2015-12-04 16:26:14 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri Dec 4 13:35:40 UTC 2015 - astieger@suse.com
|
|
|
|
|
|
|
|
- GnuPG 2.1.10 adds TOFU (Trust-On-First-USe) and anonymous key
|
|
|
|
retrival via Tor.
|
|
|
|
* gpg: New trust models "tofu" and "tofu+pgp".
|
|
|
|
* gpg: New command --tofu-policy. New options --tofu-default-policy
|
|
|
|
and --tofu-db-format.
|
|
|
|
* gpg: New option --weak-digest to specify hash algorithms which
|
|
|
|
should be considered weak.
|
|
|
|
* gpg: Allow the use of multiple --default-key options; take the last
|
|
|
|
available key.
|
|
|
|
* gpg: New option --encrypt-to-default-key.
|
|
|
|
* gpg: New option --unwrap to only strip the encryption layer.
|
|
|
|
* gpg: New option --only-sign-text-ids to exclude photo IDs from key
|
|
|
|
signing.
|
|
|
|
* gpg: Check for ambigious or non-matching key specification in the
|
|
|
|
config file or given to --encrypt-to.
|
|
|
|
* gpg: Show the used card reader with --card-status.
|
|
|
|
* gpg: Print export statistics and an EXPORTED status line.
|
|
|
|
* gpg: Allow selecting subkeys by keyid in --edit-key.
|
|
|
|
* gpg: Allow updating the expiration time of multiple subkeys at
|
|
|
|
once.
|
|
|
|
* dirmngr: New option --use-tor. For full support this requires
|
|
|
|
libassuan version 2.4.2 and a patched version of libadns
|
|
|
|
(e.g. adns-1.4-g10-7 as used by the standard Windows installer).
|
|
|
|
* dirmngr: New option --nameserver to specify the nameserver used in
|
|
|
|
Tor mode.
|
|
|
|
* dirmngr: Keyservers may again be specified by IP address.
|
|
|
|
* dirmngr: Fixed problems in resolving keyserver pools.
|
|
|
|
* dirmngr: Fixed handling of premature termination of TLS streams so
|
|
|
|
that large numbers of keys can be refreshed via hkps.
|
|
|
|
* gpg: Fixed a regression in --locate-key [since 2.1.9].
|
|
|
|
* gpg: Fixed another bug for keyrings with legacy keys.
|
|
|
|
* gpgsm: Allow combinations of usage flags in --gen-key.
|
|
|
|
* Make tilde expansion work with most options.
|
|
|
|
* Many other cleanups and bug fixes.
|
|
|
|
|
2015-11-25 11:09:52 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Nov 24 10:27:58 UTC 2015 - vcizek@suse.com
|
|
|
|
|
|
|
|
- enable tests for PPC64 again,
|
|
|
|
the problem from bsc#935887 went away
|
|
|
|
|
2015-12-04 16:26:14 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri Nov 20 16:03:03 UTC 2015 - astieger@suse.com
|
|
|
|
|
|
|
|
- Improve upgrade to gpg2 from security:privacy w.r.t. libassuan
|
|
|
|
run-time dependencies (boo#955982)
|
|
|
|
|
2015-10-10 13:48:45 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Sat Oct 10 11:39:55 UTC 2015 - astieger@suse.com
|
|
|
|
|
|
|
|
- GnuPG 2.1.9:
|
|
|
|
* gpg: Allow fetching keys via OpenPGP DANE (--auto-key-locate).\
|
|
|
|
New option --print-dane-records.
|
|
|
|
* gpg: Fix for a problem with PGP-2 keys in a keyring.
|
|
|
|
* gpg: Fail with an error instead of a warning if a modern cipher
|
|
|
|
algorithm is used without a MDC.
|
|
|
|
* agent: New option --pinentry-invisible-char.
|
|
|
|
* agent: Always do a RSA signature verification after creation.
|
|
|
|
* agent: Fix a regression in ssh-add-ing Ed25519 keys.
|
|
|
|
* agent: Fix ssh fingerprint computation for nistp384 and EdDSA.
|
|
|
|
* agent: Fix crash during passprase entry on some platforms.
|
|
|
|
* scd: Change timeout to fix problems with some 2.1 cards.
|
|
|
|
* dirmngr: Displayed name is now Key Acquirer.
|
|
|
|
* dirmngr: Add option --keyserver. Deprecate that option for gpg.
|
|
|
|
Install a dirmngr.conf file from a skeleton for new installations.
|
|
|
|
- update gnupg-add_legacy_FIPS_mode_option.patch for context change
|
|
|
|
|
2015-09-11 09:41:47 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri Sep 11 06:02:23 UTC 2015 - astieger@suse.com
|
|
|
|
|
|
|
|
- GnuPG 2.1.8:
|
|
|
|
* gpg: Sending very large keys to the keyservers works again.
|
|
|
|
* gpg: Validity strings in key listings are now again translatable.
|
|
|
|
* gpg: Emit FAILURE status lines to help GPGME.
|
|
|
|
* gpg: Does not anymore link to Libksba to reduce dependencies.
|
|
|
|
* gpgsm: Export of secret keys via Assuan is now possible.
|
|
|
|
* agent: Raise the maximum passphrase length from 100 to 255 bytes.
|
|
|
|
* agent: Fix regression using EdDSA keys with ssh.
|
|
|
|
* Does not anymore use a build timestamp by default.
|
|
|
|
* The fallback encoding for broken locale settings changed
|
|
|
|
from Latin-1 to UTF-8.
|
|
|
|
* Many code cleanups and improved internal documentation.
|
|
|
|
* Various minor bug fixes.
|
|
|
|
|
2015-08-12 21:49:22 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Aug 12 10:58:48 UTC 2015 - astieger@suse.com
|
|
|
|
|
|
|
|
- GnuPG 2.1.7:
|
|
|
|
* gpg: Support encryption with Curve25519 if Libgcrypt 1.7 is used.
|
|
|
|
* gpg: In the --edit-key menu: Removed the need for "toggle", changed
|
|
|
|
how secret keys are indicated, new commands "fpr *" and "grip".
|
|
|
|
* gpg: More fixes related to legacy keys in a keyring.
|
|
|
|
* gpgv: Does now also work with a "trustedkeys.kbx" file.
|
|
|
|
* scd: Support some feature from the OpenPGP card 3.0 specs.
|
|
|
|
* scd: Improved ECC support
|
|
|
|
* agent: New option --force for the DELETE_KEY command.
|
|
|
|
* Dropped deprecated gpgsm-gencert.sh
|
|
|
|
* Various other bug fixes.
|
|
|
|
|
2015-07-02 16:27:52 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Jul 2 14:26:21 UTC 2015 - astieger@suse.com
|
|
|
|
|
|
|
|
- do not run checks on ppc64 for now
|
|
|
|
|
2015-07-01 16:21:08 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Jul 1 14:15:28 UTC 2015 - astieger@suse.com
|
|
|
|
|
|
|
|
- GnuPG 2.1.6:
|
|
|
|
* agent: New option --verify for the PASSWD command.
|
|
|
|
* gpgsm: Add command option "offline" as an alternative to
|
|
|
|
--disable-dirmngr.
|
|
|
|
* gpg: Do not prompt multiple times for a password in pinentry
|
|
|
|
loopback mode.
|
|
|
|
* Allow the use of debug category names with --debug.
|
|
|
|
* Using gpg-agent and gpg/gpgsm with different locales will now show
|
|
|
|
the correct translations in Pinentry.
|
|
|
|
* gpg: Improve speed of --list-sigs and --check-sigs.
|
|
|
|
* gpg: Make --list-options show-sig-subpackets work again.
|
|
|
|
* gpg: Fix an export problem for old keyrings with PGP-2 keys.
|
|
|
|
* scd: Support PIN-pads on more readers.
