From 8cc55ed8a4c564d9c608fb4a18b5ef0d0f7f85c91b57e0a24578892294d1ca50 Mon Sep 17 00:00:00 2001
From: Andreas Stieger <andreas.stieger@gmx.de>
Date: Tue, 20 Dec 2016 19:34:32 +0000
Subject: [PATCH] Accepting request 447203 from security:privacy

GnuPG 2.1.17

OBS-URL: https://build.opensuse.org/request/show/447203
OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=154
---
 gnupg-2.1.16.tar.bz2                    |   3 ---
 gnupg-2.1.16.tar.bz2.sig                | Bin 310 -> 0 bytes
 gnupg-2.1.17.tar.bz2                    |   3 +++
 gnupg-2.1.17.tar.bz2.sig                | Bin 0 -> 310 bytes
 gnupg-add_legacy_FIPS_mode_option.patch |  26 ++++++++++++------------
 gpg2.changes                            |  23 +++++++++++++++++++++
 gpg2.spec                               |   9 ++++----
 7 files changed, 43 insertions(+), 21 deletions(-)
 delete mode 100644 gnupg-2.1.16.tar.bz2
 delete mode 100644 gnupg-2.1.16.tar.bz2.sig
 create mode 100644 gnupg-2.1.17.tar.bz2
 create mode 100644 gnupg-2.1.17.tar.bz2.sig

diff --git a/gnupg-2.1.16.tar.bz2 b/gnupg-2.1.16.tar.bz2
deleted file mode 100644
index 798b1c2..0000000
--- a/gnupg-2.1.16.tar.bz2
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:49b9a6a6787ad00d4d2d69d8c7ee8905923782583f06078a064a0c80531d8844
-size 5840687
diff --git a/gnupg-2.1.16.tar.bz2.sig b/gnupg-2.1.16.tar.bz2.sig
deleted file mode 100644
index d4a02a2ce6be02d59c38789566876703df87d07afead4f3c6d60e4cace9b2b92..0000000000000000000000000000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 310
zcmV-60m=S}0W$;u0SEvc79j-KX(1!T23_i24?49Zn>o@?CF8aQ0$4944gd-X5G0#9
z(oZGhwtfW%{w))1_Af6Xm8_3OZJJ07e>&z(X5q(`K_U-rjoIutjEd~gUMuaLNSi0N
znS=X<Ce`xFH<s^;dOZ_-L+&hHVN8F-EXuWi&4_UZJ`tsfSsq~2hNpw<yO(1}u!)H<
zXtu)z`MPr89Z#K(%zr=(@CrVu#nr?{0sH9mljKiPaD^};Byc)`PZ_a#rA;e@@V!Gw
zS|_e~9h@olz2sm_CPcy%8^F^Y2wT1<Qlu@tCP_>Zqa7iNE{rEKwKkrU^$LV%vQu~*
zF6`vD&((G}N_+sJruJv9xe~93P+8|m7Rn*xV-VgbxJen{*V@E}13mySS}5k)<os{O
IWOY+z(?ny6egFUf

diff --git a/gnupg-2.1.17.tar.bz2 b/gnupg-2.1.17.tar.bz2
new file mode 100644
index 0000000..69dafdb
--- /dev/null
+++ b/gnupg-2.1.17.tar.bz2
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:c5dc54db432209fa8f9bdb071c8fb60a765ff28e363150e30bdd4543160243cb
+size 5970042
diff --git a/gnupg-2.1.17.tar.bz2.sig b/gnupg-2.1.17.tar.bz2.sig
new file mode 100644
index 0000000000000000000000000000000000000000000000000000000000000000..f71c2aa2c907d622e8211a06ae9c15bdd18e621b80bcc6aa767f2e9cca94352a
GIT binary patch
literal 310
zcmV-60m=S}0W$;u0SEvc79j-KX(1!T23_i24?49Zn>o@?CF8aQ0$5o&RsaeK5G0#9
z(oZGhw%GRv{ydRqy|K*8{Xy<6&+0q1vLs#Y&<opy+~C5?<!jCb^hhC6=Qzg^GzhOP
zjUOgSn^3`#)Nf(zK@v$%K=SV9ahC>a>u=fm9KIfPxcz^q1ii%qSG_$xG?IjyZVCEd
z_nY&dIWBsykDv#zGgH$3<&8s!fEs0k-vhB<2F^kEVXt$A_%t5|?XDhT=V%t{=}QJV
zioT#9i~U7T;*n$eI=bKXipRc%5*Way@@T$y+24)j!Oe7W#0>U-Mkbn-Ll(CLdkQLC
zxR80uRk36{vv619^65P#l3|quFC6!Y$)j|52(|eUd!1eMIv*=r1E00XYzAcG#Q0}M
IFdXSr9K&vutN;K2

