/_old 2014-12-16 14:50:28.0 +0100 +++ /var/tmp/diff_new_pack.f7k0XN/_new 2014-12-16 14:50:28.0 +0100 @@ -39,19 +39,19 @@ BuildRequires: automake = 1.10 BuildRequires: expect BuildRequires: fdupes -BuildRequires: gnutls-devel +BuildRequires: gnutls-devel = 3.0 BuildRequires: libadns-devel -BuildRequires: libassuan-devel = 2.0.0 +BuildRequires: libassuan-devel = 2.1.0 BuildRequires: libbz2-devel BuildRequires: libcurl-devel = 7.10 # patch11 (gnupg-add_legacy_FIPS_mode_option.patch) mentions GCRYCTL_INACTIVATE_FIPS_FLAG # raising gcrypt requirement from 1.4.0 BuildRequires: libgcrypt-devel = 1.6.1 -BuildRequires: libgpg-error-devel = 1.11 -BuildRequires: libksba-devel = 1.0.7 +BuildRequires: libgpg-error-devel = 1.15 +BuildRequires: libksba-devel = 1.2.0 BuildRequires: libusb-devel BuildRequires: makeinfo -BuildRequires: npth-devel +BuildRequires: npth-devel = 0.91 BuildRequires: openldap2-devel BuildRequires: pkg-config BuildRequires: readline-devel -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2014-12-09 09:13:50 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is gpg2 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2014-08-15 09:58:17.0 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2014-12-09 09:13:29.0 +0100 @@ -1,0 +2,56 @@ +Wed Nov 26 19:21:15 UTC 2014 - andreas.stie...@gmx.de + +- fix buffer overflow in OID to string conversion function + [boo#907198], adding + gnupg-2.1.0-boo-907198-openpgp_oid_to_str-buffer-overflow.patch + +--- +Tue Nov 11 16:10:04 UTC 2014 - vci...@suse.com + +- obsolete dirmngr (shipped with gpg since 2.1.0) +- spec cleanup after previous update +- get rid of THIS IS A DEVELOPMENT VERSION warning + http://lists.gnupg.org/pipermail/gnupg-devel/2014-November/029065.html + * added gnupg-remove_development_version_warning.patch + +--- +Thu Nov 6 17:32:39 UTC 2014 - vci...@suse.com + +- upgrade to 2.1.0 (modern) + - The file secring.gpg is not anymore used to store the secret +keys. Merging of secret keys is now supported. + - All support for PGP-2 keys has been removed for security reasons. + - The standard key generation interface is now much leaner. This +will help a new user to quickly generate a suitable key. + - Support for Elliptic Curve Cryptography (ECC) is now available. + - Commands to create and sign keys from the command line without any +extra prompts are now available. + - The Pinentry may now show the new passphrase entry and the +passphrase confirmation entry in one dialog. + - There is no more need to manually start the gpg-agent. It is now +started by any part of GnuPG as needed. + - Problems with importing keys with the same long key id have been +addressed. + - The Dirmngr is now part of GnuPG proper and also takes care of +accessing keyserver. + - Keyserver pools are now handled in a smarter way. + - A new format for locally storing the public keys is now used. +This considerable speeds up operations on large keyrings. + - Revocation certificates are now created by default. + - Card support has been updated, new readers and token types are +supported. + - The format of the key listing has been changed to better identify +the properties of a key. + - The gpg-agent may now be used on Windows as a Pageant replacement +for Putty in the same way it is used for years on Unix as +ssh-agent replacement. + - Creation of X.509 certificates has been improved. It is now also +possible to export them directly in PKCS#8 and PEM format for use +on TLS servers. +- dropped patches: + * gnupg-2.0.20-automake113.diff + * gnupg-2.0.18-tmpdir.diff (socket is created in homedir now) +- refresh most of the remaining patches +- added new BuildRequires: gnutls-devel, pkg-config, npth-devel + +--- Old: gnupg-2.0.18-tmpdir.diff gnupg-2.0.20-automake113.diff gnupg-2.0.26.tar.bz2 gnupg-2.0.26.tar.bz2.sig New: gnupg-2.1.0-boo-907198-openpgp_oid_to_str-buffer-overflow.patch gnupg-2.1.0.tar.bz2 gnupg-2.1.0.tar.bz2.sig gnupg-remove_development_version_warning.patch Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.bHPm0h/_old 2014-12-09 09:13:30.0 +0100 +++ /var/tmp/diff_new_pack.bHPm0h/_new 2014-12-09 09:13:30.0 +0100 @@ -17,11 +17,29 @@ Name: gpg2 -Version:2.0.26 +Version:2.1.0 Release:0 +Summary:GnuPG 2 +License:GPL-3.0+ +Group: Productivity/Networking/Security +Url:http://www.gnupg.org/aegypten2/ +Source: ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-%{version}.tar.bz2 +Source2:ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-%{version}.tar.bz2.sig +# https://www.gnupg.org/signature_key.html +Source3:%{name}.keyring +Patch2: gnupg-2.0.4-install_tools.diff +Patch4: gnupg-2.0.9-langinfo.patch +Patch5: gnupg-2.0.18-files-are-digests.patch +Patch6: gnupg-dont-fail-with-seahorse-agent.patch +Patch8: gnupg-set_umask_before_open_outfile.patch +Patch9: gnupg-detect_FIPS_mode.patch +Patch11:gnupg-add_legacy_FIPS_mode_option.patch +Patch12:gnupg-remove_development_version_warning.patch +Patch13:gnupg-2.1.0-boo-907198-openpgp_oid_to_str-buffer-overflow.patch BuildRequires: automake = 1.10 BuildRequires: expect BuildRequires: fdupes