|
|
|
|
* dirmngr: Properly cleanup zombie LDAP helper processes and avoid
|
|
|
|
hangs on dirmngr shutdown.
|
|
|
|
* Various other bug fixes.
|
|
|
|
- remove documentation make workaround, fixed upstream
|
|
|
|
|
2015-06-28 17:25:17 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Sun Jun 28 13:14:03 UTC 2015 - schwab@linux-m68k.org
|
|
|
|
|
|
|
|
- Enable workaround for missing dependencies everywhere
|
|
|
|
|
2015-06-16 09:33:46 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Jun 15 13:20:33 UTC 2015 - astieger@suse.com
|
|
|
|
|
|
|
|
- fix build with openSUSE 13.2 and earlier, call make to
|
|
|
|
compensate for incorrect documentation dependencies.
|
|
|
|
|
2015-06-11 16:52:46 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Jun 11 14:32:09 UTC 2015 - astieger@suse.com
|
|
|
|
|
|
|
|
- GnuPG 2.1.5:
|
|
|
|
* Support for an external passphrase cache.
|
|
|
|
* Support for the forthcoming version 3 OpenPGP smartcard.
|
|
|
|
* Manuals now show the actual used file names.
|
|
|
|
* Prepared for improved integration with Emacs.
|
|
|
|
* Code cleanups and minor bug fixes.
|
|
|
|
|
2015-05-17 13:50:57 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Sun May 17 08:24:15 UTC 2015 - meissner@suse.com
|
|
|
|
|
|
|
|
- info deinstall needs to be in %preun
|
|
|
|
|
2015-05-12 20:59:59 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue May 12 18:04:36 UTC 2015 - astieger@suse.com
|
|
|
|
|
|
|
|
- update to 2.1.4:
|
|
|
|
* gpg: Add command --quick-adduid to non-interacitivly add a new
|
|
|
|
user id to an existing key.
|
|
|
|
* gpg: Do no enable honor-keyserver-url by default. Make it work
|
|
|
|
if enabled.
|
|
|
|
* gpg: Display the serial number in the --card-staus output again.
|
|
|
|
* agent: Support for external password managers.
|
|
|
|
Add option --no-allow-external-cache.
|
|
|
|
* scdaemon: Improved handling of extended APDUs.
|
|
|
|
* Make HTTP proxies work again.
|
|
|
|
* All network access including DNS as been moved to Dirmngr.
|
|
|
|
* Allow building without LDAP support.
|
|
|
|
* Fixed lots of smaller bugs.
|
|
|
|
|
2015-04-11 21:08:10 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Sat Apr 11 18:59:42 UTC 2015 - astieger@suse.com
|
|
|
|
|
|
|
|
- update to 2.1.3:
|
|
|
|
* gpg: LDAP keyservers are now supported by 2.1.
|
|
|
|
* gpg: New option --with-icao-spelling.
|
|
|
|
* gpg: New option --print-pka-records. Changed the PKA method to
|
|
|
|
use CERT records and hashed names.
|
|
|
|
* gpg: New command --list-gcrypt-config. New parameter "curve"
|
|
|
|
for --list-config.
|
|
|
|
* gpg: Print a NEWSIG status line like gpgsm always did.
|
|
|
|
* gpg: Print MPI values with --list-packets and --verbose.
|
|
|
|
* gpg: Write correct MPI lengths with ECC keys.
|
|
|
|
* gpg: Skip legacy PGP-2 keys while searching.
|
|
|
|
(drop 0001-gpg-Skip-legacy-keys-while-searching-keyrings.patch
|
|
|
|
now upstream)
|
|
|
|
* gpg: Improved searching for mail addresses when using a keybox.
|
|
|
|
* gpgsm: Changed default algos to AES-128 and SHA-256.
|
|
|
|
* gpgtar: Fixed extracting files with sizes of a multiple of 512.
|
|
|
|
* dirmngr: Fixed SNI handling for hkps pools.
|
|
|
|
(drop hkps-fix-host-name-verification-when-using-pools.patch
|
|
|
|
now upstream)
|
|
|
|
* dirmngr: extra-certs and trusted-certs are now always loaded
|
|
|
|
from the sysconfig dir instead of the homedir.
|
|
|
|
* Fixed possible problems due to compiler optimization, two minor
|
|
|
|
regressions, and other bugs.
|
|
|
|
- refreshed for context changes:
|
|
|
|
* gnupg-2.0.18-files-are-digests.patch
|
|
|
|
* gnupg-add_legacy_FIPS_mode_option.patch
|
|
|
|
|
2015-03-23 14:47:16 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Mar 23 11:48:24 UTC 2015 - idonmez@suse.com
|
|
|
|
|
|
|
|
- Add hkps-fix-host-name-verification-when-using-pools.patch to
|
|
|
|
fix hkps support w/ pools. Upstream commit dc10d46.
|
|
|
|
|
2015-03-19 17:30:03 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Mar 19 15:56:12 UTC 2015 - astieger@suse.com
|
|
|
|
|
|
|
|
- Ensure secure memory can be used with default 64k memlock limit
|
|
|
|
Fixes [boo#915931], removes gnupg-large_keys.patch
|
|
|
|
- Removed gnupg-remove_development_version_warning.patch, obsolete
|
|
|
|
- Removed gnupg-2.0.4-install_tools.diff, replaced by spec install
|
|
|
|
- Removed autoconf requirement and autoreconf calls thus obsoleted
|
|
|
|
|
2015-02-25 11:39:14 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Feb 24 08:10:22 UTC 2015 - astieger@suse.com
|
|
|
|
|
|
|
|
- Fix invalid packet read error when reading keyrings [boo#914625]
|
|
|
|
add 0001-gpg-Skip-legacy-keys-while-searching-keyrings.patch
|
|
|
|
|
2015-02-12 09:37:54 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Feb 11 21:48:13 UTC 2015 - astieger@suse.com
|
|
|
|
|
|
|
|
- update to 2.1.2:
|
|
|
|
* gpg: The parameter 'Passphrase' for batch key generation works
|
|
|
|
again.
|
|
|
|
* gpg: Using a passphrase option in batch mode now has the
|
|
|
|
expected effect on --quick-gen-key.
|
|
|
|
* gpg: Improved reporting of unsupported PGP-2 keys.
|
|
|
|
* gpg: Added support for algo names when generating keys using
|
|
|
|
--command-fd.
|
|
|
|
* gpg: Fixed DoS based on bogus and overlong key packets.
|
|
|
|
* agent: When setting --default-cache-ttl the value
|
|
|
|
for --max-cache-ttl is adjusted to be not lower than the former.
|
|
|
|
* agent: Fixed problems with the new --extra-socket.
|
|
|
|
* agent: Made --allow-loopback-pinentry changeable with gpgconf.
|
|
|
|
* agent: Fixed importing of unprotected openpgp keys.
|
|
|
|
* agent: Now tries to use a fallback pinentry if the standard
|
|
|
|
pinentry is not installed.
|
|
|
|
* scd: Added support for ECDH.
|
|
|
|
* Fixed several bugs related to bogus keyrings and improved some
|
|
|
|
other code.
|
|
|
|
- in gnupg-2.0.18-files-are-digests.patch, change buffer_to_u32 to
|
|
|
|
buf32_to_u32 from host2net.h to match upstream changes
|
|
|
|
- now requires automake 1.14
|
|
|
|
|
2014-12-29 07:05:14 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri Dec 26 21:15:55 UTC 2014 - andreas.stieger@gmx.de
|
|
|
|
|
|
|
|
- update to 2.1.1:
|
|
|
|
* gpg: Detect faulty use of --verify on detached signatures.
|
|
|
|
* gpg: New import option "keep-ownertrust".
|
|
|
|
* gpg: New sub-command "factory-reset" for --card-edit.
|
|
|
|
* gpg: A stub key for smartcards is now created by --card-status.
