Commit Graph

214 Commits

Author SHA256 Message Date
90cb1f61d3 Accepting request 1046530 from home:david.anes:branches:Base:System
- Updated to require libgpg-error-devel >= 1.46
- Rebased patches:
  * gnupg-allow-import-of-previously-known-keys-even-without-UIDs.patch
  * gnupg-add_legacy_FIPS_mode_option.patch
- GnuPG 2.4.0:
  * common: Fix translations in --help for gpgrt < 1.47.
  * gpg: Do not continue the export after a cancel for the primary key.
  * gpg: Replace use of PRIu64 in log_debug.
  * Update NEWS for 2.4.0.
  * tests: Fix make check with GPGME.
  * agent: Allow arguments to "scd serialno" in restricted mode.
  * scd:p15: Skip deleted records.
  * build: Remove Windows CE support.
  * wkd: Do not send/install/mirror expired user ids.
  * gpgsm: Print the revocation time also with --verify.
  * gpgsm: Fix "problem re-searching certificate" case.
  * gpgsm: Print revocation date and reason in cert listings.
  * gpgsm: Silence the "non-critical certificate policy not allowed".
  * gpgsm: Always use the chain model if the root-CA requests this.
  * gpg: New export option "mode1003".
  * gpg: Remove a mostly duplicated function.
  * tests: Simplify fake-pinentry to use the option only.
  * tests: Fix fake-pinentry for Windows.
  * tests: Fix make check-all.
  * agent: Fix import of protected v5 keys.
  * gpgsm: Change default algo to AES-256.
  * tests: Put a workaround for semihosted environment.
  * tests: More fix for semihosted environment.
  * tests: Support semihosted environment.
  * tests: Fix tests under cms.

OBS-URL: https://build.opensuse.org/request/show/1046530
OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=282
2023-01-03 14:26:43 +00:00
1567d49408 Accepting request 1012076 from home:pmonrealgonzalez:branches:Base:System
- GnuPG 2.3.8:
  * gpg: Do not consider unknown public keys as non-compliant while
    decrypting.
  * gpg: Avoid to emit a compliance mode line if Libgcrypt is
    non-compliant.
  * gpg: Improve --edit-key setpref command to ease c+p.
  * gpg: Emit an ERROR status if --quick-set-primary-uid fails and
    allow to pass the user ID by hash.
  * gpg: Actually show symmetric+pubkey encrypted data as de-vs
    compliant.  Add extra compliance checks for symkey_enc packets.
  * gpg: In de-vs mode use SHA-256 instead of SHA-1 as implicit
    preference.
  * gpgsm: Fix reporting of bad passphrase error during PKCS#11
    import.
  * agent: Fix a regression in "READKEY --format=ssh".
  * agent: New option --need-attr for KEYINFO.
  * agent: New attribute "Remote-list" for use by KEYINFO.
  * scd: Fix problem with Yubikey 5.4 firmware.
  * dirmngr: Fix CRL Distribution Point fallback to other schemes.
  * dirmngr: New LDAP server flag "areconly" (A-record-only).
  * dirmngr: Fix upload of multiple keys for an LDAP server specified
    using the colon format.
  * dirmngr: Use LDAP schema v2 when a Base DN is specified.
  * dirmngr: Avoid caching expired certificates.
  * wkd: Fix path traversal attack in gpg-wks-server. Add the mail
    address to the pending request data.
  * wkd: New command --mirror for gpg-wks-client.
  * gpg-auth: New tool for authentication.
  * New common.conf option no-autostart.
  * Silence warnings from AllowSetForegroundWindow unless

OBS-URL: https://build.opensuse.org/request/show/1012076
OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=280
2022-10-17 18:43:45 +00:00
a47f80ec30 Accepting request 993834 from security:privacy
Fix YubiKey 5 Nano support (boo#1202201)

OBS-URL: https://build.opensuse.org/request/show/993834
OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=278
2022-08-08 20:32:26 +00:00
5d908c5a8d Accepting request 988764 from home:AndreasStieger:branches:Base:System
GnuPG 2.3.7 CVE-2022-34903 boo#1201225