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2014-08-15 09:58:15 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is gpg2 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2014-07-08 13:01:51.0 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2014-08-15 09:58:17.0 +0200 @@ -1,0 +2,12 @@ +Tue Aug 12 20:19:45 UTC 2014 - andreas.stie...@gmx.de + +- update to 2.0.26: + * gpg: Fix a regression in 2.0.24 if a subkey id is given + to --recv-keys et al. + * gpg: Cap attribute packets at 16MB. + * gpgsm: Auto-create the .gnupg home directory in the same + way gpg does. + * scdaemon: Allow for certificates 1024 when using PC/SC. +- remove URL from package keyring, upstream file metadata changes + +--- Old: gnupg-2.0.25.tar.bz2 gnupg-2.0.25.tar.bz2.sig New: gnupg-2.0.26.tar.bz2 gnupg-2.0.26.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.SqOuPs/_old 2014-08-15 09:58:19.0 +0200 +++ /var/tmp/diff_new_pack.SqOuPs/_new 2014-08-15 09:58:19.0 +0200 @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.0.25 +Version:2.0.26 Release:0 BuildRequires: automake = 1.10 BuildRequires: expect @@ -57,7 +57,8 @@ Group: Productivity/Networking/Security Source: ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-%{version}.tar.bz2 Source2:ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-%{version}.tar.bz2.sig -Source3:https://www.gnupg.org/signature_key.html#/%{name}.keyring +# https://www.gnupg.org/signature_key.html +Source3:%{name}.keyring Patch1: gnupg-2.0.18-tmpdir.diff Patch2: gnupg-2.0.4-install_tools.diff Patch4: gnupg-2.0.9-langinfo.patch ++ gnupg-2.0.25.tar.bz2 - gnupg-2.0.26.tar.bz2 ++ 27611 lines of diff (skipped) -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2014-07-08 13:01:50 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is gpg2 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2014-06-25 21:20:02.0 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2014-07-08 13:01:51.0 +0200 @@ -1,0 +2,20 @@ +Tue Jul 1 21:05:55 UTC 2014 - andreas.stie...@gmx.de + +- gnupg-add_legacy_FIPS_mode_option.patch (part of [bnc#856312]) + mentions GCRYCTL_INACTIVATE_FIPS_FLAG, raising the requirement + for gcrypt from 1.4.0 (from configure) to 1.6.1 where said flag + was introduced. Require this version to build. + +--- +Mon Jun 30 18:52:36 UTC 2014 - andreas.stie...@gmx.de + +- update to 2.0.25: + * gpg: Fix a regression in 2.0.24 if more than one keyid is given + to --recv-keys et al. + * gpg: Cap RSA and Elgamal keysize at 4096 bit also for unattended + key generation. + * gpgsm: Fix a DISPLAY related problem with + --export-secret-key-p12. + * scdaemon: Support reader Gemalto IDBridge CT30. + +--- Old: gnupg-2.0.24.tar.bz2 gnupg-2.0.24.tar.bz2.sig New: gnupg-2.0.25.tar.bz2 gnupg-2.0.25.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.6gvmZ1/_old 2014-07-08 13:01:53.0 +0200 +++ /var/tmp/diff_new_pack.6gvmZ1/_new 2014-07-08 13:01:53.0 +0200 @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.0.24 +Version:2.0.25 Release:0 BuildRequires: automake = 1.10 BuildRequires: expect @@ -26,7 +26,9 @@ BuildRequires: libassuan-devel = 2.0.0 BuildRequires: libbz2-devel BuildRequires: libcurl-devel = 7.10 -BuildRequires: libgcrypt-devel = 1.4.0 +# patch11 (gnupg-add_legacy_FIPS_mode_option.patch) mentions GCRYCTL_INACTIVATE_FIPS_FLAG +# raising gcrypt requirement from 1.4.0 +BuildRequires: libgcrypt-devel = 1.6.1 BuildRequires: libgpg-error-devel = 1.11 BuildRequires: libksba-devel = 1.0.7 BuildRequires: libusb-devel ++ gnupg-2.0.24.tar.bz2 - gnupg-2.0.25.tar.bz2 ++ 28845 lines of diff (skipped) -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2014-06-25 21:19:59 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is gpg2 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2014-06-18 10:59:13.0 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2014-06-25 21:20:02.0 +0200 @@ -1,0 +2,18 @@ +Tue Jun 24 22:25:12 UTC 2014 - andreas.stie...@gmx.de + +- update to 2.0.24 + Contains a security fix to stop a possible DoS using garbled + compressed data packets which can be used to put gpg into an + infinite loop. [bnc#884130] [CVE-2014-4617] + * gpg: Avoid DoS due to garbled compressed data packets. +- further: + * gpg: Screen keyserver responses to avoid importing unwanted +keys from rogue servers. + * gpg: The validity of user ids is now shown by default. To +revert this add list-options no-show-uid-validity to gpg.conf + * gpg: Print more specific reason codes with the INV_RECP status. + * gpg: Allow loading of a cert only key to an OpenPGP card. + * gpg-agent: Make ssh support for ECDSA keys work with Libgcrypt +1.6. + +--- Old: gnupg-2.0.23.tar.bz2 gnupg-2.0.23.tar.bz2.sig New: gnupg-2.0.24.tar.bz2 gnupg-2.0.24.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.leYkxV/_old 2014-06-25 21:20:04.0 +0200 +++ /var/tmp/diff_new_pack.leYkxV/_new 2014-06-25 21:20:04.0 +0200 @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.0.23 +Version:2.0.24 Release:0 BuildRequires: automake = 1.10 BuildRequires: expect ++ gnupg-2.0.23.tar.bz2 - gnupg-2.0.24.tar.bz2 ++ 52425 lines of diff (skipped) ++ gpg2.keyring ++ --- /var/tmp/diff_new_pack.leYkxV/_old 2014-06-25 21:20:06.0 +0200 +++ /var/tmp/diff_new_pack.leYkxV/_new 2014-06-25 21:20:06.0 +0200 @@ -7,7 +7,7 @@ meta http-equiv=Content-Type content=text/html;charset=utf-8/ meta name=title content=GnuPG - Signature Key/ meta name=generator content=Org-mode/ -meta name=generated content=㢛/ +meta name=generated content=㢰/ meta name=author content=Werner Koch/ meta name=description content=/ meta name=keywords content=/ -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2014-06-18 10:59:08 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is gpg2 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2014-05-02 19:21:28.0 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2014-06-18 10:59:13.0 +0200 @@ -1,0 +2,28 @@ +Tue Jun 3 21:55:34 UTC 2014 - andreas.stie...@gmx.de + +- update to 2.0.23: + * gpg: Reject signatures made using the MD5 hash algorithm unless the + new option --allow-weak-digest-algos or --pgp2 are given. + * gpg: Do not create a trustdb file if --trust-model=always is used. + * gpg: Only the major version number is by default included in the + armored output. + * gpg: Print a warning if the Gnome-Keyring-Daemon intercepts the + communication with the gpg-agent. + * gpg: The format of the fallback key listing (gpg KEYFILE) is now more + aligned to the regular key listing (gpg -k). + * gpg: The option--show-session-key prints its output now before the + decryption of the bulk message starts. + * gpg: New %U expando for the photo viewer. + * gpgsm: Improved handling of re-issued CA certificates. + * scdaemon: Various fixes for pinpad equipped card readers. + * Minor bug fixes. +- Packaging changes: + * add gpgtar utility + * update and use use source URL for tarball signing key + * removed gnupg-2.0.9-RSA_ES.patch, applied upstream + * updated for context changes: +gnupg-add_legacy_FIPS_mode_option.patch +gnupg-2.0.18-files-are-digests.patch +gnupg-dont-fail-with-seahorse-agent.patch + +--- Old: gnupg-2.0.22.tar.bz2 gnupg-2.0.22.tar.bz2.sig gnupg-2.0.9-RSA_ES.patch New: gnupg-2.0.23.tar.bz2 gnupg-2.0.23.