|
|
|
|
* gpg: Fixed regression in --refresh-keys.
|
|
|
|
* gpg: Fixed regresion in %g and %p codes for --sig-notation.
|
|
|
|
* gpg: Fixed best matching hash algo detection for ECDSA and EdDSA.
|
|
|
|
* gpg: Improved perceived speed of secret key listisngs.
|
|
|
|
* gpg: Print number of skipped PGP-2 keys on import.
|
|
|
|
* gpg: Removed the option aliases --throw-keyid and --notation-data;
|
|
|
|
use --throw-keyids and --set-notation instead.
|
|
|
|
* gpg: New import option "keep-ownertrust".
|
|
|
|
* gpg: Skip too large keys during import.
|
|
|
|
* gpg,gpgsm: New option --no-autostart to avoid starting gpg-agent or
|
|
|
|
dirmngr.
|
|
|
|
* gpg-agent: New option --extra-socket to provide a restricted
|
|
|
|
command set for use with remote clients.
|
|
|
|
* gpgconf --kill does not anymore start a service only to kill it.
|
|
|
|
* gpg-pconnect-agent: Add convenience option --uiserver.
|
|
|
|
* More translations (but most of them are not complete).
|
|
|
|
* To support remotely mounted home directories, the IPC sockets may
|
|
|
|
now be redirected. This feature requires Libassuan 2.2.0.
|
|
|
|
* Improved portability and the usual bunch of bug fixes.
|
|
|
|
- removed patch not part of upstream release:
|
|
|
|
gnupg-2.1.0-boo-907198-openpgp_oid_to_str-buffer-overflow.patch
|
|
|
|
- refresh for context changes:
|
|
|
|
gnupg-2.0.18-files-are-digests.patch
|
|
|
|
gnupg-2.0.4-install_tools.diff
|
|
|
|
- refresh for upstream code changes:
|
|
|
|
gnupg-add_legacy_FIPS_mode_option.patch
|
|
|
|
gnupg-detect_FIPS_mode.patch (MD5 removed)
|
|
|
|
|
2014-12-03 23:40:59 +01:00
|
|
|
-------------------------------------------------------------------
|
2014-12-25 19:12:17 +01:00
|
|
|
Thu Dec 25 18:09:11 UTC 2014 - dev@stellardeath.org
|
2014-12-25 18:08:58 +01:00
|
|
|
|
|
|
|
- Support for large RSA keys
|
|
|
|
This involves compiling with --enable-large-rsa and
|
|
|
|
--enable-large-secmem, as well as patching the number
|
|
|
|
of secmem bytes and IPC bytes to slightly larger values.
|
|
|
|
See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=739424
|
2014-12-25 19:12:17 +01:00
|
|
|
* added gnupg-large_keys.patch
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Dec 3 22:37:59 UTC 2014 - andreas.stieger@gmx.de
|
|
|
|
|
|
|
|
- update build requirement versions that changed with 2.1.0
|
2014-12-25 18:08:58 +01:00
|
|
|
|
2014-11-26 20:36:09 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Nov 26 19:21:15 UTC 2014 - andreas.stieger@gmx.de
|
|
|
|
|
|
|
|
- fix buffer overflow in OID to string conversion function
|
|
|
|
[boo#907198], adding
|
|
|
|
gnupg-2.1.0-boo-907198-openpgp_oid_to_str-buffer-overflow.patch
|
|
|
|
|
2014-11-13 22:15:23 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Nov 11 16:10:04 UTC 2014 - vcizek@suse.com
|
|
|
|
|
|
|
|
- obsolete dirmngr (shipped with gpg since 2.1.0)
|
|
|
|
- spec cleanup after previous update
|
|
|
|
- get rid of "THIS IS A DEVELOPMENT VERSION" warning
|
|
|
|
http://lists.gnupg.org/pipermail/gnupg-devel/2014-November/029065.html
|
|
|
|
* added gnupg-remove_development_version_warning.patch
|
|
|
|
|
2014-11-11 11:52:31 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Nov 6 17:32:39 UTC 2014 - vcizek@suse.com
|
|
|
|
|
|
|
|
- upgrade to 2.1.0 (modern)
|
|
|
|
- The file "secring.gpg" is not anymore used to store the secret
|
|
|
|
keys. Merging of secret keys is now supported.
|
|
|
|
- All support for PGP-2 keys has been removed for security reasons.
|
|
|
|
- The standard key generation interface is now much leaner. This
|
|
|
|
will help a new user to quickly generate a suitable key.
|
|
|
|
- Support for Elliptic Curve Cryptography (ECC) is now available.
|
|
|
|
- Commands to create and sign keys from the command line without any
|
|
|
|
extra prompts are now available.
|
|
|
|
- The Pinentry may now show the new passphrase entry and the
|
|
|
|
passphrase confirmation entry in one dialog.
|
|
|
|
- There is no more need to manually start the gpg-agent. It is now
|
|
|
|
started by any part of GnuPG as needed.
|
|
|
|
- Problems with importing keys with the same long key id have been
|
|
|
|
addressed.
|
|
|
|
- The Dirmngr is now part of GnuPG proper and also takes care of
|
|
|
|
accessing keyserver.
|
|
|
|
- Keyserver pools are now handled in a smarter way.
|
|
|
|
- A new format for locally storing the public keys is now used.
|
|
|
|
This considerable speeds up operations on large keyrings.
|
|
|
|
- Revocation certificates are now created by default.
|
|
|
|
- Card support has been updated, new readers and token types are
|
|
|
|
supported.
|
|
|
|
- The format of the key listing has been changed to better identify
|
|
|
|
the properties of a key.
|
|
|
|
- The gpg-agent may now be used on Windows as a Pageant replacement
|
|
|
|
for Putty in the same way it is used for years on Unix as
|
|
|
|
ssh-agent replacement.
|
|
|
|
- Creation of X.509 certificates has been improved. It is now also
|
|
|
|
possible to export them directly in PKCS#8 and PEM format for use
|
|
|
|
on TLS servers.
|
|
|
|
- dropped patches:
|
|
|
|
* gnupg-2.0.20-automake113.diff
|
|
|
|
* gnupg-2.0.18-tmpdir.diff (socket is created in homedir now)
|
|
|
|
- refresh most of the remaining patches
|
|
|
|
- added new BuildRequires: gnutls-devel, pkg-config, npth-devel
|
|
|
|
|
2014-08-12 22:32:53 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Aug 12 20:19:45 UTC 2014 - andreas.stieger@gmx.de
|
|
|
|
|
|
|
|
- update to 2.0.26:
|
|
|
|
* gpg: Fix a regression in 2.0.24 if a subkey id is given
|
|
|
|
to --recv-keys et al.
|
|
|
|
* gpg: Cap attribute packets at 16MB.
|
|
|
|
* gpgsm: Auto-create the ".gnupg" home directory in the same
|
|
|
|
way gpg does.
|
|
|
|
* scdaemon: Allow for certificates > 1024 when using PC/SC.
|
|
|
|
- remove URL from package keyring, upstream file metadata changes
|
|
|
|
|
2014-07-01 23:33:00 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Jul 1 21:05:55 UTC 2014 - andreas.stieger@gmx.de
|
|
|
|
|
|
|
|
- gnupg-add_legacy_FIPS_mode_option.patch (part of [bnc#856312])
|
|
|
|
mentions GCRYCTL_INACTIVATE_FIPS_FLAG, raising the requirement
|
|
|
|
for gcrypt from 1.4.0 (from configure) to 1.6.1 where said flag
|
|
|
|
was introduced. Require this version to build.
|
|
|
|
|
2014-06-30 21:09:15 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Jun 30 18:52:36 UTC 2014 - andreas.stieger@gmx.de
|
|
|
|
|
|
|
|
- update to 2.0.25:
|
|
|
|
* gpg: Fix a regression in 2.0.24 if more than one keyid is given
|
|
|
|
to --recv-keys et al.
