From 3c3e528fd82bbca832ad1ffe692825ea849d896f413d8dba4d6430171e1210e5 Mon Sep 17 00:00:00 2001 From: Pedro Monreal Gonzalez Date: Wed, 2 Sep 2020 15:10:22 +0000 Subject: [PATCH 1/3] Accepting request 831325 from home:AndreasStieger:branches:Base:System GnuPG 2.2.22, with keyring refresh OBS-URL: https://build.opensuse.org/request/show/831325 OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=253 --- gnupg-2.2.21.tar.bz2 | 3 - gnupg-2.2.21.tar.bz2.sig | Bin 310 -> 0 bytes gnupg-2.2.22.tar.bz2 | 3 + gnupg-2.2.22.tar.bz2.sig | Bin 0 -> 119 bytes gnupg-gpgme-t-encrypt-sym.patch | 21 ----- gpg2.changes | 29 +++++++ gpg2.keyring | 148 ++++++++++++-------------------- gpg2.spec | 7 +- 8 files changed, 91 insertions(+), 120 deletions(-) delete mode 100644 gnupg-2.2.21.tar.bz2 delete mode 100644 gnupg-2.2.21.tar.bz2.sig create mode 100644 gnupg-2.2.22.tar.bz2 create mode 100644 gnupg-2.2.22.tar.bz2.sig delete mode 100644 gnupg-gpgme-t-encrypt-sym.patch diff --git a/gnupg-2.2.21.tar.bz2 b/gnupg-2.2.21.tar.bz2 deleted file mode 100644 index 2153d1d..0000000 --- a/gnupg-2.2.21.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:61e83278fb5fa7336658a8b73ab26f379d41275bb1c7c6e694dd9f9a6e8e76ec -size 6813160 diff --git a/gnupg-2.2.21.tar.bz2.sig b/gnupg-2.2.21.tar.bz2.sig deleted file mode 100644 index 6066e3d8006879cb4407a37a58ee62d26bb96f76c590dc5ae481e691f9e6bbeb..0000000000000000000000000000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 310 zcmV-60m=S}0W$;u0SEvc79j-KX(1!T23_i24?49Zn>o@?CF8aQ0$&F8WdI5Z5G0#9 z(oZGhwqD)`{TFAp_HnoMS;fbf*fWyPGD>lM^*K_}rV&w3tdDTVu}k`UDA2Q^7HHRE zT0g+|j@*AxfEASbB7wh3q}cz=i+Hm*aIpvg{UM@O^j}j#Q|+M!&nP&x#AC&7sKLur z9D;1#0;b*M2Kf4e7?CmG+m5^@nbUz}iZ}F}@H{}gB~)Y0{fF^$si+)m30i@_T@}dL zB2m!v24JtF&kqdtecp+|)|y(=Bs2j;9)cA+OII_}C_Ua#&s$6hBw`1YRg*Sq=r|t+ zAF{lYgZ~rATz(kny85xdo zUO5ruW$Tj1ooS#H@OlDYvS!NO4SM=rUsuQlB*YjnGW3+)0rOG;~>;)FB3FjtB Th`*kGZfailed_tries = 0; - continue; - } -- if (*pi->pin && !pi->repeat_okay) -+ if (*pi->pin && !pi->repeat_okay -+ && ctrl->pinentry_mode != PINENTRY_MODE_LOOPBACK) - { - /* The passphrase is empty and the pinentry did not - * already run the repetition check, do it here. This -- * is only called when using an old and simple pinentry. */ -+ * is only called when using an old and simple pinentry. -+ * It is neither called in loopback mode because the -+ * caller does any passphrase