-Update to 2.2.12:
* tools: New commands --install-key and --remove-key for
gpg-wks-client. This allows to prepare a Web Key Directory on a
local file system for later upload to a web server.
* gpg: New --list-option "show-only-fpr-mbox". This makes the use
of the new gpg-wks-client --install-key command easier on Windows.
* gpg: Improve processing speed when --skip-verify is used.
* gpg: Fix a bug where a LF was accidentally written to the console.
* gpg: --card-status now shwos whether a card has the new KDF
feature enabled.
* agent: New runtime option --s2k-calibration=MSEC. New configure
option --with-agent-s2k-calibration=MSEC. [#3399]
* dirmngr: Try another keyserver from the pool on receiving a 502,
503, or 504 error. [#4175]
* dirmngr: Avoid possible CSRF attacks via http redirects. A HTTP
query will not anymore follow a 3xx redirect unless the Location
header gives the same host. If the host is different only the
host and port is taken from the Location header and the original
path and query parts are kept.
* dirmngr: New command FLUSHCRL to flush all CRLS from disk and
memory. [#3967]
OBS-URL: https://build.opensuse.org/request/show/658084
OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=217
- Code no longer uses libcurl, remove from buildrequires.
- Update to 2.2.11:
* gpgsm: Fix CRL loading when intermediate certicates are not yet trusted.
* gpgsm: Fix an error message about the digest algo.
* gpg: Fix a wrong warning due to new sign usage check introduced with 2.2.9.
* gpg: Print the "data source" even for an unsuccessful keyserver query.
* gpg: Do not store the TOFU trust model in the trustdb.
* scd: Fix cases of "Bad PIN" after using "forcesig".
* agent: Fix possible hang in the ssh handler.
* dirmngr: Tack the unmodified mail address to a WKD request.
* dirmngr: Tweak diagnostic about missing LDAP server file.
* dirmngr: In verbose mode print the OCSP responder id.
* dirmngr: Fix parsing of the LDAP port.
* wks: Add option --directory/-C to the server.
* wks: Add option --with-colons to the client.
* Fix EBADF when gpg et al. are called by broken CGI scripts.
* Fix some minor memory leaks and bugs.
OBS-URL: https://build.opensuse.org/request/show/648382
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/gpg2?expand=0&rev=133
- Update to 2.2.11:
* gpgsm: Fix CRL loading when intermediate certicates are not yet trusted.
* gpgsm: Fix an error message about the digest algo.
* gpg: Fix a wrong warning due to new sign usage check introduced with 2.2.9.
* gpg: Print the "data source" even for an unsuccessful keyserver query.
* gpg: Do not store the TOFU trust model in the trustdb.
* scd: Fix cases of "Bad PIN" after using "forcesig".
* agent: Fix possible hang in the ssh handler.
* dirmngr: Tack the unmodified mail address to a WKD request.
* dirmngr: Tweak diagnostic about missing LDAP server file.
* dirmngr: In verbose mode print the OCSP responder id.
* dirmngr: Fix parsing of the LDAP port.
* wks: Add option --directory/-C to the server.
* wks: Add option --with-colons to the client.
* Fix EBADF when gpg et al. are called by broken CGI scripts.
* Fix some minor memory leaks and bugs.
OBS-URL: https://build.opensuse.org/request/show/646642
OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=213
- Applied spec-cleaner
- Refreshed patches
- Update to version 2.2.8:
* gpg: Decryption of messages not using the MDC mode will now lead to a
hard failure even if a legacy cipher algorithm was used. The option
--ignore-mdc-error can be used to turn this failure into a warning. Take
care: Never use that option unconditionally or without a prior warning.
* gpg: The MDC encryption mode is now always used regardless of the
cipher algorithm or any preferences. For testing --rfc2440 can be
used to create a message without an MDC.
* gpg: Sanitize the diagnostic output of the original file name in
verbose mode.
* gpg: Detect suspicious multiple plaintext packets in a more reliable way.
* gpg: Fix the duplicate key signature detection code.
* gpg: The options --no-mdc-warn, --force-mdc, --no-force-mdc,
--disable-mdc and --no-disable-mdc have no more effect.
* agent: Add DBUS_SESSION_BUS_ADDRESS and a few other envvars to the
list of startup environment variables.
OBS-URL: https://build.opensuse.org/request/show/615233
OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=198