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.W9rP5m/_old 2014-06-18 10:59:14.0 +0200 +++ /var/tmp/diff_new_pack.W9rP5m/_new 2014-06-18 10:59:14.0 +0200 @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.0.22 +Version:2.0.23 Release:0 BuildRequires: automake = 1.10 BuildRequires: expect @@ -55,9 +55,9 @@ Group: Productivity/Networking/Security Source: ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-%{version}.tar.bz2 Source2:ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-%{version}.tar.bz2.sig +Source3:https://www.gnupg.org/signature_key.html#/%{name}.keyring Patch1: gnupg-2.0.18-tmpdir.diff Patch2: gnupg-2.0.4-install_tools.diff -Patch3: gnupg-2.0.9-RSA_ES.patch Patch4: gnupg-2.0.9-langinfo.patch Patch5: gnupg-2.0.18-files-are-digests.patch Patch6: gnupg-dont-fail-with-seahorse-agent.patch @@ -78,7 +78,6 @@ %setup -q -n gnupg-%version %patch1 -p1 %patch2 -%patch3 -p1 %patch4 -p1 %patch5 -p1 %patch6 -p1 @@ -108,6 +107,7 @@ --enable-ldap \ --enable-gpgsm=yes \ --enable-gpg \ +--enable-gpgtar \ --with-gnu-ld make %{?_smp_mflags} ++ gnupg-2.0.18-files-are-digests.patch ++ --- /var/tmp/diff_new_pack.W9rP5m/_old 2014-06-18 10:59:14.0 +0200 +++ /var/tmp/diff_new_pack.W9rP5m/_new 2014-06-18 10:59:14.0 +0200 @@ -1,7 +1,14 @@ -diff -rup gnupg-2.0.18.orig/g10/gpg.c gnupg-2.0.18/g10/gpg.c gnupg-2.0.18.orig/g10/gpg.c2011-07-22 13:00:44.0 +0100 -+++ gnupg-2.0.18/g10/gpg.c 2011-08-06 21:07:32.0 +0100 -@@ -341,6 +341,7 @@ enum cmd_and_opt_values +--- + g10/gpg.c |4 +++ + g10/options.h |1 + g10/sign.c| 66 +- + 3 files changed, 66 insertions(+), 5 deletions(-) + +Index: gnupg-2.0.23/g10/gpg.c +=== +--- gnupg-2.0.23.orig/g10/gpg.c2014-06-03 22:36:44.0 +0100 gnupg-2.0.23/g10/gpg.c 2014-06-03 22:36:55.0 +0100 +@@ -345,6 +345,7 @@ enum cmd_and_opt_values oTTYtype, oLCctype, oLCmessages, @@ -9,7 +16,7 @@ oXauthority, oGroup, oUnGroup, -@@ -706,6 +707,7 @@ static ARGPARSE_OPTS opts[] = { +@@ -711,6 +712,7 @@ static ARGPARSE_OPTS opts[] = { ARGPARSE_s_s (oPersonalDigestPreferences, personal-digest-preferences,@), ARGPARSE_s_s (oPersonalCompressPreferences, personal-compress-preferences, @), @@ -17,15 +24,15 @@ /* Aliases. I constantly mistype these, and assume other people do as well. */ -@@ -1996,6 +1998,7 @@ main (int argc, char **argv) +@@ -2001,6 +2003,7 @@ main (int argc, char **argv)
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2014-05-02 19:21:25 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is gpg2 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2014-02-17 07:18:18.0 +0100 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2014-05-02 19:21:28.0 +0200 @@ -1,0 +2,10 @@ +Tue Apr 29 12:06:03 UTC 2014 - vci...@suse.com + +- add patch by Stephan Mueller which adds an option to enable + legacy ciphers in FIPS mode + * added gnupg-add_legacy_FIPS_mode_option.patch + (part of bnc#856312) +- added BuildRequires: makeinfo (to build info pages from the + patched gnupg.texi) + +--- New: gnupg-add_legacy_FIPS_mode_option.patch Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.WbRPY0/_old 2014-05-02 19:21:28.0 +0200 +++ /var/tmp/diff_new_pack.WbRPY0/_new 2014-05-02 19:21:28.0 +0200 @@ -30,6 +30,7 @@ BuildRequires: libgpg-error-devel = 1.11 BuildRequires: libksba-devel = 1.0.7 BuildRequires: libusb-devel +BuildRequires: makeinfo BuildRequires: openldap2-devel BuildRequires: readline-devel BuildRequires: zlib-devel @@ -64,6 +65,7 @@ Patch9: gnupg-detect_FIPS_mode.patch # PATCH-FIX-OPENSUSE co...@suse.de -- automake 1.13 already includes $SHELL Patch10:gnupg-2.0.20-automake113.diff +Patch11:gnupg-add_legacy_FIPS_mode_option.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -83,6 +85,7 @@ %patch8 -p1 %patch9 -p1 %patch10 -p1 +%patch11 -p1 %build autoreconf -fi ++ gnupg-add_legacy_FIPS_mode_option.patch ++ Index: gnupg-2.0.22/doc/gpg.texi === --- gnupg-2.0.22.orig/doc/gpg.texi 2013-10-04 19:08:32.0 +0200 +++ gnupg-2.0.22/doc/gpg.texi 2014-04-30 12:42:35.129468147 +0200 @@ -1795,6 +1795,24 @@ implies, this option is for experts only understand the implications of what it allows you to do, leave this off. @option{--no-expert} disables this option. +@item --set-legacy-fips +@itemx --set-legacy-fips +@opindex set-legacy-fips +Enable legacy support even when the libgcrypt library is in FIPS 140-2 +mode. The legacy mode of libgcrypt allows the use of all ciphers, +including non-approved ciphers. This mode is needed when for legacy +reasons a message must be encrypted or decrypted. Legacy reasons for +decryptions include the decryption of old messages created with a +public key that use cipher settings which do not meet FIPS 140-2 +requirements. Legacy reasons for encryption include the encryption +of messages with a recipients public key where the recipient is not +bound to FIPS 140-2 regulation and therefore provided a key using +non-approved ciphers. Although the legacy mode is a violation of strict +FIPS 140-2 rule interpretations, it is wise to use this mode or +either not being able to access old messages or not being able +to create encrypted messages to a recipient that is not adhering +to FIPS 140-2 rules. + @end table Index: gnupg-2.0.22/g10/gpg.c === --- gnupg-2.0.22.orig/g10/gpg.c 