2015-11-16 11:33:20 by Thomas Klausner | Files touched by this commit (2) |
Log message:
Remove annoying left-over debug message.
From upstream via Petar Bogdanovic on pkgsrc-users.
Bump PKGREVISION.
|
2015-11-04 02:18:12 by Alistair G. Crooks | Files touched by this commit (434) |
Log message:
Add SHA512 digests for distfiles for security category
Problems found locating distfiles:
Package f-prot-antivirus6-fs-bin: missing distfile fp-NetBSD.x86.32-fs-6.2.3.tar.gz
Package f-prot-antivirus6-ws-bin: missing distfile fp-NetBSD.x86.32-ws-6.2.3.tar.gz
Package libidea: missing distfile libidea-0.8.2b.tar.gz
Package openssh: missing distfile openssh-7.1p1-hpn-20150822.diff.bz2
Package uvscan: missing distfile vlp4510e.tar.Z
Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden). All existing
SHA1 digests retained for now as an audit trail.
|
2015-02-28 01:13:25 by Thomas Klausner | Files touched by this commit (3) |
Log message:
Update to 1.4.19:
Noteworthy changes in version 1.4.19 (2015-02-27)
-------------------------------------------------
* Use ciphertext blinding for Elgamal decryption [CVE-2014-3591].
See http://www.cs.tau.ac.il/~tromer/radioexp/ for details.
* Fixed data-dependent timing variations in modular exponentiation
[related to CVE-2015-0837, Last-Level Cache Side-Channel Attacks
are Practical].
* Detect faulty use of --verify on detached signatures.
* Changed the PKA method to use CERT records and hashed names.
* New import option "keep-ownertrust".
* Support algorithm names when generating keys using the --command-fd
method.
* Updated many translations.
* Updated build system.
* Fixed a regression in keyserver import
* Fixed argument parsing for option --debug-level.
* Fixed DoS based on bogus and overlong key packets.
* Fixed bugs related to bogus keyrings.
* The usual minor minor bug fixes.
|
2014-10-09 16:07:17 by Thomas Klausner | Files touched by this commit (1163) |
Log message:
Remove pkgviews: don't set PKG_INSTALLATION_TYPES in Makefiles.
|
2014-07-22 13:24:30 by Thomas Klausner | Files touched by this commit (2) |
Log message:
Update to 1.4.18:
Noteworthy changes in version 1.4.18 (2014-06-30)
-------------------------------------------------
* Fix a regression in 1.4.17 if more than one keyid is given
to --recv-keys et al.
* Cap RSA and Elgamal keysize at 4096 bit also for unattended key
generation.
|
2014-06-24 09:35:10 by Thomas Klausner | Files touched by this commit (3) |
Log message:
Update to 1.4.17 due to security fix:
Noteworthy changes in version 1.4.17 (2014-06-23)
-------------------------------------------------
* Avoid DoS due to garbled compressed data packets.
* Screen keyserver reponses to avoid import of unwanted keys by rogue
servers.
* Add hash algorithms to the "sig" records of the colon output.
* More specific reason codes for INV_RECP status.
* Fixes for PC/SC access on Apple.
* Minor bug fixes.
|
2014-02-13 00:18:57 by Matthias Scheler | Files touched by this commit (1568) |
Log message:
Recursive PKGREVISION bump for OpenSSL API version bump.
|
2013-12-18 19:56:24 by Thomas Klausner | Files touched by this commit (2) |
Log message:
Update to 1.4.16:
Noteworthy changes in version 1.4.16 (2013-12-18)
-------------------------------------------------
* Fixed the RSA Key Extraction via Low-Bandwidth Acoustic
Cryptanalysis attack as described by Genkin, Shamir, and Tromer.
See <http://www.cs.tau.ac.il/~tromer/acoustic/>. [CVE-2013-4576]
* Put only the major version number by default into armored output.
* Do not create a trustdb file if --trust-model=always is used.
* Print the keyid for key packets with --list-packets.
* Changed modular exponentiation algorithm to recover from a small
performance loss due to a change in 1.4.14.
|
2013-10-27 01:30:29 by Thomas Klausner | Files touched by this commit (1) |
Log message:
Remove obsolete --with-static-rnd=auto as suggested by Andreas Gustafsson
in PR 48345.
|
2013-10-05 15:19:51 by Thomas Klausner | Files touched by this commit (2) |
Log message:
Update to 1.4.15:
Noteworthy changes in version 1.4.15 (2013-10-04)
-------------------------------------------------
* Fixed possible infinite recursion in the compressed packet
parser. [CVE-2013-4402]
* Protect against rogue keyservers sending secret keys.
* Use 2048 bit also as default for batch key generation.
* Minor bug fixes.
|