|
|
|
|
* gpg: Cap RSA and Elgamal keysize at 4096 bit also for unattended
|
|
|
|
key generation.
|
|
|
|
* gpgsm: Fix a DISPLAY related problem with
|
|
|
|
--export-secret-key-p12.
|
|
|
|
* scdaemon: Support reader Gemalto IDBridge CT30.
|
|
|
|
|
2014-06-25 07:12:17 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Jun 24 22:25:12 UTC 2014 - andreas.stieger@gmx.de
|
|
|
|
|
|
|
|
- update to 2.0.24
|
|
|
|
Contains a security fix to stop a possible DoS using garbled
|
|
|
|
compressed data packets which can be used to put gpg into an
|
|
|
|
infinite loop. [bnc#884130] [CVE-2014-4617]
|
|
|
|
* gpg: Avoid DoS due to garbled compressed data packets.
|
|
|
|
- further:
|
|
|
|
* gpg: Screen keyserver responses to avoid importing unwanted
|
|
|
|
keys from rogue servers.
|
|
|
|
* gpg: The validity of user ids is now shown by default. To
|
|
|
|
revert this add "list-options no-show-uid-validity" to gpg.conf
|
|
|
|
* gpg: Print more specific reason codes with the INV_RECP status.
|
|
|
|
* gpg: Allow loading of a cert only key to an OpenPGP card.
|
|
|
|
* gpg-agent: Make ssh support for ECDSA keys work with Libgcrypt
|
|
|
|
1.6.
|
|
|
|
|
2014-06-04 09:49:19 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Jun 3 21:55:34 UTC 2014 - andreas.stieger@gmx.de
|
|
|
|
|
|
|
|
- update to 2.0.23:
|
|
|
|
* gpg: Reject signatures made using the MD5 hash algorithm unless the
|
|
|
|
new option --allow-weak-digest-algos or --pgp2 are given.
|
|
|
|
* gpg: Do not create a trustdb file if --trust-model=always is used.
|
|
|
|
* gpg: Only the major version number is by default included in the
|
|
|
|
armored output.
|
|
|
|
* gpg: Print a warning if the Gnome-Keyring-Daemon intercepts the
|
|
|
|
communication with the gpg-agent.
|
|
|
|
* gpg: The format of the fallback key listing ("gpg KEYFILE") is now more
|
|
|
|
aligned to the regular key listing ("gpg -k").
|
|
|
|
* gpg: The option--show-session-key prints its output now before the
|
|
|
|
decryption of the bulk message starts.
|
|
|
|
* gpg: New %U expando for the photo viewer.
|
|
|
|
* gpgsm: Improved handling of re-issued CA certificates.
|
|
|
|
* scdaemon: Various fixes for pinpad equipped card readers.
|
|
|
|
* Minor bug fixes.
|
|
|
|
- Packaging changes:
|
|
|
|
* add gpgtar utility
|
|
|
|
* update and use use source URL for tarball signing key
|
|
|
|
* removed gnupg-2.0.9-RSA_ES.patch, applied upstream
|
|
|
|
* updated for context changes:
|
|
|
|
gnupg-add_legacy_FIPS_mode_option.patch
|
|
|
|
gnupg-2.0.18-files-are-digests.patch
|
|
|
|
gnupg-dont-fail-with-seahorse-agent.patch
|
|
|
|
|
2014-05-01 12:48:32 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Apr 29 12:06:03 UTC 2014 - vcizek@suse.com
|
|
|
|
|
|
|
|
- add patch by Stephan Mueller which adds an option to enable
|
|
|
|
legacy ciphers in FIPS mode
|
|
|
|
* added gnupg-add_legacy_FIPS_mode_option.patch
|
|
|
|
(part of bnc#856312)
|
|
|
|
- added BuildRequires: makeinfo (to build info pages from the
|
|
|
|
patched gnupg.texi)
|
|
|
|
|
2014-02-15 11:10:41 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri Feb 14 16:14:14 UTC 2014 - vcizek@suse.com
|
|
|
|
|
|
|
|
- install scdaemon to /usr/bin (bnc#863645)
|
|
|
|
|
2013-10-05 17:00:23 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Sat Oct 5 11:44:42 UTC 2013 - andreas.stieger@gmx.de
|
|
|
|
|
|
|
|
- update to 2.0.22 [bnc#844175]
|
|
|
|
* Fixed possible infinite recursion in the compressed packet
|
|
|
|
parser. [CVE-2013-4402]
|
|
|
|
* Improved support for some card readers.
|
|
|
|
* Prepared building with the forthcoming Libgcrypt 1.6.
|
|
|
|
* Protect against rogue keyservers sending secret keys.
|
|
|
|
- remove gpg2-CVE-2013-4351.patch, committed upstream
|
|
|
|
|
2013-09-16 19:37:29 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Sep 16 11:08:55 UTC 2013 - vcizek@suse.com
|
|
|
|
|
|
|
|
- fix CVE-2013-4351 (bnc#840510)
|
|
|
|
|
2013-08-20 14:21:25 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Aug 19 17:59:48 UTC 2013 - andreas.stieger@gmx.de
|
|
|
|
|
|
|
|
- update to 2.0.21
|
|
|
|
* gpg-agent: By default the users are now asked via the Pinentry
|
|
|
|
whether they trust an X.509 root key. To prohibit interactive
|
|
|
|
marking of such keys, the new option --no-allow-mark-trusted may
|
|
|
|
be used.
|
|
|
|
* gpg-agent: The command KEYINFO has options to add info from
|
|
|
|
sshcontrol.
|
|
|
|
* The included ssh agent does now support ECDSA keys.
|
|
|
|
- now requires libgpg-error 1.11
|
|
|
|
- update gnupg-2.0.9-langinfo.patch for upstream whitespace changes
|
|
|
|
- drop gnupg-broken-curl-test.patch, no longer required
|
|
|
|
|
2013-06-17 14:50:36 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Jun 17 12:48:24 UTC 2013 - coolo@suse.com
|
|
|
|
|
|
|
|
- revert usage of gpg-offline to avoid cycles
|
|
|
|
|
2013-06-17 14:41:39 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Jun 17 12:40:10 UTC 2013 - coolo@suse.com
|
|
|
|
|
|
|
|
- add gnupg-2.0.20-automake113.diff to fix build with automake 1.13
|
|
|
|
|
2013-05-16 12:06:39 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue May 14 14:00:45 UTC 2013 - vcizek@suse.com
|
|
|
|
|
|
|
|
- set safe umask before creating a plaintext file (bnc#780943)
|
|
|
|
added gpg2-set_umask_before_open_outfile.patch
|
|
|
|
- select proper ciphers when running in FIPS mode (bnc#808958)
|
|
|
|
added gnupg-detect_FIPS_mode.patch
|
|
|
|
|
2013-03-27 16:24:40 +01:00
|
|
|
-------------------------------------------------------------------
|
2013-05-12 18:46:27 +02:00
|
|
|
Fri May 10 19:33:24 UTC 2013 - andreas.stieger@gmx.de
|
|
|
|
|
|
|
|
- update to 2.0.20
|
|
|
|
* Decryption using smartcards keys > 3072 bit does now work.
|
|
|
|
* New meta option ignore-invalid-option to allow using the same
|
|
|
|
option file by other GnuPG versions.
|
|
|
|
* gpg: The hash algorithm is now printed for sig records in key listings.
|
|
|
|
* gpg: Skip invalid keyblock packets during import to avoid a DoS.
|
|
|
|
* gpg: Correctly handle ports from DNS SRV records.
|
|
|
|
* keyserver: Improve use of SRV records
|
|
|
|
* gpg-agent: Avoid tty corruption when killing pinentry.
|
|
|
|
* scdaemon: Improve detection of card insertion and removal.