2014-04-30 12:42:35.117468014 +0200 +++ gnupg-2.0.22/g10/gpg.c 2014-04-30 12:42:35.129468147 +0200 @@ -368,6 +368,7 @@ enum cmd_and_opt_values oDisableDSA2, oAllowMultipleMessages, oNoAllowMultipleMessages, +oSetLegacyFips, oNoop }; @@ -744,6 +745,7 @@ static ARGPARSE_OPTS opts[] = { ARGPARSE_s_n (oDisableDSA2, disable-dsa2, @), ARGPARSE_s_n (oAllowMultipleMessages, allow-multiple-messages, @), ARGPARSE_s_n (oNoAllowMultipleMessages, no-allow-multiple-messages, @), + ARGPARSE_s_n (oSetLegacyFips, set-legacy-fips, @), /* These two are aliases to help users of the PGP command line product use gpg with minimal pain. Many commands are common @@ -2948,6 +2950,13 @@ main (int argc, char **argv) opt.flags.allow_multiple_messages=0; break; + case oSetLegacyFips: + if(gcry_fips_mode_active()) + gcry_control (GCRYCTL_INACTIVATE_FIPS_FLAG, Enable legacy support in FIPS 140-2 mode); + else + log_info (Command set-legacy-fips ignored as libgcrypt is not in FIPS mode\n); + break; + case oNoop: break; default: -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2014-02-17 07:18:17 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is gpg2 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2013-10-06 14:52:48.0 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2014-02-17 07:18:18.0 +0100 @@ -1,0 +2,5 @@ +Fri Feb 14 16:14:14 UTC 2014 - vci...@suse.com + +- install scdaemon to /usr/bin (bnc#863645) + +--- Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.jjeKza/_old 2014-02-17 07:18:18.0 +0100 +++ /var/tmp/diff_new_pack.jjeKza/_new 2014-02-17 07:18:18.0 +0100 @@ -1,7 +1,7 @@ # # spec file for package gpg2 # -# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -126,6 +126,8 @@ rm -rf $RPM_BUILD_ROOT/%_datadir/locale/en@{bold,}quot # additional files to documentation directory install -m 644 AUTHORS COPYING ChangeLog NEWS THANKS TODO doc/FAQ $RPM_BUILD_ROOT/%{_docdir}/%{name} +# install scdaemon to %{_bindir} (bnc#863645) +mv %{buildroot}%{_libdir}/scdaemon %{buildroot}%{_bindir} %find_lang gnupg2 %if 0%{?suse_version} 1020 %fdupes %buildroot -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2013-10-06 14:52:46 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is gpg2 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2013-09-17 15:02:37.0 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2013-10-06 14:52:48.0 +0200 @@ -1,0 +2,11 @@ +Sat Oct 5 11:44:42 UTC 2013 - andreas.stie...@gmx.de + +- update to 2.0.22 [bnc#844175] + * Fixed possible infinite recursion in the compressed packet +parser. [CVE-2013-4402] + * Improved support for some card readers. + * Prepared building with the forthcoming Libgcrypt 1.6. + * Protect against rogue keyservers sending secret keys. +- remove gpg2-CVE-2013-4351.patch, committed upstream + +--- Old: gnupg-2.0.21.tar.bz2 gnupg-2.0.21.tar.bz2.sig gpg2-CVE-2013-4351.patch New: gnupg-2.0.22.tar.bz2 gnupg-2.0.22.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.5Mrvaf/_old 2013-10-06 14:52:49.0 +0200 +++ /var/tmp/diff_new_pack.5Mrvaf/_new 2013-10-06 14:52:49.0 +0200 @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.0.21 +Version:2.0.22 Release:0 BuildRequires: automake = 1.10 BuildRequires: expect @@ -64,7 +64,6 @@ Patch9: gnupg-detect_FIPS_mode.patch # PATCH-FIX-OPENSUSE co...@suse.de -- automake 1.13 already includes $SHELL Patch10:gnupg-2.0.20-automake113.diff -Patch11:gpg2-CVE-2013-4351.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -84,7 +83,6 @@ %patch8 -p1 %patch9 -p1 %patch10 -p1 -%patch11 -p1 %build autoreconf -fi ++ gnupg-2.0.21.tar.bz2 - gnupg-2.0.22.tar.bz2 ++ 86519 lines of diff (skipped) ++ gnupg-2.0.9-RSA_ES.patch ++ --- /var/tmp/diff_new_pack.5Mrvaf/_old 2013-10-06 14:52:51.0 +0200 +++ /var/tmp/diff_new_pack.5Mrvaf/_new 2013-10-06 14:52:51.0 +0200 @@ -3,43 +3,43 @@ # g10/misc.c |8 # 1 file changed, 8 insertions(+) # -Index: gnupg-2.0.20/g10/misc.c +Index: gnupg-2.0.22/g10/misc.c === gnupg-2.0.20.orig/g10/misc.c 2013-05-10 13:55:47.0 +0100 -+++ gnupg-2.0.20/g10/misc.c2013-05-10 19:57:18.0 +0100 -@@ -1326,6 +1326,8 @@ pubkey_get_npkey( int algo ) +--- gnupg-2.0.22.orig/g10/misc.c 2013-10-04 16:54:48.0 +0100 gnupg-2.0.22/g10/misc.c2013-10-05 12:39:16.0 +0100 +@@ -1333,6 +1333,8 @@ pubkey_get_npkey( int algo ) if (algo == GCRY_PK_ELG_E) algo = GCRY_PK_ELG; + if (algo == GCRY_PK_RSA_E || algo == GCRY_PK_RSA_S) +algo = GCRY_PK_RSA; - if (gcry_pk_algo_info( algo, GCRYCTL_GET_ALGO_NPKEY, NULL, n)) + if (gcry_pk_algo_info (map_pk_openpgp_to_gcry (algo), + GCRYCTL_GET_ALGO_NPKEY, NULL, n)) n = 0; - return n; -@@ -1339,6 +1341,8 @@ pubkey_get_nskey( int algo ) +@@ -1353,6 +1355,8 @@ pubkey_get_nskey( int algo ) if (algo == GCRY_PK_ELG_E) algo = GCRY_PK_ELG; + if (algo == GCRY_PK_RSA_E || algo == GCRY_PK_RSA_S) +algo = GCRY_PK_RSA; - if (gcry_pk_algo_info( algo, GCRYCTL_GET_ALGO_NSKEY, NULL, n )) + if (gcry_pk_algo_info (map_pk_openpgp_to_gcry (algo), + GCRYCTL_GET_ALGO_NSKEY, NULL, n )) n = 0; - return n; -@@ -1352,6 +1356,8 @@ pubkey_get_nsig( int algo ) +@@ -1373,6 +1377,8 @@ pubkey_get_nsig( int algo ) if (algo == GCRY_PK_ELG_E) algo = GCRY_PK_ELG; + if (algo == GCRY_PK_RSA_E || algo == GCRY_PK_RSA_S) +algo = GCRY_PK_RSA; - if (gcry_pk_algo_info( algo, GCRYCTL_GET_ALGO_NSIGN, NULL, n)) + if (gcry_pk_algo_info (map_pk_openpgp_to_gcry (algo), + GCRYCTL_GET_ALGO_NSIGN, NULL, n)) n = 0; - return n; -@@ -1365,6 +1371,8 @@ pubkey_get_nenc( int algo ) +@@ -1393,6 +1399,8 @@ pubkey_get_nenc( int algo ) if (algo == GCRY_PK_ELG_E) algo = GCRY_PK_ELG; + if (algo == GCRY_PK_RSA_E || algo == GCRY_PK_RSA_S) +algo = GCRY_PK_RSA; - if (gcry_pk_algo_info( algo, GCRYCTL_GET_ALGO_NENCR, NULL, n )) + if (gcry_pk_algo_info (map_pk_openpgp_to_gcry (algo), + GCRYCTL_GET_ALGO_NENCR, NULL, n )) n = 0; - return n; -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2013-09-17 15:02:35 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is gpg2 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2013-08-21 13:45:39.0 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2013-09-17 15:02:37.0 +0200 @@ -1,0 +2,5 @@ +Mon Sep 16 11:08:55 UTC 2013 - vci...