Next | Query returned 181 messages, browsing 61 to 70 | Previous

History of commit frequency

CVS Commit History:


   2019-11-27 13:17:08 by Ryo ONODERA | Files touched by this commit (2)
Log message:
Update to 2.2.18

Changelog:
Noteworthy changes in version 2.2.18 (2019-11-25)
-------------------------------------------------

  * gpg: Changed the way keys are detected on a smartcards; this
    allows the use of non-OpenPGP cards.  In the case of a not very
    likely regression the new option --use-only-openpgp-card is
    available.  [#4681]

  * gpg: The commands --full-gen-key and --quick-gen-key now allow
    direct key generation from supported cards.  [#4681]

  * gpg: Prepare against chosen-prefix SHA-1 collisions in key
    signatures.  This change removes all SHA-1 based key signature
    newer than 2019-01-19 from the web-of-trust.  Note that this
    includes all key signature created with dsa1024 keys.  The new
    option --allow-weak-key-signatues can be used to override the new
    and safer behaviour.  [#4755,CVE-2019-14855]

  * gpg: Improve performance for import of large keyblocks.  [#4592]

  * gpg: Implement a keybox compression run.  [#4644]

  * gpg: Show warnings from dirmngr about redirect and certificate
    problems (details require --verbose as usual).

  * gpg: Allow to pass the empty string for the passphrase if the
    '--passphase=' syntax is used.  [#4633]

  * gpg: Fix printing of the KDF object attributes.

  * gpg: Avoid surprises with --locate-external-key and certain
    --auto-key-locate settings.  [#4662]

  * gpg: Improve selection of best matching key.  [#4713]

  * gpg: Delete key binding signature when deletring a subkey.
    [#4665,#4457]

  * gpg: Fix a potential loss of key sigantures during import with
    self-sigs-only active.  [#4628]

  * gpg: Silence "marked as ultimately trusted" diagnostics if
    option --quiet is used.  [#4634]

  * gpg: Silence some diagnostics during in key listsing even with
    option --verbose.  [#4627]

  * gpg, gpgsm: Change parsing of agent's pkdecrypt results.  [#4652]

  * gpgsm: Support AES-256 keys.

  * gpgsm: Fix a bug in triggering a keybox compression run if
    --faked-system-time is used.

  * dirmngr: System CA certificates are no longer used for the SKS
    pool if GNUTLS instead of NTBTLS is used as TLS library.  [#4594]

  * dirmngr: On Windows detect usability of IPv4 and IPv6 interfaces
    to avoid long timeouts.  [#4165]

  * scd: Fix BWI value for APDU level transfers to make Gemalto Ezio
    Shield and Trustica Cryptoucan work.  [#4654,#4566]

  * wkd: gpg-wks-client --install-key now installs the required policy
    file.
   2019-07-21 00:46:59 by Thomas Klausner | Files touched by this commit (595)
Log message:
*: recursive bump for nettle 3.5.1
   2019-07-10 11:28:24 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
gnupg2: updated to 2.2.17

Noteworthy changes in version 2.2.17:
* gpg: Ignore all key-signatures received from keyservers.  This
  change is required to mitigate a DoS due to keys flooded with
  faked key-signatures.  The old behaviour can be achieved by adding
    keyserver-options no-self-sigs-only,no-import-clean
  to your gpg.conf.
* gpg: If an imported keyblocks is too large to be stored in the
  keybox (pubring.kbx) do not error out but fallback to an import
  using the options "self-sigs-only,import-clean".
* gpg: New command --locate-external-key which can be used to
  refresh keys from the Web Key Directory or via other methods
  configured with --auto-key-locate.
* gpg: New import option "self-sigs-only".
* gpg: In --auto-key-retrieve prefer WKD over keyservers.
* dirmngr: Support the "openpgpkey" subdomain feature from
  draft-koch-openpgp-webkey-service-07.
* dirmngr: Add an exception for the "openpgpkey" subdomain to the
  CSRF protection.
* dirmngr: Fix endless loop due to http errors 503 and 504.
* dirmngr: Fix TLS bug during redirection of HKP requests.
* gpgconf: Fix a race condition when killing components.
   2019-06-02 11:29:09 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
gnupg2: updated to 2.2.16