repetition by herself. */ - xfree (response); - response = NULL; - rc = agent_get_passphrase (ctrl, &response, diff --git a/gpg2.changes b/gpg2.changes index 41306de..ee39e4e 100644 --- a/gpg2.changes +++ b/gpg2.changes @@ -1,3 +1,32 @@ +------------------------------------------------------------------- +Tue Sep 1 21:09:57 UTC 2020 - Andreas Stieger + +- GnuPG 2.2.22: + * gpg: Change the default key algorithm to rsa3072 + * gpg: Add regular expression support for Trust Signatures on + all platforms + * gpg: Ignore --personal-digest-prefs for ECDSA keys + * gpgsm: Make rsaPSS a de-vs compliant scheme + * gpgsm: Show also the SHA256 fingerprint in key listings + * gpgsm: Do not require a default keyring for --gpgconf-list + * gpg-agent: Default to extended key format and record the + creation time of keys + Add new option --disable-extended-key-format + * gpg-agent: Support the WAYLAND_DISPLAY envvar + * gpg-agent: Allow using --gpgconf-list even if HOME does not + exist + * gpg-agent: Make the Pinentry work even if the envvar TERM is + set to the empty string + * scdaemon: Add a workaround for Gnuk tokens <= 2.15 which + wrongly incremented the error counter when using the + "verify" command of "gpg --edit-key" with only the signature + key being present + * dirmngr: Better handle systems with disabled IPv6 + * gpgpslit: Install tool. It was not installed in the past to + avoid conflicts with the version installed by GnuPG 1.4 + * gpgtar: Make --files-from and --null work as documented +- drop gnupg-gpgme-t-encrypt-sym.patch, upstream + ------------------------------------------------------------------- Tue Jul 14 10:22:22 UTC 2020 - Pedro Monreal Gonzalez diff --git a/gpg2.keyring b/gpg2.keyring index 4637a2d..96f1bf5 100644 --- a/gpg2.keyring +++ b/gpg2.keyring @@ -1,5 +1,4 @@ -----BEGIN PGP PUBLIC KEY BLOCK----- -Version: GnuPG v2 mQENBE0ti4EBCACqGtKlX9jI/enhlBdy2cyQP6Q7JoyxtaG6/ckAKWHYrqFTQk3I Ue8TuDrGT742XFncG9PoMBfJDUNltIPgKFn8E9tYQqAOlpSA25bOb30cA2ADkrjg @@ -7,93 +6,60 @@ jvDAH8cZ+fkIayWtObTxwqLfPivjFxEM//IdShFFVQj+QHmXYBJggWyEIil8Bje7 KRw6B5ucs4qSzp5VH4CqDr9PDnLD8lBGHk0x8jpwh4V/yEODJKATY0Vj00793L8u qA35ZiyczUvvJSLYvf7STO943GswkxdAfqxXbYifiK2gjE/7SAmB+2jFxsonUDOB 1BAY5s3FKqrkaxZr3BBjeuGGoCuiSX/cXRIhABEBAAG0Fldlcm5lciBLb2NoIChk -aXN0IHNpZymJAT4EEwECACgFAk0ti4ECGwMFCRDdnwIGCwkIBwMCBhUIAgkKCwQW -AgMBAh4BAheAAAoJECSbOdJPJeO2PlMIAJxPtFXf5yozPpFjRbSkSdjsk9eru05s -hKZOAKw3RUePTU80SRLPdg4AH+vkm1JMWFFpwvHlgfxqnE9rp13o7L/4UwNUwqH8 -5zCwu7SHz9cX3d4UUwzcP6qQP4BQEH9/xlpQS9eTK9b2RMyggqwd/J8mxjvoWzL8 -Klf/wl6jXHn/yP92xG9/YA86lNOL1N3/PhlZzLuJ6bdD9WzsEp/+kh3UDfjkIrOc -WkqwupB+d01R4bHPu9tvXy8Xut8Sok2zku2xVkEOsV2TXHbwuHO2AGC5pWDX6wgC -E4F5XeCB/0ovao2/bk22w1TxzP6PMxo6sLkmaF6D0frhM2bl4C/uSsqInAQQAQIA -BgUCTS2NBAAKCRBTtiDQHODGMEZPBACLmrMjpwmyVvI6X5N4NlWctXQWY+4ODx2i -O9CtUM/F96YiPFlmgwsJUzyXLwALYk+shh83TjQLfjexohzS1O07DCZUy7Lsb9R7 -HbYJ1Yf/QcEykbiAW465CZb1BAOMR2HUODBTaABaidfnhmUzJtayz7Y0KKRHAx+V -VS6kfnsFq5kBDQRUUF8HAQgAh1mo8r+kVWVTNsNlyurm2tdZKiQbdeVgpBgcDnqI -3fAV58C3nC8DVuK5qVGZPB/jbu42jc8BXGP1l6UP+515LQL5GpTtV0pRWUO02WOu -TLZBVQcq53vzbg1xVo31rWV96mqGAPs8lGUCm09fpuiVKQojO6/Ihkg7/bnzeSbc -X5Xk9eKLhyB7tnakuYJeRYm4bjs+YDApK8IFQyevYF8pjTcbLTSNJPW9WLCsozsy -11r4xdfRcTWjARVz5VzTnQ+Px8YtsnjQ3qwNJBpsqMLCdDN7YGhh/mlwPjgdq/UF -f5+bY6f3ew0vshBqInBQycBSmYyoX0Ye3sAS/OR4nu5ZaQARAQABtD5EYXZpZCBT -aGF3IChHbnVQRyBSZWxlYXNlIFNpZ25pbmcgS2V5KSA8ZHNoYXdAamFiYmVyd29j -a3kuY29tPokBPgQTAQIAKAUCVFBfBwIbAwUJCbp27gYLCQgHAwIGFQgCCQoLBBYC -AwECHgECF4AACgkQBDdvPuCFaVmIoQf+POxCWkCTicRVlq0kust/iwYO1egK9FWG -130e2Irnv2lAZZN/0S5ibjHCYFp9gfMgmtVTF5oWXjSDAy/kIykQBBcUVx4SCJbd -MtKSdsSIQMz6P4DxXumxQm79msOsbi5TsdtUwjqdrbu2sHloE7ck/hTXUCkX3zuq -txY7W23BCQxVVT5qUaFuAHkkQaaBgAb8gdgixmkIBfu9u8k3k9zUKm/PNfMjxClv -ORkP8gev+XyzNgcXM49h5YYlmDT+Ahv99nUM1wg8yJTjefBAY0fL982Scx30nDQO -3w7ihALUoj5+TXQjhs3sWPJ8u3pstr9XcfzEZC77/CZmRYNr8g5hBokBHAQQAQgA -BgUCVFOBbwAKCRAkmznSTyXjtmHeB/0X00v959Oyc0EsSLOlfC52qsEn5cU7vxFb -+KY9aKtG4+hApJxemkqpCgA5+xZwXp3SQOf0sYFwz5OsukIjRF0HgSEdjoMTH6b7 -lT0nCwKo8AMU0nJbopVIJikHOzk2gUqh1gxu5iml1RbSkmFhiGjYeqM+ONQynCeX -Gg3LLZCQ1eeoaX69bvbWQFDtTIn2HYvjZLjuGC6PGH/naZ7GchiiiK0bs4UOdJFX -HtITC/7DcgEiHMHOMT3XlwINTexZG0grl2LuWuyyhurJh5IO6geArPKUmR8SjJjV -azpwbutZhYjTzfUpPvKK8kCSan9Df5eeekDrKCU8x8aqLDVyoQcRmQENBFRQOyMB -CADmEHA30Xc6op/72ZcJdQMriVvnAyN22L3rEbTiACfvBajs6fpzme2uJlC5F1Hk -Ydx3DvdcLoIV6Ed6j95JViJaoE0EB8T1TNuQRL5xj7jAPOpVpyqErF3vReYdCDIr -umlEb8zCQvVTICsIYYAo3oxX/Z/M7ogZDDeOe1G57f/Y8YacZqKw0AqW+20dZn3W -7Lgpjl8EzX25AKBl3Hi/z+s/T7JCqxZPAlQq/KbHkYh81oIm+AX6/5o+vCynEEx/ -2OkdeoNeeHgujwL8axAwPoYKVV9COy+/NQcofZ6gvig1+S75RrkG4AdiL64C7OpX -1N2kX08KlAzI9+65lyUw8t0zABEBAAG0Mk5JSUJFIFl1dGFrYSAoR251UEcgUmVs -ZWFzZSBLZXkpIDxnbmlpYmVAZnNpai5vcmc+iQE8BBMBCAAmBQJUUDsjAhsDBQkD -wmcABQsHCAkDBBUICQoFFgIDAQACHgECF4AACgkQIHGwijO9PwZ1/wgA0LKal1wF -Za8FPUonc2GzwE9YhkZiJB8KA/a7T6//cW4N46/GswiqZJxN1RdKs1B+rp7EMMU3 -bhoXstLBcIYveljqh4lPBWCsTT2+/OpwAmgnzjgdTHcpnCMTEOdZktD5SKrTj2tV -aWXAlWK/UsEEanA3cvzofy44n7rm+Eoa7P1YGCHL++Ihsi66ElbehilTT/xxckHX -Uji1XDvoagEENEHk5j4Z2mhWtjnGclvuiBkS4XezezNMW/fPAypZX4bkURNbGd8j -tkb3Eqt+bv+ZQoSA+Ukv8APaAzj8lRSw+CYjDxpoM0jtmiPrk+u/Do46COVA/IX2 -2aYNT2Y2KoWJV4kBHAQQAQgABgUCVFOCHQAKCRAkmznSTyXjtoIhB/0ZE/ppI2Gc -qDxSwPKkRkkoMD8oXdKkPxjUF2jgP+bceHKiz1F78cx/eZltB4av8OujO1IwqH2C -0aVr46W3eSyIcpmmw6F9sjLcTfyZJfWJrvobb7WQSKvWw0eHFgNGR6Z+BA3ohjws -aCZtzzkH2gXI+EM7qaZozMw+eSkZ4qTE9B4/hkMZZpBO0oGy9PQzSlADGftyyuTt -oSUvepfs+EvYSddQ7skXWq0zePuOhng2Mppl690A+aTywyetbPvVeqjiAbI7NB5f -8Tw7dk0Febe9NHvbwzgiStMPmIKrTcthvgIClBkZvmkBFWAPxYPdHfLzAlpDGxJt -R31c0zNFBH68mQENBFRDqVIBCAC0k8eZKDmNqdmawOlJ/m62L2g8uXT/+/vAEGb1 -yaib09xI6tfGXzbqlDwrLIZcJsSIT/nt/ajJnIVbc3137va4XbwMzsDpAMH4mmiT -oqk+izEChGm2knzrLwhoflR8aGsKL35QoZT/erdjfgPeCRLvf25fHsN2Jb0WIMzC -56VkMeFoza+9HZ5hrkemmm+gPvIvhEUopxCyOS8mK5WjB4zzIdyDJfkqVpHvafNP -0N4LIsedKdyHcj/K3kY4Kejl99GW1z1snBgPamoN2/e52Pf6KTw2FjsSGZ72oalc -rkBR4wacUizGxKcRD2Y6Xa0g9mwToWdNBQCIII+uTzOzq1EDABEBAAG0IVdlcm5l -ciBLb2NoIChSZWxlYXNlIFNpZ25pbmcgS2V5KYkBPQQTAQgAJwUCVEOpUgIbAwUJ -C6oF9QULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAAKCRCKhhscfv1g2aH7B/wIW6mV -mTmzW2xc1q1MUdssExQBhEeONrbWJ/HiGZP/MaabgQ/+wZuThTAwfGM5zFQBOvrB -OGURhINU6lYQlcOrVo+V8Z1mNQKFWaKxJaY5Ku1bB1OuX9FHLEiMibogHu5fjJIX -BE8XrnvueejyFQ5g/uX2xcGgCWlMe49sR3K+lEl3n93xTmSNhP52r0gTjMjbqKWK -UaIGJ5OcWSrvawdfqLXkxR8phq2AlHHEfxpcZsOp9mZirWYQ5jcgGgFP0LYXUw/R -nxFpOcrj45qufmyEL9QJKjBV5RaHJbqukefwUInPQtVUmINqQxztSh5QxQP2tsUP -IeEi5RAoCwLJam8ziQEcBBABCAAGBQJUU4JUAAoJECSbOdJPJeO2c+cH+wevKc8w -bkWSoGOJiYDglVMJa4x5utgHyXP4PyqelIQ7yibfQq3YyOU9RWRGxfvuofPXpx1E -u/XtCGgw03r4HZhauauYe27IDpA5P/Go7+WqufT6gMBoZf/1cD2ykQZpFyszEKHf -Y+BlzqPJcRaXy4+uQG3O+bh/R2eIGAJDao/AclJI+kfckeY5DzRTibPex+rGAkxZ -8qHtlCb0WeUbL3mgl9f3LlbPH77w1on6XqqIaQ+ODSS/3CUOIhNI3lrGO7mIqhSC -0n+rpqLHeVLpLkz0IFvsJOp9UOHDCA8oL0cQtJGP1pN7muKR9nCVtoNuN41JapoO -4ZaHe5Y0r5MIofSYjgRDt/rHAQQA0JkZeitcyQMqk2xGd/5mGoc4+YNwQo8OSmVw -IvY8UAI3tBorhF6ha9niaqZU4vdldTnXMU0j1oPckAhOgRPaOvaEZhYUTF0F/15p -iAF5dkZQ6dsmXVUkPNYMZTpkc2nA+IACBiOmygGBkLFuXvHRW1i6SNz28iRH/UZc -YLi/2iEAIIFWUJm0Jldlcm5lciBLb2NoIChkaXN0IHNpZykgPGRkOWpuQGdudS5v -cmc+iLwEEwECACYCGwMGCwkIBwMCBBUCCAMEFgIDAQIeAQIXgAUCTS2MtwUJClRO -YQAKCRBTtiDQHODGMPB4A/0U1DJR9LbkWuBs8Ko6KJoKLMVI6iYNJBhAtm3dxWeU -xA16eYDWW/b9Lk5KnjtSWuGOeqa7MCsXnkyHkO88KE9IcM3mFnhfFN2qagd/nRch -l9MPsdOgf/ug7j72Alv2V8s28R10HTjfwySe/omXWwK3qn8ou6N7ID+EwCV7i2e2 -u5kBogQ1oh4eEQQA/pdK4Oafa1uDN7Cr5nss4bNpg8YUSg01VVJ08KTCEdpCAPaU -+NzaP3KD2ow74WU2gzP70s9uSGQ2Vie4BLvOkaaBHba/3ivBrg3ILFrxbOfmKQg8 -Fhtncd/TBOwzfkkbxBNcVJuBPRtjZ3dlDbS4IPNsIIv2SuCIfQmA8qNGvWsAoIrJ -90b2fzERCZkKtfkoyYA8fnNrBADhJ8RmIrKiCnDk3Tzk04nu6O8fp3ptrmnO7jlu -vDfsEVsYRjyMbDnbnjCGu1PeFoP2HZ+H9lp4CaQbyjWh2JlvI9UOc72V16SFkV0r -8k0euNQXHhhzXWIkfz4gwSbBkN2nO5+6cIVeKnsdyFYkQyVs+Q86/PMfjo7utyrc -WLq1CAQAou3da1JR6+KJO4gUZVh2F1NoaVCEPAvlDhNV10/hwe5mS0kTjUJ1jMl5 -6mwAFvhFFF9saW+eAnrwIOHjopbdHrPBmTJlOnNMHVLJzFlqjihwRRZQyL8iNu2m -farn9Mr28ut5BQmp0CnNEJ6hl0Cs7l2xagWFtlEK2II144vK3fG0J1dlcm5lciBL -b2NoIChnbnVwZyBzaWcpIDxkZDlqbkBnbnUub3JnPohhBBMRAgAhAheABQkOFIf9 -BQJBvGheBgsJCAcDAgMVAgMDFgIBAh4BAAoJEGi3q4lXVI3NBJMAn01313ag0tgj -rGUZtDlKYbmNIeMeAJ0UpVsjxpylBcSjsPE8MAki7Hb2Rw== -=W3eM ------END PGP PUBLIC KEY BLOCK----- \ No newline at end of file +aXN0IHNpZymJAVUEEwEIAD8CGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAFiEE +2GkhI8QGXepeDzq1JJs50k8l47YFAl4MxBkFCRShVzYACgkQJJs50k8l47YImQf9 +HaqHWor+aSmaEwQnaAN0zRa4kPbAWya182aJtsFzLZJf6BbS0aoiMhwtREN/DMvB +jzxARKep/cELaM+mc7oDK4mEwqSX/u6BE8D7FaNA9sut8P+4xjpoLPU+UzILMg29 +t1remjyT9rs6sbu8BqufIxueArkjoi4WCOSRiVTdw+YDd88volPkXlPfS8hg9Rct +wZ8kEEDywa+NrxiLx+kDgDNTNdk3PJdfcnesf8S1a+KLUTNRds5+xGTYz0JSQ9BZ +7Q9r4VQ/NL55muQZi5W7lVxdp3HxQFUNjHzzBfGtkpS4xqZpJvNjW50Wh5Vi5RYZ +LZ3M1EuIHXHmRiY4dmqqcpkBDQRUUDsjAQgA5hBwN9F3OqKf+9mXCXUDK4lb5wMj +dti96xG04gAn7wWo7On6c5ntriZQuRdR5GHcdw73XC6CFehHeo/eSVYiWqBNBAfE +9UzbkES+cY+4wDzqVacqhKxd70XmHQgyK7ppRG/MwkL1UyArCGGAKN6MV/2fzO6I +GQw3jntRue3/2PGGnGaisNAKlvttHWZ91uy4KY5fBM19uQCgZdx4v8/rP0+yQqsW +TwJUKvymx5GIfNaCJvgF+v+aPrwspxBMf9jpHXqDXnh4Lo8C/GsQMD6GClVfQjsv +vzUHKH2eoL4oNfku+Ua5BuAHYi+uAuzqV9TdpF9PCpQMyPfuuZclMPLdMwARAQAB +tDJOSUlCRSBZdXRha2EgKEdudVBHIFJlbGVhc2UgS2V5KSA8Z25paWJlQGZzaWou +b3JnPokBPAQTAQgAJgIbAwULBwgJAwQVCAkKBRYCAwEAAh4BAheABQJYDxRZBQkL +S5A2AAoJECBxsIozvT8GvG8IAMBIlGz9voYcSSXAdQOuvz2gM2kOjvMHzN6VlS9V +P06IjnTz2DnejFZwLmxJw8e8mZjUo0jw22uo1HREQhDrne3S1IazPMeTUCUNzpWF +MxXNc6SAyrw9apWa8gouGUWJv3HOwVs8EFA2E9UdtDJ2uG7MY/+eC5K/aeOAyudZ +EbvS8rgZypTFrBtBcNKUWZhz7FRn63HxEmYLE3p6I19ZDXrc1WTazF2oz18zym6c +uURr6waRbdSemUTshpLnKCBZXzJ82bXBgXNnfdmc3gtS24ZmM3ZfK/rYztEDkiTk +s2R1gwDwf5RtDpaf5LD2ufESdbLuT+8blAlscbgYLBcwDquZAY0EWMu6rgEMAKcz +vM1IhpUwBpxPCNdrlMZh7XeLqKUd7hUvQ1KHOuDONxCDnfXdxGCKKI0Ds5I7Kkyp +Wzvcl7PplRy2fYZWwcGtL+Kj01y4L2lXB/xrrVaVwRr4S0FrcbseUGYRafBpR0C1 +Yo24CL1ef4ivsfbER2SyaZ3lrT9Ccv6xfvTluhU8X+2li1ssak/Frvy02u3EORLD +LxaaLQgANgsjnIjv/JQZ4l3xFIJT98tEoL18btg5lGrS2w4yFU1aa1SNsbp7vcu7 +wsqcJmCzX98LyG8/IBGJ5JXmZ03yzWhZ3uhhy1+Avi4GV4Mi0ADwaGMp6O63Mc3w +SL8A/DoCKJLISOc+D5xNfw6C8sYlaOSzQfqY9l4HW/+QbJmEFL2+bnjSHb8yaVU3 +ae2IIrlNkZ5Jamp12Kq6x9Vei0xGk3gd4sqhmHhECdxoJtkX9L5gt436QxdjiTcW +q3V+NNfq94UJu2Ej2kN0fNT0t9RU2n0P/mS0L+1gw5Ex6BX7BIzGL0bZhYomQwAR +AQABiQHOBB8BCAA4FiEEW4DFdUKY8MtV2O1qvO9+KUsJLigFAljLwN0XDIABlKXJ +oDwv5co7CV2OH99yPPRitrECBwAACgkQvO9+KUsJLig2Cgv/T4rXEjHwlbsuTkzp +tgK80Dh92URzBAhPhSJ0kUz2b6y7FgVYgZ95u8elGUS4lOB0GOQSK3y4sCgldTQF +GQpMuvNMX6oNQTv1Z/H9H7Sc6AntozKRA6LQC+7DMxjPh2DEhVLYNqi7gMXtuH8o +Xz5+quarw/xbVmuS4UNqcxakd4A/HW6PayRhuju4+oV2+UmGU0etzGVwKSN/UicC +3Re3mUy8SwJFQ9/3EAfiY0SGzSWH1z7bTRg9Ga2ctYDNzUpyQsgLxD6ZRHcONkOo +GUMEQ96BeSsjT4yW9ED70CcCbhg+pMxR+lnpk4BZ4WML/plBjEb8B1YaRvhYWKd3 +OSVB/JsS6J6Q/y9TTsAJDBLAfw9h7RQKibViuVFSNftAuSdktah5mDwFnL0ZMzVS +3tDVDa5PDqbHEhK55/5EWBg4eNbAukVZmmoLzzERGXuj+LOIRElG3/n3chy1uM73 +B6da3al4gDDNHifPsuozpkVN1EAROZx1K9hGGDZC3yFQTjsJtCRBbmRyZSBIZWlu +ZWNrZSAoUmVsZWFzZSBTaWduaW5nIEtleSmJAdQEEwEIAD4WIQRbgMV1Qpjwy1XY +7Wq8734pSwkuKAUCWMu6rgIbAwUJEswDAAULCQgHAgYVCAkKCwIEFgIDAQIeAQIX +gAAKCRC8734pSwkuKEL9DACEIL5IS9wUty62Bnwd9wK2hmwihXNkTLsOOoi8aCdO +ywPwcIucgAcIO+c/t0lbe4y4sJ1KrKbdyOUQiJAyxobLCSV/MkhIDAmsZB1ZIpF3 +nfmNekRdCVcMpqX8jAwoBS3Q9m2UJz1LeDCLFCvLF0nbyUnqHZP19UOvxmzAyZMA +Ub3W5y1+GMo4yA+3xSFI8ZbjzhawixCCRs69/4p+zCXR4e7LBf6koAHllD/0ZULp +SDjF+t2IkvRrMlM+e+Mxjklinr8v1FRGzmE/kCcdHaP88+iwC2wUKOZtFs4yIBLO +SWdQk9tLPmR8uWgNZmatRJyNvOaxd6EbK3jfckbJGFkmXjH+M9vMqFpoAewZ359F +qjq+Us7AXLAMNUynom7IrtR5Rvsjx6RNtKQYUD6XY5rc7r9js9iGruHDAAW5lyRg +j3wikc0IbV9L1bTsXIp29BsrU9sXUkVEp+xQJZgwqoOduoSjmOK88QdkibDqJiGF +dzIRiXx+Nxv1Pr9L7A4/tq+YMwRfQ+WJFgkrBgEEAdpHDwEBB0DPvkeV6RzXomGF +8jQwp0RXEt2TGFwwI7RkbpYwECY2l7QfV2VybmVyIEtvY2ggKGRpc3Qgc2lnbmlu +ZyAyMDIwKYiaBBMWCgBCFiEEbapuZKdtKEBXG0kCUoiXuCZAOtoFAl9D7DUCGwMF +CRKFxxEFCwkIBwIDIgIBBhUKCQgLAgQWAgMBAh4HAheAAAoJEFKIl7gmQDraea4A +/24v8c50HSC/Basf4WlREkuzhudplo8iT0BGtTQRdGAmAP9gIZ8dBekg9PRlpe7A +l7ErThn6owVH9szWrUt6jkKOBg== +=h7e4 +-----END PGP PUBLIC KEY BLOCK----- diff --git a/gpg2.spec b/gpg2.spec index