@suse.com + +- fix CVE-2013-4351 (bnc#840510) + +--- New: gpg2-CVE-2013-4351.patch Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.CwZzc6/_old 2013-09-17 15:02:37.0 +0200 +++ /var/tmp/diff_new_pack.CwZzc6/_new 2013-09-17 15:02:37.0 +0200 @@ -64,6 +64,7 @@ Patch9: gnupg-detect_FIPS_mode.patch # PATCH-FIX-OPENSUSE co...@suse.de -- automake 1.13 already includes $SHELL Patch10:gnupg-2.0.20-automake113.diff +Patch11:gpg2-CVE-2013-4351.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -83,6 +84,7 @@ %patch8 -p1 %patch9 -p1 %patch10 -p1 +%patch11 -p1 %build autoreconf -fi ++ gpg2-CVE-2013-4351.patch ++ commit 8f8f3984e82a025cf1384132a419f67f39c7e07d Author: Werner Koch wk at gnupg.org Date: Fri Mar 15 15:46:03 2013 +0100 gpg: Distinguish between missing and cleared key flags. * include/cipher.h (PUBKEY_USAGE_NONE): New. * g10/getkey.c (parse_key_usage): Set new flag. -- We do not want to use the default capabilities (derived from the algorithm) if any key flags are given in a signature. Thus if key flags are used in any way, the default key capabilities are never used. This allows to create a key with key flags set to all zero so it can't be used. This better reflects common sense. Modified g10/getkey.c Index: gnupg-2.0.9/g10/getkey.c === --- gnupg-2.0.9.orig/g10/getkey.c 2013-09-16 16:51:02.752624501 +0200 +++ gnupg-2.0.9/g10/getkey.c2013-09-16 16:54:20.955952692 +0200 @@ -1457,13 +1457,19 @@ parse_key_usage(PKT_signature *sig) if(flags) key_usage |= PUBKEY_USAGE_UNKNOWN; + + if (!key_usage) + key_usage |= PUBKEY_USAGE_NONE; } + else if (p) /* Key flags of length zero. */ +key_usage |= PUBKEY_USAGE_NONE; /* We set PUBKEY_USAGE_UNKNOWN to indicate that this key has a capability that we do not handle. This serves to distinguish between a zero key usage which we handle as the default capabilities for that algorithm, and a usage that we do not - handle. */ + handle. Likewise we use PUBKEY_USAGE_NONE to indicate that + key_flags have been given but they do not specify any usage. */ return key_usage; } Index: gnupg-2.0.9/include/cipher.h === --- gnupg-2.0.9.orig/include/cipher.h 2013-09-16 16:51:02.752624501 +0200 +++ gnupg-2.0.9/include/cipher.h2013-09-16 16:56:27.028429026 +0200 @@ -62,6 +62,11 @@ #define PUBKEY_USAGE_CERTGCRY_PK_USAGE_CERT /* Also good to certify keys. */ #define PUBKEY_USAGE_AUTHGCRY_PK_USAGE_AUTH /* Good for authentication. */ #define PUBKEY_USAGE_UNKNOWN GCRY_PK_USAGE_UNKN /* Unknown usage flag. */ +#define PUBKEY_USAGE_NONE256 /* No usage given. */ +#if (GCRY_PK_USAGE_SIGN | GCRY_PK_USAGE_ENCR | GCRY_PK_USAGE_CERT \ + | GCRY_PK_USAGE_AUTH | GCRY_PK_USAGE_UNKN) = 256 +# error Please choose another value for PUBKEY_USAGE_NONE +#endif #define DIGEST_ALGO_MD5 /* 1 */ GCRY_MD_MD5 #define DIGEST_ALGO_SHA1 /* 2 */ GCRY_MD_SHA1 -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2013-08-21 13:45:37 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is gpg2 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2013-06-18 10:20:26.0 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2013-08-21 13:45:39.0 +0200 @@ -1,0 +2,15 @@ +Mon Aug 19 17:59:48 UTC 2013 - andreas.stie...@gmx.de + +- update to 2.0.21 + * gpg-agent: By default the users are now asked via the Pinentry + whether they trust an X.509 root key. To prohibit interactive + marking of such keys, the new option --no-allow-mark-trusted may + be used. + * gpg-agent: The command KEYINFO has options to add info from + sshcontrol. + * The included ssh agent does now support ECDSA keys. +- now requires libgpg-error 1.11 +- update gnupg-2.0.9-langinfo.patch for upstream whitespace changes +- drop gnupg-broken-curl-test.patch, no longer required + +--- Old: gnupg-2.0.20.tar.bz2 gnupg-2.0.20.tar.bz2.sig gnupg-broken-curl-test.patch New: gnupg-2.0.21.tar.bz2 gnupg-2.0.21.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.OWoVij/_old 2013-08-21 13:45:40.0 +0200 +++ /var/tmp/diff_new_pack.OWoVij/_new 2013-08-21 13:45:40.0 +0200 @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.0.20 +Version:2.0.21 Release:0 BuildRequires: automake = 1.10 BuildRequires: expect @@ -27,7 +27,7 @@ BuildRequires: libbz2-devel BuildRequires: libcurl-devel = 7.10 BuildRequires: libgcrypt-devel = 1.4.0 -BuildRequires: libgpg-error-devel = 1.7 +BuildRequires: libgpg-error-devel = 1.11 BuildRequires: libksba-devel = 1.0.7 BuildRequires: libusb-devel BuildRequires: openldap2-devel @@ -60,7 +60,6 @@ Patch4: gnupg-2.0.9-langinfo.patch Patch5: gnupg-2.0.18-files-are-digests.patch Patch6: gnupg-dont-fail-with-seahorse-agent.patch -Patch7: gnupg-broken-curl-test.patch Patch8: gnupg-set_umask_before_open_outfile.patch Patch9: gnupg-detect_FIPS_mode.patch # PATCH-FIX-OPENSUSE co...@suse.de -- automake 1.13 already includes $SHELL @@ -78,10 +77,9 @@ %patch1 -p1 %patch2 %patch3 -p1 -%patch4 +%patch4 -p1 %patch5 -p1 %patch6 -p1 -%patch7 -p1 %patch8 -p1 %patch9 -p1 %patch10 -p1 ++ gnupg-2.0.20.tar.bz2 - gnupg-2.0.21.tar.bz2 ++ 35348 lines of diff (skipped) ++ gnupg-2.0.9-langinfo.patch ++ --- /var/tmp/diff_new_pack.OWoVij/_old 2013-08-21 13:45:42.0 +0200 +++ /var/tmp/diff_new_pack.OWoVij/_new 2013-08-21 13:45:42.0 +0200 @@ -1,11 +1,15 @@ # fix [bnc#305725] - non latin characters displayed incorrectly by pinentry -Index: jnlib/utf8conv.c +--- +# jnlib/utf8conv.c |1 + +# 1 file changed, 1 insertion(+) +# +Index: gnupg-2.0.21/jnlib/utf8conv.c === jnlib/utf8conv.c.orig 2008-11-04 15:39:06.0 +0100 -+++ jnlib/utf8conv.c 2009-06-18 11:42:36.0 +0200 -@@ -203,6 +203,7 @@ set_native_charset (const char *newset) +--- gnupg-2.0.21.orig/jnlib/utf8conv.c 2013-08-19 09:55:30.0 +0100 gnupg-2.0.21/jnlib/utf8conv.c 2013-08-19 18:53:22.0 +0100 +@@ -148,6 +148,7 @@ set_native_charset (const char *newset) #else /*!HAVE_W32_SYSTEM*/ - + #ifdef HAVE_LANGINFO_CODESET +setlocale(LC_ALL, ); newset = nl_langinfo (CODESET); -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2013-06-18 10:20:25 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is gpg2 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2013-05-16 15:35:21.0 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2013-06-18 10:20:26.0 +0200 @@ -1,0 +2,10 @@ +Mon Jun 17 12:48:24 UTC 2013 - co...