literal 0
HcmV?d00001

diff --git a/gnupg-add_legacy_FIPS_mode_option.patch b/gnupg-add_legacy_FIPS_mode_option.patch
index 08193b4..31833ba 100644
--- a/gnupg-add_legacy_FIPS_mode_option.patch
+++ b/gnupg-add_legacy_FIPS_mode_option.patch
@@ -3,11 +3,11 @@
  g10/gpg.c    |    9 +++++++++
  2 files changed, 27 insertions(+)
 
-Index: gnupg-2.1.15/doc/gpg.texi
+Index: gnupg-2.1.17/doc/gpg.texi
 ===================================================================
---- gnupg-2.1.15.orig/doc/gpg.texi
-+++ gnupg-2.1.15/doc/gpg.texi
-@@ -1992,6 +1992,24 @@ implies, this option is for experts only
+--- gnupg-2.1.17.orig/doc/gpg.texi
++++ gnupg-2.1.17/doc/gpg.texi
+@@ -2034,6 +2034,24 @@ implies, this option is for experts only
  understand the implications of what it allows you to do, leave this
  off. @option{--no-expert} disables this option.
  
@@ -32,11 +32,11 @@ Index: gnupg-2.1.15/doc/gpg.texi
  @end table
  
  
-Index: gnupg-2.1.15/g10/gpg.c
+Index: gnupg-2.1.17/g10/gpg.c
 ===================================================================
---- gnupg-2.1.15.orig/g10/gpg.c
-+++ gnupg-2.1.15/g10/gpg.c
-@@ -409,6 +409,7 @@ enum cmd_and_opt_values
+--- gnupg-2.1.17.orig/g10/gpg.c
++++ gnupg-2.1.17/g10/gpg.c
+@@ -415,6 +415,7 @@ enum cmd_and_opt_values
      oOnlySignTextIDs,
      oDisableSignerUID,
      oSender,
@@ -44,17 +44,17 @@ Index: gnupg-2.1.15/g10/gpg.c
  
      oNoop
    };
-@@ -830,6 +831,7 @@ static ARGPARSE_OPTS opts[] = {
+@@ -857,6 +858,7 @@ static ARGPARSE_OPTS opts[] = {
    ARGPARSE_s_n (oAllowMultipleMessages,      "allow-multiple-messages", "@"),
    ARGPARSE_s_n (oNoAllowMultipleMessages, "no-allow-multiple-messages", "@"),
    ARGPARSE_s_n (oAllowWeakDigestAlgos, "allow-weak-digest-algos", "@"),
 +  ARGPARSE_s_n (oSetLegacyFips, "set-legacy-fips", "@"),
  
-   /* These two are aliases to help users of the PGP command line
-      product use gpg with minimal pain.  Many commands are common
-@@ -3373,6 +3375,13 @@ main (int argc, char **argv)
+   ARGPARSE_s_s (oDefaultNewKeyAlgo, "default-new-key-algo", "@"),
  
-           case oNoAutostart: opt.autostart = 0; break;
+@@ -3510,6 +3512,13 @@ main (int argc, char **argv)
+             opt.def_new_key_algo = pargs.r.ret_str;
+             break;
  