|
|
|
|
* scdaemon: Rename option --disable-keypad to --disable-pinpad.
|
|
|
|
* scdaemon: Better support for CCID readers. Now, the internal CCID
|
|
|
|
driver supports readers without the auto configuration feature.
|
|
|
|
* scdaemon: Add pinpad input for PC/SC, if your reader has pinpad and
|
|
|
|
it supports variable length PIN input, and you specify
|
|
|
|
--enable-pinpad-varlen option.
|
|
|
|
* scdaemon: New option --enable-pinpad-varlen.
|
|
|
|
* scdaemon: Install into libexecdir to avoid accidental execution
|
|
|
|
from the command line.
|
|
|
|
* Assorted bug fixes.
|
|
|
|
- refresh gnupg-2.0.9-RSA_ES.patch
|
|
|
|
- verify gpg signature of source tarball
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
2013-03-27 16:24:40 +01:00
|
|
|
Wed Mar 27 12:16:19 UTC 2013 - mmeister@suse.com
|
|
|
|
|
|
|
|
- Added url as source.
|
|
|
|
Please see http://en.opensuse.org/SourceUrls
|
|
|
|
|
2013-01-16 09:24:58 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri Jan 11 20:26:50 UTC 2013 - lazy.kent@opensuse.org
|
|
|
|
|
|
|
|
- BuildRequires: libbz2-devel (support BZIP2 compression
|
|
|
|
algorithm) (bnc#798175).
|
|
|
|
|
2012-04-18 13:28:18 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Apr 18 10:55:34 UTC 2012 - vcizek@suse.com
|
|
|
|
|
|
|
|
- Mention some of the changes in Greg's version update
|
|
|
|
|
2012-03-27 22:59:37 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Mar 27 20:38:27 UTC 2012 - gregkh@opensuse.org
|
|
|
|
|
|
|
|
- update to upstream 2.0.19
|
2012-04-18 13:28:18 +02:00
|
|
|
* GPG now accepts a space separated fingerprint as a user ID. This
|
|
|
|
allows to copy and paste the fingerprint from the key listing.
|
|
|
|
* GPG now uses the longest key ID available. Removed support for the
|
|
|
|
original HKP keyserver which is not anymore used by any site.
|
|
|
|
* Rebuild the trustdb after changing the option --min-cert-level.
|
|
|
|
* Ukrainian translation.
|
|
|
|
* Honor option --cert-digest-algo when creating a cert.
|
|
|
|
* Emit a DECRYPTION_INFO status line.
|
|
|
|
* Improved detection of JPEG files.
|
2012-03-27 22:59:37 +02:00
|
|
|
|
2011-12-06 12:07:42 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Dec 6 10:58:36 UTC 2011 - vcizek@suse.com
|
|
|
|
|
|
|
|
- fixed licence to GPL-3.0+ (bnc#734878)
|
|
|
|
|
2011-11-30 14:14:30 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Nov 30 09:55:47 UTC 2011 - coolo@suse.com
|
|
|
|
|
|
|
|
- add automake as buildrequire to avoid implicit dependency
|
|
|
|
|
2011-10-01 21:41:38 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Sat Oct 1 15:53:04 UTC 2011 - crrodriguez@opensuse.org
|
|
|
|
|
|
|
|
- Test suite hangs in qemu-arm, workaround.
|
|
|
|
|
2011-08-31 12:03:36 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Aug 31 10:00:35 UTC 2011 - puzel@suse.com
|
|
|
|
|
|
|
|
- link with -pie
|
|
|
|
|
2011-08-08 00:04:43 +02:00
|
|
|
-------------------------------------------------------------------
|
2011-08-19 07:00:05 +02:00
|
|
|
Fri Aug 19 01:11:42 UTC 2011 - crrodriguez@opensuse.org
|
|
|
|
|
|
|
|
- libcurl.m4 tests were broken, resulting in the usage
|
|
|
|
of a "fake" internal libcurl.
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
2011-08-08 00:04:43 +02:00
|
|
|
Sat Aug 6 20:19:09 UTC 2011 - andreas.stieger@gmx.de
|
|
|
|
|
|
|
|
- update to upstream 2.0.18
|
|
|
|
* Bug fix for newer versions of Libgcrypt.
|
|
|
|
* Support the SSH confirm flag and show SSH fingerprints in ssh
|
|
|
|
related pinentries.
|
|
|
|
* Improved dirmngr/gpgsm interaction for OCSP.
|
|
|
|
* Allow generation of card keys up to 4096 bit.
|
|
|
|
- refresh patch gnupg-2.0.10-tmpdir.diff -> gnupg-2.0.18-tmpdir.diff
|
|
|
|
- refresh patch gnupg-files-are-digests.patch -> gnupg-2.0.18-files-are-digests.patch
|
|
|
|
|
2011-03-15 10:49:14 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Mar 15 09:29:42 UTC 2011 - puzel@novell.com
|
|
|
|
|
|
|
|
- update to gnupg-2.0.17
|
|
|
|
* Allow more hash algorithms with the OpenPGP v2 card.
|
|
|
|
* The gpg-agent now tests for a new gpg-agent.conf on a HUP.
|
|
|
|
* Fixed output of "gpgconf --check-options".
|
|
|
|
* Fixed a bug where Scdaemon sends a signal to Gpg-agent running
|
|
|
|
in non-daemon mode.
|
|
|
|
* Fixed TTY management for pinentries and session variable update
|
|
|
|
problem.
|
|
|
|
- drop gnupg-CVE-2010-2547.patch (in upstream)
|
|
|
|
|
2011-01-07 15:00:57 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri Jan 7 13:24:17 CET 2011 - sbrabec@suse.cz
|
|
|
|
|
|
|
|
- Removed obsolete BuildRequires of opensc-devel.
|
|
|
|
|
2010-11-01 09:34:36 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Sun Oct 31 12:37:02 UTC 2010 - jengelh@medozas.de
|
|
|
|
|
|
|
|
- Use %_smp_mflags
|
|
|
|
|
2010-07-30 14:51:31 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Jul 28 09:39:00 UTC 2010 - puzel@novell.com
|
|
|
|
|
|
|
|
- gnupg-CVE-2010-2547.patch (bnc#625947)
|
|
|
|
- renumber patches
|
|
|
|
|
2010-07-20 08:41:39 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Jul 19 21:49:40 UTC 2010 - puzel@novell.com
|
|
|
|
|
|
|
|
- update to gnupg-2.0.16
|
|
|
|
* If the agent's --use-standard-socket option is active, all tools
|
|
|
|
try to start and daemonize the agent on the fly. In the past this
|
|
|
|
was only supported on W32; on non-W32 systems the new configure
|
|
|
|
option --use-standard-socket may now be used to use this feature by
|
|
|
|
default.
|
|
|
|
* The gpg-agent commands KILLAGENT and RELOADAGENT are now available
|
|
|
|
on all platforms.
|
|
|
|
* Minor bug fixes.
|
|
|
|
- drop gnupg-2.0.14-s2kcount.patch (builds fine without it now)
|
|
|
|
|
2010-07-19 23:58:25 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Jun 7 09:40:32 UTC 2010 - adrian@suse.de
|
|
|
|
|
|
|
|
- add special provides to make sure that obs signd gets correct gpg version
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri Apr 9 12:47:11 UTC 2010 - chris@computersalat.de
|
|
|
|
|
|
|
|
- fix deps
|
|
|
|
o libassuan-devel >= 2.0.0
|
|
|
|
o pth / libpth-devel >= 1.3.7
|
|
|
|
- added BuildReq libcurl-devel >= 7.10
|
|
|
|
- removed BuildReq openldap2
|
|
|
|
is already solved by openldap2-devel
|
|
|
|
- removed unrecognized configure options
|
|
|
|
--enable-external-hkp, --enable-shared, --enable-static-rnd
|
|
|
|
|
2010-04-07 18:08:16 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Apr 7 14:19:11 UTC 2010 - puzel@novell.com
|
|
|
|
|
|
|
|
- add gnupg-dont-fail-with-seahorse-agent.patch (bnc#589994)
|
|
|
|
|
2010-04-01 15:29:05 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Mar 31 13:47:00 UTC 2010 - puzel@novell.com
|
|
|
|
|
|
|
|
- update to gnupg-2.0.15
|
|
|
|
* New command --passwd for GPG.