ff9d6ff..3ce7253 100644 --- a/gpg2.spec +++ b/gpg2.spec @@ -17,7 +17,7 @@ Name: gpg2 -Version: 2.2.21 +Version: 2.2.22 Release: 0 Summary: File encryption, decryption, signature creation and verification utility License: GPL-3.0-or-later @@ -40,13 +40,11 @@ Patch13: gnupg-accept_subkeys_with_a_good_revocation_but_no_self-sig_duri Patch14: gnupg-add-test-cases-for-import-without-uid.patch Patch15: gnupg-allow-import-of-previously-known-keys-even-without-UIDs.patch Patch1124847: gnupg-gpg-agent-ulimit.patch -# PATCH-FIX-UPSTREAM bsc#1174007 gpgme: Fails to build with latest gpg-2.2.21 -Patch16: gnupg-gpgme-t-encrypt-sym.patch BuildRequires: expect BuildRequires: fdupes BuildRequires: libassuan-devel >= 2.5.0 BuildRequires: libgcrypt-devel >= 1.7.0 -BuildRequires: libgpg-error-devel >= 1.24 +BuildRequires: libgpg-error-devel >= 1.25 BuildRequires: libksba-devel >= 1.3.4 BuildRequires: makeinfo BuildRequires: npth-devel >= 1.2 @@ -107,7 +105,6 @@ gpgsm, or via the gpg-connect-agent tool. %patch13 -p1 %patch14 -p1 %patch15 -p1 -%patch16 -p1 touch -d 2018-05-04 doc/gpg.texi # to compensate for patch11 in order to not have man pages and info files have the build date (boo#1047218) %build From 03802fc910a954554a232a4a484638b72a84ff48b6184d73785ffb19f79f16c9 Mon Sep 17 00:00:00 2001 From: Pedro Monreal Gonzalez Date: Thu, 3 Sep 2020 17:55:58 +0000 Subject: [PATCH 2/3] Accepting request 831935 from home:AndreasStieger:branches:Base:System GnuPG 2.2.23 with security fix gpg: fix AHEAD preference list overflow boo#1176034 OBS-URL: https://build.opensuse.org/request/show/831935 OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=254 --- gnupg-2.2.22.tar.bz2 | 3 --- gnupg-2.2.22.tar.bz2.sig | Bin 119 -> 0 bytes gnupg-2.2.23.tar.bz2 | 3 +++ gnupg-2.2.23.tar.bz2.sig | Bin 0 -> 310 bytes gpg2.changes | 10 ++++++++++ gpg2.spec | 2 +- 6 files changed, 14 insertions(+), 4 deletions(-) delete mode 100644 gnupg-2.2.22.tar.bz2 delete mode 100644 gnupg-2.2.22.tar.bz2.sig create mode 100644 gnupg-2.2.23.tar.bz2 create mode 100644 gnupg-2.2.23.tar.bz2.sig diff --git a/gnupg-2.2.22.tar.bz2 b/gnupg-2.2.22.tar.bz2 deleted file mode 100644 index fda127b..0000000 --- a/gnupg-2.2.22.