@suse.com + +- revert usage of gpg-offline to avoid cycles + +--- +Mon Jun 17 12:40:10 UTC 2013 - co...@suse.com + +- add gnupg-2.0.20-automake113.diff to fix build with automake 1.13 + +--- New: gnupg-2.0.20-automake113.diff Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.9vgHJJ/_old 2013-06-18 10:20:26.0 +0200 +++ /var/tmp/diff_new_pack.9vgHJJ/_new 2013-06-18 10:20:26.0 +0200 @@ -38,9 +38,6 @@ %else BuildRequires: pth = 1.3.7 %endif -%if 0%{?suse_version} = 1230 -BuildRequires: gpg-offline -%endif Url:http://www.gnupg.org/aegypten2/ PreReq: %install_info_prereq Requires: dirmngr @@ -66,6 +63,8 @@ Patch7: gnupg-broken-curl-test.patch Patch8: gnupg-set_umask_before_open_outfile.patch Patch9: gnupg-detect_FIPS_mode.patch +# PATCH-FIX-OPENSUSE co...@suse.de -- automake 1.13 already includes $SHELL +Patch10:gnupg-2.0.20-automake113.diff BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -75,7 +74,6 @@ %lang_package %prep -%{?gpg_verify: %gpg_verify %{S:2}} %setup -q -n gnupg-%version %patch1 -p1 %patch2 @@ -86,6 +84,7 @@ %patch7 -p1 %patch8 -p1 %patch9 -p1 +%patch10 -p1 %build autoreconf -fi ++ gnupg-2.0.20-automake113.diff ++ Index: gnupg-2.0.20/tests/openpgp/Makefile.am === --- gnupg-2.0.20.orig/tests/openpgp/Makefile.am +++ gnupg-2.0.20/tests/openpgp/Makefile.am @@ -25,7 +25,7 @@ required_pgms = ../../g10/gpg2 ../../age TESTS_ENVIRONMENT = GNUPGHOME=$(abs_builddir) GPG_AGENT_INFO= LC_ALL=C \ - ../../agent/gpg-agent --quiet --daemon sh + ../../agent/gpg-agent --quiet --daemon TESTS = version.test mds.test \ -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2013-05-16 10:59:32 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is gpg2 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2013-03-28 13:16:14.0 +0100 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2013-05-16 10:59:33.0 +0200 @@ -1,0 +2,26 @@ +Fri May 10 19:33:24 UTC 2013 - andreas.stie...@gmx.de + +- update to 2.0.20 + * Decryption using smartcards keys 3072 bit does now work. + * New meta option ignore-invalid-option to allow using the same + option file by other GnuPG versions. + * gpg: The hash algorithm is now printed for sig records in key listings. + * gpg: Skip invalid keyblock packets during import to avoid a DoS. + * gpg: Correctly handle ports from DNS SRV records. + * keyserver: Improve use of SRV records + * gpg-agent: Avoid tty corruption when killing pinentry. + * scdaemon: Improve detection of card insertion and removal. + * scdaemon: Rename option --disable-keypad to --disable-pinpad. + * scdaemon: Better support for CCID readers. Now, the internal CCID + driver supports readers without the auto configuration feature. + * scdaemon: Add pinpad input for PC/SC, if your reader has pinpad and + it supports variable length PIN input, and you specify + --enable-pinpad-varlen option. + * scdaemon: New option --enable-pinpad-varlen. + * scdaemon: Install into libexecdir to avoid accidental execution + from the command line. + * Assorted bug fixes. +- refresh gnupg-2.0.9-RSA_ES.patch +- verify gpg signature of source tarball + +--- Old: gnupg-2.0.19.tar.bz2 New: gnupg-2.0.20.tar.bz2 gnupg-2.0.20.tar.bz2.sig gpg2.keyring Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.hhcZnX/_old 2013-05-16 10:59:34.0 +0200 +++ /var/tmp/diff_new_pack.hhcZnX/_new 2013-05-16 10:59:34.0 +0200 @@ -17,9 +17,9 @@ Name: gpg2 -Version:2.0.19 +Version:2.0.20 Release:0 -BuildRequires: automake +BuildRequires: automake = 1.10 BuildRequires: expect BuildRequires: fdupes BuildRequires: libadns-devel @@ -38,6 +38,9 @@ %else BuildRequires: pth = 1.3.7 %endif +%if 0%{?suse_version} = 1230 +BuildRequires: gpg-offline +%endif Url:http://www.gnupg.org/aegypten2/ PreReq: %install_info_prereq Requires: dirmngr @@ -53,6 +56,7 @@ License:GPL-3.0+ Group: Productivity/Networking/Security Source: ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-%{version}.tar.bz2 +Source2:ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-%{version}.tar.bz2.sig Patch1: gnupg-2.0.18-tmpdir.diff Patch2: gnupg-2.0.4-install_tools.diff Patch3: gnupg-2.0.9-RSA_ES.patch @@ -68,6 +72,7 @@ %lang_package %prep +%{?gpg_verify: %gpg_verify %{S:2}} %setup -q -n gnupg-%version %patch1 -p1 %patch2 ++ gnupg-2.0.19.tar.bz2 - gnupg-2.0.20.tar.bz2 ++ 131598 lines of diff (skipped) ++ gnupg-2.0.9-RSA_ES.patch ++ --- /var/tmp/diff_new_pack.hhcZnX/_old 2013-05-16 10:59:37.0 +0200 +++ /var/tmp/diff_new_pack.hhcZnX/_new 2013-05-16 10:59:37.0 +0200 @@ -1,9 +1,13 @@ # adds back support for deprecated RSA_E, RSA_S algorithms -Index: gnupg-2.0.13/g10/misc.c +--- +# g10/misc.c |8 +# 1 file changed, 8 insertions(+) +# +Index: gnupg-2.0.20/g10/misc.c === gnupg-2.0.13.orig/g10/misc.c 2009-07-16 08:22:45.0 +0200 -+++ gnupg-2.0.13/g10/misc.c2009-11-13 13:19:39.0 +0100 -@@ -1308,6 +1308,8 @@ pubkey_get_npkey( int algo ) +--- gnupg-2.0.20.orig/g10/misc.c 2013-05-10 13:55:47.0 +0100 gnupg-2.0.20/g10/misc.c2013-05-10 19:57:18.0 +0100 +@@ -1326,6 +1326,8 @@ pubkey_get_npkey( int algo ) if (algo == GCRY_PK_ELG_E) algo = GCRY_PK_ELG; @@ -12,7 +16,7 @@ if (gcry_pk_algo_info( algo, GCRYCTL_GET_ALGO_NPKEY, NULL, n)) n = 0; return n; -@@ -1321,6 +1323,8 @@ pubkey_get_nskey( int algo ) +@@ -1339,6 +1341,8 @@ pubkey_get_nskey( int algo ) if (algo == GCRY_PK_ELG_E) algo = GCRY_PK_ELG; @@ -21,7 +25,7 @@ if (gcry_pk_algo_info( algo, GCRYCTL_GET_ALGO_NSKEY, NULL, n )) n = 0; return n; -@@ -1334,6 +1338,8 @@ pubkey_get_nsig( int algo ) +@@ -1352,6 +1356,8 @@ pubkey_get_nsig( int algo ) if (algo == GCRY_PK_ELG_E) algo = GCRY_PK_ELG; @@ -30,8 +34,8 @@ if (gcry_pk_algo_info( algo, GCRYCTL_GET_ALGO_NSIGN, NULL, n)) n = 0; return n; -@@
