2014-06-24 23:53:14 by Thomas Klausner | Files touched by this commit (2) |
Log message:
Update to 2.0.24, security fix:
Noteworthy changes in version 2.0.24 (2014-06-24)
-------------------------------------------------
* gpg: Avoid DoS due to garbled compressed data packets.
* gpg: Screen keyserver responses to avoid importing unwanted keys
from rogue servers.
* gpg: The validity of user ids is now shown by default. To revert
this add "list-options no-show-uid-validity" to gpg.conf.
* gpg: Print more specific reason codes with the INV_RECP status.
* gpg: Allow loading of a cert only key to an OpenPGP card.
* gpg-agent: Make ssh support for ECDSA keys work with Libgcrypt 1.6.
Noteworthy changes in version 2.0.23 (2014-06-03)
-------------------------------------------------
* gpg: Reject signatures made using the MD5 hash algorithm unless the
new option --allow-weak-digest-algos or --pgp2 are given.
* gpg: Do not create a trustdb file if --trust-model=always is used.
* gpg: Only the major version number is by default included in the
armored output.
* gpg: Print a warning if the Gnome-Keyring-Daemon intercepts the
communication with the gpg-agent.
* gpg: The format of the fallback key listing ("gpg KEYFILE") is now more
aligned to the regular key listing ("gpg -k").
* gpg: The option--show-session-key prints its output now before the
decryption of the bulk message starts.
* gpg: New %U expando for the photo viewer.
* gpgsm: Improved handling of re-issued CA certificates.
* scdaemon: Various fixes for pinpad equipped card readers.
* Minor bug fixes.
|
2014-02-13 00:18:57 by Matthias Scheler | Files touched by this commit (1568) |
Log message:
Recursive PKGREVISION bump for OpenSSL API version bump.
|
2014-01-01 12:52:43 by Thomas Klausner | Files touched by this commit (776) |
Log message:
Recursive PKGREVISION bump for libgcrypt-1.6.0 shlib major bump.
|
2013-10-27 01:30:53 by Thomas Klausner | Files touched by this commit (1) |
Log message:
Remove obsolete --with-static-rnd=auto, as suggested by Andreas Gustafsson
in PR 48345.
|
2013-10-05 15:20:03 by Thomas Klausner | Files touched by this commit (2) |
Log message:
Update to 2.0.22:
Noteworthy changes in version 2.0.22 (2013-10-04)
-------------------------------------------------
* Fixed possible infinite recursion in the compressed packet
parser. [CVE-2013-4402]
* Improved support for some card readers.
* Prepared building with the forthcoming Libgcrypt 1.6.
* Protect against rogue keyservers sending secret keys.
|
2013-09-02 18:52:04 by Thomas Klausner | Files touched by this commit (2) |
Log message:
Update to 2.0.21:
Noteworthy changes in version 2.0.21 (2013-08-19)
-------------------------------------------------
* gpg-agent: By default the users are now asked via the Pinentry
whether they trust an X.509 root key. To prohibit interactive
marking of such keys, the new option --no-allow-mark-trusted may
be used.
* gpg-agent: The command KEYINFO has options to add info from
sshcontrol.
* The included ssh agent does now support ECDSA keys.
* The new option --enable-putty-support allows gpg-agent to act on
Windows as a Pageant replacement with full smartcard support.
* Support installation as portable application under Windows.
|
2013-07-15 04:02:29 by Ryo ONODERA | Files touched by this commit (177) |
Log message:
* .include "../../devel/readline/buildlink3.mk" with USE_GNU_READLINE=yes
are replaced with .include "../../devel/readline/buildlink3.mk", and
USE_GNU_READLINE are removed,
* .include "../../devel/readline/buildlink3.mk" without USE_GNU_READLINE
are replaced with .include "../../mk/readline.buildlink3.mk".
|
2013-05-30 00:53:36 by Thomas Klausner | Files touched by this commit (4) |
Log message:
Update to 2.0.20:
Noteworthy changes in version 2.0.20 (2013-05-10)
-------------------------------------------------
* Decryption using smartcards keys > 3072 bit does now work.
* New meta option ignore-invalid-option to allow using the same
option file by other GnuPG versions.
* gpg: The hash algorithm is now printed for sig records in key listings.
* gpg: Skip invalid keyblock packets during import to avoid a DoS.
* gpg: Correctly handle ports from DNS SRV records.
* keyserver: Improve use of SRV records
* gpg-agent: Avoid tty corruption when killing pinentry.
* scdaemon: Improve detection of card insertion and removal.
* scdaemon: Rename option --disable-keypad to --disable-pinpad.
* scdaemon: Better support for CCID readers. Now, the internal CCID
driver supports readers without the auto configuration feature.
* scdaemon: Add pinpad input for PC/SC, if your reader has pinpad and
it supports variable length PIN input, and you specify
--enable-pinpad-varlen option.
* scdaemon: New option --enable-pinpad-varlen.
* scdaemon: Install into libexecdir to avoid accidental execution
from the command line.
* Support building using w64-mingw32.
* Assorted bug fixes.
|
2013-02-07 00:24:19 by Jonathan Perkin | Files touched by this commit (1351) | |
Log message:
PKGREVISION bumps for the security/openssl 1.0.1d update.
|
2013-02-01 23:21:16 by Thomas Klausner | Files touched by this commit (55) |
Log message:
Reset MAINTAINER/OWNER (became observers)
|