|
|
|
|
* Fixes a regression in 2.0.14 which prevented unprotection of new
|
|
|
|
or changed gpg-agent passphrases.
|
|
|
|
* Make use of libassuan 2.0 which is available as a DSO.
|
|
|
|
|
2010-03-26 01:11:48 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Mar 22 15:09:24 UTC 2010 - puzel@novell.com
|
|
|
|
|
|
|
|
- fix files-are-digests patch (bnc#469229)
|
|
|
|
|
2010-02-18 13:58:28 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Feb 17 13:29:18 CET 2010 - dimstar@opensuse.org
|
|
|
|
|
|
|
|
- Update to version 2.0.14:
|
|
|
|
+ The default for --include-cert is now to include all
|
|
|
|
certificates in the chain except for the root certificate.
|
|
|
|
+ Numerical values may now be used as an alternative to the
|
|
|
|
debug-level keywords.
|
|
|
|
+ The GPGSM --audit-log feature is now more complete.
|
|
|
|
+ GPG now supports DNS lookups for SRV, PKA and CERT on W32.
|
|
|
|
+ New GPGSM option --ignore-cert-extension.
|
|
|
|
+ New and changed passphrases are now created with an iteration
|
|
|
|
count requiring about 100ms of CPU work.
|
|
|
|
- Add gnupg-2.0.14-s2kcount.patch: use fixed s2k-count number
|
|
|
|
otherwise the gpg2 would want to consult gpg-agent which is not
|
|
|
|
yet installed in the mock chroot (Patch shamelessly stolen from
|
|
|
|
Fedora).
|
|
|
|
|
2010-01-28 15:15:49 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Jan 28 14:15:24 UTC 2010 - puzel@novell.com
|
|
|
|
|
|
|
|
- fix build for older distributions
|
|
|
|
|
2010-03-22 16:13:26 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Jan 27 16:30:41 UTC 2010 - puzel@novell.com
|
|
|
|
|
|
|
|
- port files-are-digests patch from gpg1 (bnc#469229)
|
|
|
|
|
2009-12-16 16:50:59 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Dec 15 20:56:35 CET 2009 - jengelh@medozas.de
|
|
|
|
|
|
|
|
- enable parallel building
|
|
|
|
- SPARC needs large PIE model
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Sun Dec 6 08:52:32 UTC 2009 - coolo@novell.com
|
|
|
|
|
|
|
|
- change -lang require to recommended
|
|
|
|
|
2009-11-16 18:35:33 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri Nov 13 14:37:58 UTC 2009 - puzel@novell.com
|
|
|
|
|
|
|
|
- update to gnupg-2.0.13
|
|
|
|
* GPG now generates 2048 bit RSA keys by default. The default hash
|
|
|
|
algorithm preferences has changed to prefer SHA-256 over SHA-1.
|
|
|
|
2048 bit DSA keys are now generated to use a 256 bit hash algorithm
|
|
|
|
* The envvars XMODIFIERS, GTK_IM_MODULE and QT_IM_MODULE are now
|
|
|
|
passed to the Pinentry to make SCIM work.
|
|
|
|
* The GPGSM command --gen-key features a --batch mode and implements
|
|
|
|
all features of gpgsm-gencert.sh in standard mode.
|
|
|
|
* New option --re-import for GPGSM's IMPORT server command.
|
|
|
|
* Enhanced writing of existing keys to OpenPGP v2 cards.
|
|
|
|
* Add hack to the internal CCID driver to allow the use of some
|
|
|
|
Omnikey based card readers with 2048 bit keys.
|
|
|
|
* GPG now repeatly asks the user to insert the requested OpenPGP
|
|
|
|
card. This can be disabled with --limit-card-insert-tries=1.
|
|
|
|
* Minor bug fixes.
|
|
|
|
- drop gnupg-2.0.4-default-tty.diff
|
|
|
|
|
2009-06-20 01:33:05 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Jun 18 13:22:00 CEST 2009 - puzel@novell.com
|
|
|
|
|
|
|
|
- update to gnupg-2.0.12
|
|
|
|
* GPGSM now always lists ephemeral certificates if specified by
|
|
|
|
fingerprint or keygrip.
|
|
|
|
* New command "KEYINFO" for GPG_AGENT. GPGSM now also returns
|
|
|
|
information about smartcards.
|
|
|
|
* Made sure not to leak file descriptors if running gpg-agent with a
|
|
|
|
command. Restore the signal mask to solve a problem in Mono.
|
|
|
|
* Changed order of the confirmation questions for root certificates
|
|
|
|
and store negative answers in trustlist.txt.
|
|
|
|
* Better synchronization of concurrent smartcard sessions.
|
|
|
|
* Support 2048 bit OpenPGP cards.
|
|
|
|
* Support Telesec Netkey 3 cards.
|
|
|
|
* The gpg-protect-tool now uses gpg-agent via libassuan.
|
|
|
|
* Changed code to avoid a possible Mac OS X system freeze.
|
|
|
|
- drop gpg2-fix-rtsignals.patch (fixed upstream)
|
|
|
|
- drop gnupg-1.9.22-ccid-driver-fix.diff (unused)
|
|
|
|
|
2009-06-12 17:33:52 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Jun 11 11:19:58 CEST 2009 - puzel@suse.cz
|
|
|
|
|
|
|
|
- change BuildRequires: (pth-devel -> libpth-devel)
|
|
|
|
|
2009-03-20 19:37:13 +01:00
|
|
|
-------------------------------------------------------------------
|
2009-06-02 12:28:15 +02:00
|
|
|
Mon Jun 1 11:26:12 CEST 2009 - puzel@suse.cz
|
|
|
|
|
|
|
|
- BuildRequires: pth-devel
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
2009-03-20 19:37:13 +01:00
|
|
|
Wed Mar 18 13:51:30 CET 2009 - puzel@suse.cz
|
|
|
|
|
|
|
|
- add gpg2-fix-rtsignals.patch (bnc#481463)
|
|
|
|
|
2009-03-05 16:45:23 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Mar 5 13:39:42 CET 2009 - puzel@suse.cz
|
|
|
|
|
|
|
|
- update to 2.0.11
|
|
|
|
* Fixed a problem in SCDAEMON which caused unexpected card resets.
|
|
|
|
* SCDAEMON is now aware of the Geldkarte.
|
|
|
|
* The SCDAEMON option --allow-admin is now used by default.
|
|
|
|
* GPGCONF now restarts SCdaemon if necessary.
|
|
|
|
* The default cipher algorithm in GPGSM is now again 3DES. This is
|
|
|
|
due to interoperability problems with Outlook 2003 which still
|
|
|
|
can't cope with AES.
|
|
|
|
- dropped gnupg-2.0.10-fix-convert.patch (upstream)
|
|
|
|
- dropped gnupg-2.0.10-fix-missing-option.patch (upstream)
|
|
|
|
- disabled gnupg-1.9.22-ccid-driver-fix.diff (does not apply and it is
|
|
|
|
not clear what it is good for)
|
|
|
|
|
2009-03-02 16:33:31 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Mar 2 15:53:22 CET 2009 - puzel@suse.cz
|
|
|
|
|
|
|
|
- gnupg-2.0.10-fix-missing-option.patch (bnc#477362)
|
|
|
|
|
2009-01-22 13:04:18 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Jan 19 16:16:11 CET 2009 - puzel@suse.cz
|
|
|
|
|
|
|
|
- add gnupg-2.0.10-fix-convert.patch
|
|
|
|
- fix broken 'make check' on ppc, s390 and s390x
|
|
|
|
|
2009-01-13 18:57:46 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Jan 13 10:38:38 CET 2009 - puzel@suse.cz
|
|
|
|
|
|
|
|
- update to 2.0.10
|
|
|
|
* New keyserver helper gpg2keys_kdns as generic DNS CERT
|
|
|
|
lookup.
