2020-09-05 12:25:52 by Jonathan Schleifer | Files touched by this commit (3) |
Log message:
Update security/gnupg2 to 2.2.23
Fixes a criticial vulnerability: https://dev.gnupg.org/T5050
Noteworthy changes in version 2.2.22
====================================
* gpg: Change the default key algorithm to rsa3072.
* gpg: Add regular expression support for Trust Signatures on all
platforms. [#4843]
* gpg: Fix regression in 2.2.21 with non-default --passphrase-repeat
option. [#4991]
* gpg: Ignore --personal-digest-prefs for ECDSA keys. [#5021]
* gpgsm: Make rsaPSS a de-vs compliant scheme.
* gpgsm: Show also the SHA256 fingerprint in key listings.
* gpgsm: Do not require a default keyring for --gpgconf-list. [#4867]
* gpg-agent: Default to extended key format and record the creation
time of keys. Add new option --disable-extended-key-format.
* gpg-agent: Support the WAYLAND_DISPLAY envvar. [#5016]
* gpg-agent: Allow using --gpgconf-list even if HOME does not
exist. [#4866]
* gpg-agent: Make the Pinentry work even if the envvar TERM is set
to the empty string. [#4137]
* scdaemon: Add a workaround for Gnuk tokens <= 2.15 which wrongly
incremented the error counter when using the "verify" command of
"gpg --edit-key" with only the signature key being present.
* dirmngr: Better handle systems with disabled IPv6. [#4977]
* gpgpslit: Install tool. It was not installed in the past to avoid
conflicts with the version installed by GnuPG 1.4. [#5023]
* gpgtar: Handle Unicode file names on Windows correctly (requires
libgpg-error 1.39). [#4083]
* gpgtar: Make --files-from and --null work as documented. [#5027]
* Build the Windows installer with the new Ntbtls 0.2.0 so that TLS
connections succeed for servers demanding GCM.
Release-info: https://dev.gnupg.org/T5030
Noteworthy changes in version 2.2.23
====================================
* gpg: Fix AEAD preference list overflow. [#5050]
* gpg: Fix a possible segv in the key cleaning code.
* gpgsm: Fix a minor RFC2253 parser bug. [#5037]
* scdaemon: Fix a PIN verify failure on certain OpenPGP card
implementations. Regression in 2.2.22. [#5039]
* po: Fix bug in the Hungarian translation. Updates for the Czech,
Polish, and Ukrainian translations.
Release-info: https://dev.gnupg.org/T5045
|
2020-08-18 11:39:23 by Amitai Schleier | Files touched by this commit (3) |
Log message:
Provide a definition of IN_EXCL_UNLINK for Linux < 2.6.36, and link with -lrt.
Fixes build on CentOS 6. Still builds on CentOS 7, Debian 9 and 10, Devuan 3.
|
2020-07-24 12:47:45 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message:
gnupg2: updated to 2.2.21
Noteworthy changes in version 2.2.21
* gpg: Improve symmetric decryption speed by about 25%.
* gpg: Support decryption of AEAD encrypted data packets.
* gpg: Add option --no-include-key-block.
* gpg: Allow for extra padding in ECDH.
* gpg: Only a single pinentry is shown for symmetric encryption if
the pinentry supports this.
* gpg: Print a note if no keys are given to --delete-key.
* gpg,gpgsm: The ridiculous passphrase quality bar is not anymore
shown.
* gpgsm: Certificates without a CRL distribution point are now
considered valid without looking up a CRL. The new option
--enable-issuer-based-crl-check can be used to revert to the
former behaviour.
* gpgsm: Support rsaPSS signature verification.
* gpgsm: Unless CRL checking is disabled lookup a missing issuer
certificate using the certificate's authorityInfoAccess.
* gpgsm: Print the certificate's serial number also in decimal
notation.
* gpgsm: Fix possible NULL-deref in messages of --gen-key.
* scd: Support the CardOS 5 based D-Trust Card 3.1.
* dirmngr: Allow http URLs with "LOOKUP --url".
* wkd: Take name of sendmail from configure. Fixes an OpenBSD
specific bug.
|
2020-06-02 10:25:05 by Adam Ciarcinski | Files touched by this commit (1689) |
Log message:
Revbump for icu
|
2020-05-22 12:56:49 by Adam Ciarcinski | Files touched by this commit (624) |
Log message:
revbump after updating security/nettle
|
2020-04-12 10:29:21 by Adam Ciarcinski | Files touched by this commit (956) | |
Log message:
Recursive revision bump after textproc/icu update
|
2020-04-06 01:36:02 by Tobias Nygren | Files touched by this commit (1) |
Log message:
gnupg2: continue the OPSYS-specific -lintl cargo cult
This probably has nothing to do with OPSYS ...
|
2020-03-21 08:24:30 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message:
gnupg2: updated to 2.2.20
Noteworthy changes in version 2.2.20:
* Protect the error counter against overflow to guarantee that the
tools can't be tricked into returning success after an error.
* gpg: Make really sure that --verify-files always returns an error.
* gpg: Fix key listing --with-secret if a pattern is given.
* gpg: Fix detection of certain keys used as default-key.
* gpg: Fix default-key selection when a card is available.
* gpg: Fix key expiration and key usage for keys created with a
creation date of zero.
* gpgsm: Fix import of some CR,LF terminated certificates.
* gpg: New options --include-key-block and --auto-key-import to
allow encrypted replies after an initial signed message.
* gpg: Allow the use of a fingerprint with --trusted-key.
* gpg: New property "fpr" for use by --export-filter.
* scdaemon: Disable the pinpad if a KDF DO is used.
* dirmngr: Improve finding OCSP certificates.
* Avoid build problems with LTO or gcc-10.
|
2020-03-08 17:51:54 by Thomas Klausner | Files touched by this commit (2833) |
Log message:
*: recursive bump for libffi
|
2020-01-18 22:51:16 by Jonathan Perkin | Files touched by this commit (1836) |
Log message:
*: Recursive revision bump for openssl 1.1.1.
|