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2013-05-16 15:35:19 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is gpg2 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2013-05-16 10:59:33.0 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2013-05-16 15:35:21.0 +0200 @@ -1,0 +2,8 @@ +Tue May 14 14:00:45 UTC 2013 - vci...@suse.com + +- set safe umask before creating a plaintext file (bnc#780943) + added gpg2-set_umask_before_open_outfile.patch +- select proper ciphers when running in FIPS mode (bnc#808958) + added gnupg-detect_FIPS_mode.patch + +--- New: gnupg-detect_FIPS_mode.patch gnupg-set_umask_before_open_outfile.patch Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.iUuveU/_old 2013-05-16 15:35:22.0 +0200 +++ /var/tmp/diff_new_pack.iUuveU/_new 2013-05-16 15:35:22.0 +0200 @@ -64,6 +64,9 @@ Patch5: gnupg-2.0.18-files-are-digests.patch Patch6: gnupg-dont-fail-with-seahorse-agent.patch Patch7: gnupg-broken-curl-test.patch +Patch8: gnupg-set_umask_before_open_outfile.patch +Patch9: gnupg-detect_FIPS_mode.patch + BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -81,6 +84,8 @@ %patch5 -p1 %patch6 -p1 %patch7 -p1 +%patch8 -p1 +%patch9 -p1 %build autoreconf -fi ++ gnupg-detect_FIPS_mode.patch ++ Index: gnupg-2.0.19/g10/encode.c === --- gnupg-2.0.19.orig/g10/encode.c 2013-03-14 14:23:58.009483967 +0100 +++ gnupg-2.0.19/g10/encode.c 2013-03-14 15:49:50.524306304 +0100 @@ -732,7 +732,10 @@ encrypt_filter( void *opaque, int contro if( efx-cfx.dek-algo == -1 ) { /* because 3DES is implicitly in the prefs, this can only * happen if we do not have any public keys in the list */ - efx-cfx.dek-algo = DEFAULT_CIPHER_ALGO; + /* Libgcrypt manual says that gcry_version_check must be called + before calling gcry_fips_mode_active. */ + gcry_check_version (NULL); + efx-cfx.dek-algo = gcry_fips_mode_active() ? CIPHER_ALGO_AES : DEFAULT_CIPHER_ALGO; } /* In case 3DES has been selected, print a warning if Index: gnupg-2.0.19/g10/gpg.c === --- gnupg-2.0.19.orig/g10/gpg.c 2013-03-14 14:24:00.031545611 +0100 +++ gnupg-2.0.19/g10/gpg.c 2013-03-14 14:24:37.495687612 +0100 @@ -1975,7 +1975,7 @@ main (int argc, char **argv) opt.compress_algo = -1; /* defaults to DEFAULT_COMPRESS_ALGO */ opt.s2k_mode = 3; /* iterated+salted */ opt.s2k_count = 0; /* Auto-calibrate when needed. */ -opt.s2k_cipher_algo = CIPHER_ALGO_CAST5; +opt.s2k_cipher_algo = gcry_fips_mode_active() ? CIPHER_ALGO_AES : CIPHER_ALGO_CAST5; opt.completes_needed = 1; opt.marginals_needed = 3; opt.max_cert_depth = 5; Index: gnupg-2.0.19/g10/mainproc.c === --- gnupg-2.0.19.orig/g10/mainproc.c2013-03-14 14:23:58.011484028 +0100 +++ gnupg-2.0.19/g10/mainproc.c 2013-03-14 15:50:50.970127383 +0100 @@ -685,9 +685,15 @@ proc_plaintext( CTX c, PACKET *pkt ) often. There is no good way to specify what algorithms to use in that case, so these three are the historical answer. */ - gcry_md_enable( c-mfx.md, DIGEST_ALGO_RMD160 ); + + /* Libgcrypt manual says that gcry_version_check must be called + before calling gcry_fips_mode_active. */ + gcry_check_version (NULL); + if( !gcry_fips_mode_active() ) + gcry_md_enable( c-mfx.md, DIGEST_ALGO_RMD160 ); gcry_md_enable( c-mfx.md, DIGEST_ALGO_SHA1 ); - gcry_md_enable( c-mfx.md, DIGEST_ALGO_MD5 ); + if( !gcry_fips_mode_active() ) + gcry_md_enable( c-mfx.md, DIGEST_ALGO_MD5 ); } if( opt.pgp2_workarounds only_md5 !opt.skip_verify ) { /* This is a kludge to work around a bug in pgp2. It does only ++ gnupg-set_umask_before_open_outfile.patch ++ Index: gnupg-2.0.20/g10/plaintext.c === --- gnupg-2.0.20.orig/g10/plaintext.c 2013-05-13 14:26:49.290737159 +0200 +++ gnupg-2.0.20/g10/plaintext.c2013-05-13 14:43:21.740575875 +0200 @@ -25,6 +25,7 @@ #include errno.h #include assert.h #include sys/types.h +#include
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2013-03-28 13:16:11 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is gpg2, Maintainer is vci...@suse.com Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2013-01-17 09:39:24.0 +0100 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2013-03-28 13:16:14.0 +0100 @@ -1,0 +2,6 @@ +Wed Mar 27 12:16:19 UTC 2013 - mmeis...@suse.com + +- Added url as source. + Please see http://en.opensuse.org/SourceUrls + +--- Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.fgxzLI/_old 2013-03-28 13:16:16.0 +0100 +++ /var/tmp/diff_new_pack.fgxzLI/_new 2013-03-28 13:16:16.0 +0100 @@ -52,7 +52,7 @@ Summary:GnuPG 2 License:GPL-3.0+ Group: Productivity/Networking/Security -Source: gnupg-%{version}.tar.bz2 +Source: ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-%{version}.tar.bz2 Patch1: gnupg-2.0.18-tmpdir.diff Patch2: gnupg-2.0.4-install_tools.diff Patch3: gnupg-2.0.9-RSA_ES.patch -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2013-01-17 09:39:23 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is gpg2, Maintainer is vci...@suse.com Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2012-04-19 08:48:52.0 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2013-01-17 09:39:24.0 +0100 @@ -1,0 +2,6 @@ +Fri Jan 11 20:26:50 UTC 2013 - lazy.k...