|
|
|
|
* New mechanisms "local" and "nodefault" for --auto-key-locate.
|
|
|
|
Fixed a few problems with this option.
|
|
|
|
* New command --locate-keys.
|
|
|
|
* New options --with-sig-list and --with-sig-check.
|
|
|
|
* The option "-sat" is no longer an alias for --clearsign.
|
|
|
|
* The option --fixed-list-mode is now implicitly used and obsolete.
|
|
|
|
* New control statement %ask-passphrase for the unattended key
|
|
|
|
generation.
|
|
|
|
* The algorithm to compute the SIG_ID status has been changed.
|
|
|
|
* [gpgsm] Now uses AES by default.
|
|
|
|
* [gpgsm] Made --output option work with --export-secret-key-p12.
|
|
|
|
* [gpg-agent] Terminate process if the own listening socket is not
|
|
|
|
anymore served by ourself.
|
|
|
|
* [gpg-connect-agent] Accept commands given as command line arguments.
|
|
|
|
* The gpg-preset-passphrase mechanism works again. An arbitrary
|
|
|
|
string may now be used for a custom cache ID.
|
|
|
|
* Admin PINs are cached again (bug in 2.0.9).
|
|
|
|
* Support for version 2 OpenPGP cards.
|
|
|
|
|
|
|
|
- specfile changes:
|
|
|
|
* require libadns
|
|
|
|
* explicit versions for some BuildRequires
|
|
|
|
* BuildRequires libgpg-error
|
|
|
|
* changed license to GPL v3
|
|
|
|
* /etc/gnupg/gnupg.conf is now (noreplace)
|
|
|
|
* documentation is installed with install
|
|
|
|
|
2008-06-22 02:49:11 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Jun 11 11:06:09 CEST 2008 - puzel@suse.cz
|
|
|
|
|
|
|
|
- fix [bnc#305725] - UTF-8 problems
|
|
|
|
* non latin characters displayed incorrectly by pinentry-*
|
|
|
|
|
2008-04-06 05:55:31 +02:00
|
|
|
-------------------------------------------------------------------
|
2008-05-22 00:04:27 +02:00
|
|
|
Wed May 21 14:01:14 CEST 2008 - puzel@suse.cz
|
|
|
|
|
|
|
|
- added missing gpgconf.conf (bnc#391347)
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
2008-04-06 05:55:31 +02:00
|
|
|
Fri Mar 28 16:14:33 CET 2008 - pcerny@suse.cz
|
|
|
|
|
|
|
|
- update to 2.0.9
|
|
|
|
* fixes CVE-2008-1530 (bnc#374254)
|
|
|
|
* removing gnupg-2.0.8-from-upstream.diff (included in release)
|
|
|
|
* removing gnupg-2.0.4-oldkey.diff (accepted by upstream)
|
|
|
|
* removing gnupg-2.0.8-warningfixes.diff
|
|
|
|
(also appears in upstream)
|
|
|
|
- patch gnupg-2.0.9-RSA_ES.patch
|
|
|
|
* adding back support for deprecated RSA_E, RSA_S algorithms
|
|
|
|
(bnc#342979)
|
|
|
|
|
2008-03-27 22:01:48 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Mar 26 22:07:29 CET 2008 - coolo@suse.de
|
|
|
|
|
|
|
|
- require the split out lang package
|
|
|
|
|
2008-03-26 16:13:07 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Sun Mar 23 12:10:56 CET 2008 - coolo@suse.de
|
|
|
|
|
|
|
|
- splitting out a third of the package by using a lang subpack
|
|
|
|
|
2008-02-15 01:20:58 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Feb 12 19:24:37 CET 2008 - bk@suse.de
|
|
|
|
|
|
|
|
- install gpg-zip and gpgsplit again and use -pie for randomisation
|
|
|
|
|
2008-02-08 18:45:44 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Feb 6 18:16:34 CET 2008 - bk@suse.de
|
|
|
|
|
|
|
|
- add selected upstream fixes and fix gcc and rpmlint warnings
|
|
|
|
|
2008-01-10 14:14:30 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Jan 8 10:48:30 CET 2008 - sassmann@suse.de
|
|
|
|
|
|
|
|
- update to GnuPG-2.0.8
|
|
|
|
- adapted patches to apply properly
|
|
|
|
* gnupg-1.9.18-tmpdir.diff
|
|
|
|
* gnupg-2.0.4-install_tools.diff
|
|
|
|
- gnupg-2.0.5.fixes-from-svn-20070812.diff commented out,
|
|
|
|
included in upstream 2.0.8
|
|
|
|
- use optflags during build
|
|
|
|
|
2007-09-13 18:44:44 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Sep 12 22:40:46 CEST 2007 - ltinkl@suse.cz
|
|
|
|
|
|
|
|
- fix #304749 - gpg2 unable to use old secret key
|
|
|
|
|
2007-09-11 18:18:39 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Sep 10 20:13:07 CEST 2007 - ltinkl@suse.cz
|
|
|
|
|
|
|
|
- fix gpg2 crash on accessing key (#307666)
|
|
|
|
- fix gpg doesn't work on the console (#302323)
|
|
|
|
|
2007-10-26 01:46:05 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri Aug 10 11:50:20 CEST 2007 - bk@suse.de
|
|
|
|
|
|
|
|
- update to GnuPG-2.0.5 - requries libassuan-1.0.2!
|
|
|
|
* Switched license to GPLv3.
|
|
|
|
* Fixed bug when using the --p12-charset without --armor.
|
|
|
|
* The command --gen-key may now be used instead of the
|
|
|
|
gpgsm-gencert.sh script.
|
|
|
|
* Changed key generation to reveal less information about the
|
|
|
|
machine. Bug fixes for gpg2's card key generation.
|
|
|
|
- enable make check to test against build issues in the crypto engine
|
|
|
|
- cleanup disabled nld patch for linking with -lgpg-error-nld
|
|
|
|
- use %find_lang to label the locale files properly with %lang
|
|
|
|
- add opensc-devel to BuildRequrires to enanble smartcard support
|
|
|
|
- del Makefile.in patches where we patch Makefile.am and run automake
|
|
|
|
- cleanup the standrd GNU INSTALL and the empty VERSION from %doc
|
|
|
|
|
2007-07-27 01:43:04 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Jul 26 13:16:22 CEST 2007 - sbrabec@suse.cz
|
|
|
|
|
|
|
|
- Build with libassuan-devel.