 +	  case oSetLegacyFips:
 +	    if(gcry_fips_mode_active())
diff --git a/gpg2.changes b/gpg2.changes
index 3f672be..4e43dd6 100644
--- a/gpg2.changes
+++ b/gpg2.changes
@@ -1,3 +1,26 @@
+-------------------------------------------------------------------
+Tue Dec 20 18:58:55 UTC 2016 - astieger@suse.com
+
+- GnuPG 2.1.17:
+ * gpg: By default new keys expire after 2 years.
+ * gpg: New command --quick-set-expire to conveniently change the
+   expiration date of keys.
+ * gpg: Option and command names have been changed for easier
+   comprehension.  The old names are still available as aliases.
+ * gpg: Improved the TOFU trust model.
+ * gpg: New option --default-new-key-algo.
+ * scd: Support OpenPGP card V3 for RSA.
+ * dirmngr: Support for the ADNS library has been removed. Now using
+   bundled libdns, enabling Tor support on all platforms.
+   New option --standard-resolver can be used to disable this code
+   at runtime.
+ * dirmngr: Lazily launch ldap reaper thread.
+ * tools: New options --check and --status-fd for gpg-wks-client.
+ * The UTF-8 byte order mark is now skipped when reading conf files.
+ * Fixed many bugs and regressions.
+ * Major improvements to the test suite.  For example it is possible
+   to run the external test suite of GPGME.
+
 -------------------------------------------------------------------
 Sat Nov 19 22:07:13 UTC 2016 - astieger@suse.com
 
diff --git a/gpg2.spec b/gpg2.spec
index 6f39bb8..34c35dc 100644
--- a/gpg2.spec
+++ b/gpg2.spec
@@ -17,7 +17,7 @@
 
 
 Name:           gpg2
-Version:        2.1.16
+Version:        2.1.17
 Release:        0
 Summary:        GnuPG 2
 License:        GPL-3.0+
@@ -36,7 +36,6 @@ Patch9:         gnupg-detect_FIPS_mode.patch
 Patch11:        gnupg-add_legacy_FIPS_mode_option.patch
 BuildRequires:  expect
 BuildRequires:  fdupes
-BuildRequires:  libadns-devel
 BuildRequires:  libassuan-devel >= 2.4.3
 BuildRequires:  libgcrypt-devel >= 1.7.0
 BuildRequires:  libgpg-error-devel >= 1.24
@@ -44,7 +43,7 @@ BuildRequires:  libksba-devel >= 1.3.4
 BuildRequires:  makeinfo
 BuildRequires:  npth-devel >= 1.2
 BuildRequires:  openldap2-devel
-BuildRequires:  pkg-config
+BuildRequires:  pkgconfig
 BuildRequires:  readline-devel
 BuildRequires:  pkgconfig(bzip2)
 BuildRequires:  pkgconfig(gnutls) >= 3.0
@@ -107,7 +106,7 @@ date=$(date -u +%%Y-%%m-%%dT%%H:%%M+0000 -r %{SOURCE99})
 make %{?_smp_mflags}
 
 %install
-make DESTDIR=%{buildroot} install %{?_smp_mflags}
+make %{?_smp_mflags} DESTDIR=%{buildroot} install
 mkdir -p %{buildroot}%{_sysconfdir}/gnupg/
 # bnc#391347
 install -m 644 doc/examples/gpgconf.conf %{buildroot}%{_sysconfdir}/gnupg
@@ -152,7 +151,7 @@ install -m 755 tools/gpg-zip %{buildroot}/%{_bindir}
 %files
 %defattr(-,root,root)
 %{_infodir}/gnupg*
-%{_mandir}/*/*.gz
+%{_mandir}/*/*%{ext_man}
 %doc %{_docdir}/%{name}
 %{_bindir}/*
 %{_libdir}/[^d]*