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:7c1370565e1910b9d8c4e0fb57b9de34aa062ec7bb91abad5803d791f38d855b -size 7098444 diff --git a/gnupg-2.2.22.tar.bz2.sig b/gnupg-2.2.22.tar.bz2.sig deleted file mode 100644 index 217896e034fc65f18e313b3ceeca4f258f3d861ca44d6ff27a7b82244698bcc3..0000000000000000000000000000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 119 zcmeAuWnmEGV2~A4WXWBXm$E!p!y#PSlPRcU`VKV*t6Qv0@$Rb*F>rATz(kny85xdo zUO5ruW$Tj1ooS#H@OlDYvS!NO4SM=rUsuQlB*YjnGW3+)0rOG;~>;)FB3FjtB Th`*kGZo@?CF8aQ0$))McmN6s5G0#9 z(oZGhw(67!0G=VeW|Yy^WJWLgJvVWqZv~aJi~28Q@0;iU2&`Vc8!*zSTncO%0oKMz z>cJa64dd$Yv*}6Dx!S1q13zE&2sIDmzC$%0$;QDLf8Npg+F#{%5S`DzwKkm`+7aBE ztE{65zhEJYG=mijm1rt}-<&OWt8NhIyKhIHCv8X}A2Uj(Sy4`z{5yUzF&z}-=~1Ym z86h!ksfa6lQPjTeuCvzZ{DZnXv=Fvp9~7dq*D48R|8U{xE2EmD0 I$&TLYr`phxKL7v# literal 0 HcmV?d00001 diff --git a/gpg2.changes b/gpg2.changes index ee39e4e..e6f1f8d 100644 --- a/gpg2.changes +++ b/gpg2.changes @@ -1,3 +1,13 @@ +------------------------------------------------------------------- +Thu Sep 3 17:16:41 UTC 2020 - Andreas Stieger + +- GnuPG 2.2.23: + * gpg: fix AHEAD preference list overflow boo#1176034 + * gpg: fix possible segv in the key cleaning code + * gpgsm: fix a minor RFC2253 parser gub + * scdaemon: Fix a PIN verify failure on certain OpenPGP card + implementations + ------------------------------------------------------------------- Tue Sep 1 21:09:57 UTC 2020 - Andreas Stieger diff --git a/gpg2.spec b/gpg2.spec index 3ce7253..629389a 100644 --- a/gpg2.spec +++ b/gpg2.spec @@ -17,7 +17,7 @@ Name: gpg2 -Version: 2.2.22 +Version: 2.2.23 Release: 0 Summary: File encryption, decryption, signature creation and verification utility License: GPL-3.0-or-later From d42a10b1269c8c41c6d1fca72c8bc99f34e02d21b2c8dbb9d78ed9a91b6fdbfe Mon Sep 17 00:00:00 2001 From: Marcus Meissner Date: Thu, 3 Sep 2020 18:07:32 +0000 Subject: [PATCH 3/3] * gpg: fix AHEAD preference list overflow boo#1176034 / CVE-2020-25125 OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=255 --- gpg2.changes | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gpg2.changes b/gpg2.changes index e6f1f8d..634ee52 100644 --- a/gpg2.changes +++ b/gpg2.changes @@ -2,7 +2,7 @@ Thu Sep 3 17:16:41 UTC 2020 - Andreas Stieger - GnuPG 2.2.23: - * gpg: fix AHEAD preference list overflow boo#1176034 + * gpg: fix AHEAD preference list overflow boo#1176034 / CVE-2020-25125 * gpg: fix possible segv in the key cleaning code * gpgsm: fix a minor RFC2253 parser gub * scdaemon: Fix a PIN verify failure on certain OpenPGP card