|
|
|
|
|
2007-06-21 21:56:01 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Jun 21 20:31:44 CEST 2007 - ro@suse.de
|
|
|
|
|
|
|
|
- install compat symlinks for gpg2 and gpgv2
|
|
|
|
- install gpg-zip and gpgsplit
|
|
|
|
- added openldap2 to buildrequires (for gpgkeys_ldap)
|
|
|
|
- added fPIE/pie to CFLAGS/LDFLAGS for gpgsplit
|
|
|
|
|
2007-05-23 23:18:51 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed May 23 19:02:45 CEST 2007 - dmueller@suse.de
|
|
|
|
|
|
|
|
- add libusb-devel build requires
|
|
|
|
|
2007-05-16 16:20:18 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed May 16 14:27:28 CEST 2007 - ltinkl@suse.cz
|
|
|
|
|
|
|
|
- remove gpg from Require's (#273491)
|
|
|
|
|
2007-05-11 15:35:54 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri May 11 13:20:19 CEST 2007 - ltinkl@suse.cz
|
|
|
|
|
|
|
|
- updated to 2.0.4 stable snapshot
|
|
|
|
|
2007-04-04 20:30:29 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Apr 4 12:42:06 CEST 2007 - ltinkl@suse.cz
|
|
|
|
|
|
|
|
- update to 2.0.3
|
|
|
|
- fixed #251605 - VUL-0: signing issues within GNUPG
|
|
|
|
- removed outdated patches
|
|
|
|
|
2007-03-30 02:08:34 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri Mar 30 01:58:56 CEST 2007 - ro@suse.de
|
|
|
|
|
|
|
|
- added zlib-devel to buildreq
|
|
|
|
|
2007-02-15 18:18:20 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Feb 14 15:14:44 CET 2007 - ltinkl@suse.cz
|
|
|
|
|
|
|
|
- fix file conflicts with gpg (#242133)
|
|
|
|
|
2007-01-30 00:52:49 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Jan 30 00:34:50 CET 2007 - ro@suse.de
|
|
|
|
|
|
|
|
- fix build (exclude possible debuginfo directory)
|
|
|
|
|
2007-01-29 16:59:51 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Jan 29 16:22:15 CET 2007 - ltinkl@suse.cz
|
|
|
|
|
|
|
|
- fix #221212 - gpg2 is not updated and do not contain documentation
|
|
|
|
- fix #233525 - gpg1/2: bug in vasprintf() implementation
|
|
|
|
|
2007-01-16 00:15:33 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Nov 30 16:59:25 CET 2006 - anicka@suse.cz
|
|
|
|
|
|
|
|
- fix overflow in openfile.c (CVE-2006-6169, #224108)
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Sep 11 13:44:21 CEST 2006 - pnemec@suse.cz
|
|
|
|
|
|
|
|
- updated gnupg to new version 1.9.22
|
|
|
|
Enhanced pkcs#12 support
|
|
|
|
Support for the CardMan 4040 PCMCIA
|
|
|
|
Collected bug fixes
|
|
|
|
- updated pth library to 2.0.7
|
|
|
|
- changed using pinetry-qt to pinentry
|
|
|
|
- removed -cfb.diff -signature.patch -cap_large_uid.patch patches
|
|
|
|
they are no longer needed
|
|
|
|
- change patch -warnings-fix.diff -ccid-driver-fix.diff
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Aug 17 11:55:09 CEST 2006 - pnemec@suse.de
|
|
|
|
|
|
|
|
- remove unused package in build requires
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Aug 9 09:32:56 CEST 2006 - pnemec@suse.cz
|
|
|
|
|
|
|
|
- fix spec file to build with new gettext 0.15
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Aug 7 11:06:19 CEST 2006 - pnemec@suse.cz
|
|
|
|
|
|
|
|
- fixed security fix with large uid CVE-2006-3746 [#195569]
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Feb 23 17:07:18 CET 2006 - pnemec@suse.cz
|
|
|
|
|
|
|
|
- fixed signature security problem CVE-2006-0455 (bugzilla#150742)
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Feb 2 15:37:22 CET 2006 - pnemec@suse.cz
|
|
|
|
|
|
|
|
- fixed install info in spec file
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Jan 26 15:52:26 CET 2006 - sbrabec@suse.cz
|
|
|
|
|
|
|
|
- Added missing %install_info.
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Jan 25 21:36:18 CET 2006 - mls@suse.de
|
|
|
|
|
|
|
|
- converted neededforbuild to BuildRequires
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri Aug 5 12:52:44 CEST 2005 - postadal@suse.cz
|
|
|
|
|
|
|
|
- updated to version to 1.9.18
|
|
|
|
- removed obsoleted gcc patch
|
|
|
|
- added patch tmpdir.diff for using $TMPDIR by gpg-agent [#bug95732]
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Jul 12 14:17:11 CEST 2005 - postadal@suse.cz
|
|
|
|
|
|
|
|
- updated to version to 1.9.17
|
|
|
|
- updated pth to version 2.0.4
|
|
|
|
- removed obsoleted patch agent-cache-fix.diff
|
|
|
|
- fixed ccid-driver.c
|
|
|
|
- fixed gcc4
|
|
|
|
- explicitly enabled gpg building in configure
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Mar 24 13:55:34 CET 2005 - postadal@suse.cz
|
|
|
|
|
|
|
|
- fixed caching passphrase in gpg-agent [#71975]
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Mar 22 18:11:12 CET 2005 - postadal@suse.cz
|
|
|
|
|
|
|
|
- fixed on 64bit archs [#72440]
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Feb 23 15:16:55 CET 2005 - postadal@suse.cz
|
|
|
|
|
|
|
|
- security fix for cfb-cipher issue [#65862]
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Jan 12 16:02:00 CET 2005 - postadal@suse.cz
|
|
|
|
|
|
|
|
- update to version 1.9.14
|
|
|
|
- removed obsoleted patch automake-fixes.diff
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Sep 28 08:52:32 CEST 2004 - adrian@suse.de
|
|
|
|
|
|
|
|
- link against libpth staticaly to make S/MIME support in kmail
|
|
|
|
usable. Hopefully we can convert this to a native thread implementation
|
|
|
|
later. (#46260)
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Sat Jul 31 15:07:26 CEST 2004 - adrian@suse.de
|
|
|
|
|
|
|
|
- update to version 1.9.10
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Jul 20 09:01:50 CEST 2004 - adrian@suse.de
|
|
|
|
|
|
|
|
- remove openct and opensc packages from nfb
|
|
|
|
(we will need thread support, when enabling card reader support,
|
|
|
|
but it isn't anyway implemented yet in gpg2)
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Jul 12 17:55:32 CEST 2004 - adrian@suse.de
|
|
|
|
|
|
|
|
- use GnuPG 2 sources version 1.9.9
|
|
|
|
- opensc support misses some functions atm, support disabled for now
|
|
|
|
- threading is disabled, since we do not have a pth package for now
|
|
|
|
- prepare for nld
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Feb 26 13:27:08 CET 2004 - postadal@suse.cz
|
|
|
|
|
|
|
|
- adapted some functions to the libgcrypt version 1.1.91 [#34987]
|
|
|
|
- added libgpg-error to needforbuild flag
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Feb 18 14:02:47 CET 2004 - kukuk@suse.de
|
|
|
|
|
|
|
|
- Don't build against libpth.
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Feb 10 16:00:08 CET 2004 - postadal@suse.cz
|
|
|
|
|
|
|
|
- fixed code that broke strict aliasing
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri Dec 5 14:35:32 CET 2003 - garloff@suse.de
|
|
|
|
|
|
|
|
- disable core dumpe in child after forking. [#33499]
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Aug 11 14:48:50 CEST 2003 - adrian@suse.de
|
|
|
|
|
|
|
|
- cleanup #neededforbuild and requires
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Aug 4 15:28:41 CEST 2003 - ro@suse.de
|
|
|
|
|
|
|
|
- added openct to neededforbuild
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri Jul 18 14:23:15 CEST 2003 - mc@suse.de
|
|
|
|
|
|
|
|
- build against opensc
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Thu Jun 19 19:04:45 CEST 2003 - schwab@suse.de
|
|
|
|
|
|
|
|
- Add %install_info.
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Mon Mar 17 15:25:30 CET 2003 - adrian@suse.de
|
|
|
|
|
|
|
|
- add signal handler to check if the parent is still alive and
|
|
|
|
exit if not
|
|
|
|
- use pinentry-qt by default (/usr/bin/pinentry do not exist)
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Feb 11 15:38:30 CET 2003 - mc@suse.de
|
|
|
|
|
|
|
|
- initial release
|
|
|
|
|