Noteworthy changes in version 2.2.16:
* gpg,gpgsm: Fix deadlock on Windows due to a keybox sharing
  violation.
* gpg: Allow deletion of subkeys with --delete-key.  This finally
  makes the bang-suffix work as expected for that command.
* gpg: Replace SHA-1 by SHA-256 in self-signatures when updating
  them with --quick-set-expire or --quick-set-primary-uid.
* gpg: Improve the photo image viewer selection.
* gpg: Fix decryption with --use-embedded-filename.
* gpg: Remove hints on using the --keyserver option.
* gpg: Fix export of certain secret keys with comments.
* gpg: Reject too long user-ids in --quick-gen-key.
* gpg: Fix a double free in the best key selection code.
* gpg: Fix the key generation dialog for switching back from EdDSA
  to ECDSA.
* gpg: Use AES-192 with SHA-384 to comply with RFC-6637.
* gpg: Use only the addrspec from the Signer's UID subpacket to
  mitigate a problem with another implementation.
* gpg: Skip invalid packets during a keyring listing and sync
  diagnostics with the output.
* gpgsm: Avoid confusing diagnostic when signing with the default
  key.
* agent: Do not delete any secret key in --dry-run mode.
* agent: Fix failures on 64 bit big-endian boxes related to URIs in
  a keyfile.
* agent: Stop scdaemon after a reload with disable-scdaemon newly
  configured.
* dirmngr: Improve caching algorithm for WKD domains.
* dirmngr: Support other hash algorithms than SHA-1 for OCSP.
* gpgconf: Make --homedir work for --launch.
* gpgconf: Before --launch check for a valid config file.
* wkd: Do not import more than 5 keys from one WKD address.
* wkd: Accept keys which are stored in armored format in the
  directory.
* The installer for Windows now comes with signed binaries.
   2019-04-03 02:33:20 by Ryo ONODERA | Files touched by this commit (748)
Log message:
Recursive revbump from textproc/icu
   2019-04-01 10:30:04 by Adam Ciarcinski | Files touched by this commit (3) | Package updated
Log message:
gnupg2: updated to 2.2.15

Noteworthy changes in version 2.2.15:
* sm: Fix --logger-fd and --status-fd on Windows for non-standard
  file descriptors.
* sm: Allow decryption even if expired keys are configured.
* agent: Change command KEYINFO to print ssh fingerprints with other
  hash algos.
* dirmngr: Fix build problems on Solaris due to the use of reserved
  symbol names.
* wkd: New commands --print-wkd-hash and --print-wkd-url for
  gpg-wks-client.
   2019-03-27 10:42:15 by Jonathan Perkin | Files touched by this commit (2)
Log message:
gnupg2: Fix build.
   2019-03-20 07:39:53 by Adam Ciarcinski | Files touched by this commit (3) | Package updated
Log message:
gnupg2: updated to 2.2.14

Noteworthy changes in version 2.2.14:
* gpg: Allow import of PGP desktop exported secret keys.  Also avoid
 importing secret keys if the secret keyblock is not valid.
* gpg: Do not error out on version 5 keys in the local keyring.
* gpg: Make invalid primary key algo obvious in key listings.
* sm: Do not mark a certificate in a key listing as de-vs compliant
  if its use for a signature will not be possible.
* sm: Fix certificate creation with key on card.
* sm: Create rsa3072 bit certificates by default.
* sm: Print Yubikey attestation extensions with --dump-cert.
* agent: Fix cancellation handling for scdaemon.
* agent: Support --mode=ssh option for CLEAR_PASSPHRASE.
* scd: Fix flushing of the CA-FPR DOs in app-openpgp.
* scd: Avoid a conflict error with the "undefined" app.
* dirmngr: Add CSRF protection exception for protonmail.
* dirmngr: Fix build problems with gcc 9 in libdns.
* gpgconf: New option --show-socket for use wity --launch.
* gpgtar: Make option -C work for archive creation.
   2019-02-13 17:06:44 by Adam Ciarcinski | Files touched by this commit (2) | Package updated
Log message:
gnupg2: updated to 2.2.13

Noteworthy changes in version 2.2.13:
* gpg: Implement key lookup via keygrip (using the & prefix).
* gpg: Allow generating Ed25519 key from existing key.
* gpg: Emit an ERROR status line if no key was found with -k.
* gpg: Stop early when trying to create a primary Elgamal key.
* gpgsm: Print the card's key algorithms along with their keygrips
  in interactive key generation.
* agent: Clear bogus pinentry cache in the error case.
* scd: Support "acknowledge button" feature.
* scd: Fix for USB INTERRUPT transfer.
* wks: Do no use compression for the the encrypted challenge and
  response
   2019-02-02 04:38:30 by Mark Davies | Files touched by this commit (1)
Log message:
gnupg2: teach about PKG_SYSCONFDIR and VARBASE

Next | Query returned 181 messages, browsing 61 to 70 | Previous