@opensuse.org + +- BuildRequires: libbz2-devel (support BZIP2 compression + algorithm) (bnc#798175). + +--- Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.iMJrMk/_old 2013-01-17 09:39:25.0 +0100 +++ /var/tmp/diff_new_pack.iMJrMk/_new 2013-01-17 09:39:25.0 +0100 @@ -1,7 +1,7 @@ # # spec file for package gpg2 # -# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -24,6 +24,7 @@ BuildRequires: fdupes BuildRequires: libadns-devel BuildRequires: libassuan-devel = 2.0.0 +BuildRequires: libbz2-devel BuildRequires: libcurl-devel = 7.10 BuildRequires: libgcrypt-devel = 1.4.0 BuildRequires: libgpg-error-devel = 1.7 -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2011-12-06 17:58:48 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new (New) Package is gpg2, Maintainer is vci...@suse.com Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2011-10-02 10:09:58.0 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new/gpg2.changes 2011-12-06 17:59:23.0 +0100 @@ -1,0 +2,10 @@ +Tue Dec 6 10:58:36 UTC 2011 - vci...@suse.com + +- fixed licence to GPL-3.0+ (bnc#734878) + +--- +Wed Nov 30 09:55:47 UTC 2011 - co...@suse.com + +- add automake as buildrequire to avoid implicit dependency + +--- Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.8u8MMW/_old 2011-12-06 17:59:25.0 +0100 +++ /var/tmp/diff_new_pack.8u8MMW/_new 2011-12-06 17:59:25.0 +0100 @@ -15,12 +15,12 @@ # Please submit bugfixes or comments via http://bugs.opensuse.org/ # -# norootforbuild Name: gpg2 Version:2.0.18 Release:4 +BuildRequires: automake BuildRequires: expect BuildRequires: fdupes BuildRequires: libgpg-error-devel = 1.7 @@ -39,10 +39,9 @@ BuildRequires: pth = 1.3.7 %endif Url:http://www.gnupg.org/aegypten2/ -License:GPLv2+ +License:GPL-3.0+ Group: Productivity/Networking/Security PreReq: %install_info_prereq -AutoReqProv:on Requires: pinentry dirmngr Recommends: %name-lang = %{version} Provides: newpg gpg = 1.4.9 gnupg = %{version} -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at Thu Sep 1 14:51:02 CEST 2011. --- gpg2/gpg2.changes 2011-08-19 03:14:11.0 +0200 +++ /mounts/work_src_done/STABLE/gpg2/gpg2.changes 2011-08-31 12:03:35.0 +0200 @@ -1,0 +2,5 @@ +Wed Aug 31 10:00:35 UTC 2011 - pu...@suse.com + +- link with -pie + +--- calling whatdependson for head-i586 Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.wqQ8eH/_old 2011-09-01 13:33:35.0 +0200 +++ /var/tmp/diff_new_pack.wqQ8eH/_new 2011-09-01 13:33:35.0 +0200 @@ -20,7 +20,7 @@ Name: gpg2 Version:2.0.18 -Release:2 +Release:4 BuildRequires: expect BuildRequires: fdupes BuildRequires: libgpg-error-devel = 1.7 @@ -80,10 +80,12 @@ # build PIEs (position independent executables) for address space randomisation: %ifarch s390x %sparc # s390x needs to use the large PIE model (at least for gpg.c): -CFLAGS=%{optflags} -fPIE LDFLAGS=-pie \ +PIE=-fPIE %else -CFLAGS=%{optflags} -fpie LDFLAGS=-pie \ +PIE=-fpie %endif +export CFLAGS=%{optflags} ${PIE} +export LDFLAGS=-pie %configure \ --libexecdir=%{_libdir} \ --docdir=%{_docdir}/%{name} \ Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at Wed Mar 16 10:37:18 CET 2011. --- gpg2/gpg2.changes 2011-01-07 13:25:06.0 +0100 +++ /mounts/work_src_done/STABLE/gpg2/gpg2.changes 2011-03-15 10:49:13.0 +0100 @@ -1,0 +2,13 @@ +Tue Mar 15 09:29:42 UTC 2011 - pu...@novell.com + +- update to gnupg-2.0.17 + * Allow more hash algorithms with the OpenPGP v2 card. + * The gpg-agent now tests for a new gpg-agent.conf on a HUP. + * Fixed output of gpgconf --check-options. + * Fixed a bug where Scdaemon sends a signal to Gpg-agent running + in non-daemon mode. + * Fixed TTY management for pinentries and session variable update + problem. +- drop gnupg-CVE-2010-2547.patch (in upstream) + +--- calling whatdependson for head-i586 Old: gnupg-2.0.16.tar.bz2 gnupg-CVE-2010-2547.patch New: gnupg-2.0.17.tar.bz2 Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.38yGnG/_old 2011-03-16 10:35:07.0 +0100 +++ /var/tmp/diff_new_pack.38yGnG/_new 2011-03-16 10:35:07.0 +0100 @@ -1,5 +1,5 @@ # -# spec file for package gpg2 (Version 2.0.16) +# spec file for package gpg2 # # Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany. # @@ -19,8 +19,8 @@ Name: gpg2 -Version:2.0.16 -Release:4 +Version:2.0.17 +Release:1 BuildRequires: expect BuildRequires: fdupes BuildRequires: libgpg-error-devel = 1.7 @@ -57,7 +57,6 @@ Patch4: gnupg-2.0.9-langinfo.patch Patch5: gnupg-files-are-digests.patch Patch6: gnupg-dont-fail-with-seahorse-agent.patch -Patch7: gnupg-CVE-2010-2547.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -73,10 +72,8 @@ %patch4 %patch5 -p1 %patch6 -p1 -%patch7 -p1 %build -# Required for patch7: autoreconf -fi # build PIEs (position independent executables) for address space randomisation: %ifarch s390x %sparc @@ -119,7 +116,7 @@ # fix rpmlint invalid-lc-messages-dir: rm -rf $RPM_BUILD_ROOT/%_datadir/locale/en@{bold,}quot # additional files to documentation directory -install -m 644 AUTHORS COPYING ChangeLog NEWS THANKS TODO doc/FAQ doc/faq.html $RPM_BUILD_ROOT/%{_docdir}/%{name} +install -m 644 AUTHORS COPYING ChangeLog NEWS THANKS TODO doc/FAQ $RPM_BUILD_ROOT/%{_docdir}/%{name} %find_lang gnupg2 %if 0%{?suse_version} 1020 %fdupes %buildroot ++ gnupg-2.0.16.tar.bz2 - gnupg-2.0.17.tar.bz2 ++ 76184 lines of diff (skipped) ++ gnupg-2.0.4-install_tools.diff ++ --- /var/tmp/diff_new_pack.38yGnG/_old 2011-03-16 10:35:09.0 +0100 +++ /var/tmp/diff_new_pack.38yGnG/_new 2011-03-16 10:35:09.0 +0100 @@ -1,7 +1,7 @@ Index: tools/Makefile.am === tools/Makefile.am.orig 2009-04-17 19:39:47.0 +0200 -+++ tools/Makefile.am 2009-11-13 13:01:24.0 +0100 +--- tools/Makefile.am.orig tools/Makefile.am @@ -32,8 +32,8 @@ sbin_SCRIPTS = addgnupghome applygnupgde bin_SCRIPTS = gpgsm-gencert.sh @@ -13,9 +13,9 @@ endif if BUILD_SYMCRYPTRUN -@@ -44,14 +44,14 @@ endif +@@ -51,14 +51,14 @@ endif - bin_PROGRAMS = gpgconf gpg-connect-agent gpgkey2ssh ${symcryptrun} + bin_PROGRAMS = gpgconf gpg-connect-agent gpgkey2ssh ${symcryptrun} ${gpgtar} if !HAVE_W32_SYSTEM -bin_PROGRAMS += watchgnupg gpgparsemail +bin_PROGRAMS += watchgnupg gpgparsemail gpgsplit Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org