OBS-URL: https://build.opensuse.org/request/show/988764
OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=276
2022-07-18 07:38:55 +00:00
3e92c112c1 - added tpm support, added a new subpackage gpg2-tpm
OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=274
2022-05-16 09:13:17 +00:00
f51bd484ac Accepting request 976484 from home:jejb1:gpg2
Enable tpm2 support which now exists in gpg2

This request enables tpm2 as a separate packaged add on (so the original gpg2 package and its dependencies is unchanged and the new gpg2-tpm package contains all the tpm2 dependencies).  To enable tpm2 support in
gpg2, you simply install gpg2-tpm and the keytotpm command will then just work

OBS-URL: https://build.opensuse.org/request/show/976484
OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=273
2022-05-16 08:30:58 +00:00
5f351f08d1 Accepting request 972712 from home:AndreasStieger:branches:Base:System
GnuPG 2.3.6

OBS-URL: https://build.opensuse.org/request/show/972712
OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=271
2022-05-06 07:34:40 +00:00
fba2d943b4 Accepting request 942132 from home:AndreasStieger:branches:Base:System
GnuPG 2.3.4

OBS-URL: https://build.opensuse.org/request/show/942132
OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=270
2021-12-22 16:48:47 +00:00
92a47f5ddd Accepting request 924947 from home:AndreasStieger:branches:Base:System
GnuPG 2.3.3

OBS-URL: https://build.opensuse.org/request/show/924947
OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=269
2021-10-15 12:24:25 +00:00
929791d8d3 Accepting request 914200 from home:pmonrealgonzalez:branches:Base:System
- GnuPG 2.3.2:
  * gpg: Allow fingerprint based lookup with --locate-external-key.
  * gpg: Allow decryption w/o public key but with correct card inserted.
  * gpg: Auto import keys specified with --trusted-keys.
  * gpg: Do not use import-clean for LDAP keyserver imports.
  * gpg: Fix mailbox based search via AKL keyserver method.
  * gpg: Fix memory corruption with --clearsign introduced with 2.3.1.
  * gpg: Use a more descriptive prompt for symmetric decryption.
  * gpg: Improve speed of secret key listing.
  * gpg: Support keygrip search with traditional keyring.
  * gpg: Let --fetch-key return an exit code on failure.
  * gpg: Emit the NO_SECKEY status again for decryption.
  * gpgsm: Support decryption of password based encryption (pwri).
  * gpgsm: Support AES-GCM decryption.
  * gpgsm: Let --dump-cert --show-cert also print an OpenPGP fingerprint.
  * gpgsm: Fix finding of issuer in use-keyboxd mode.
  * gpgsm: New option --ldapserver as an alias for --keyserver.
  * agent: Use SHA-256 for SSH fingerprint by default.
  * agent: Fix calling handle_pincache_put.
  * agent: Fix importing protected secret key.
  * agent: Fix a regression in agent_get_shadow_info_type.
  * agent: Add translatable text for Caps Lock hint.
  * agent: New option --pinentry-formatted-passphrase.
  * agent: Add checkpin inquiry for pinentry.
  * agent: New option --check-sym-passphrase-pattern.
  * agent: Use the sysconfdir for a pattern file.
  * agent: Make QT_QPA_PLATFORMTHEME=qt5ct work for the pinentry.
  * dirmngr: LDAP search by a mailbox now ignores revoked keys.
  * dirmngr: For KS_SEARCH return the fingerprint also with LDAP.
  * dirmngr: Allow for non-URL specified ldap keyservers.

OBS-URL: https://build.opensuse.org/request/show/914200
OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=268
2021-08-27 11:48:41 +00:00
0b19f2992d Accepting request 899451 from home:pmonrealgonzalez:branches:Base:System
- GnuPG 2.3.1:
  * The new configuration file common.conf is now used to enable
    the use of the key database daemon with "use-keyboxd". Using
    this option in gpg.conf and gpgsm.conf is supported for a
    transitional period. See doc/example/common.conf for more.
  * gpg: Force version 5 key creation for ed448 and cv448 algorithms.
  * gpg: By default do not use the self-sigs-only option when
    importing from an LDAP keyserver.
  * gpg: Lookup a missing public key of the active card via LDAP.
  * gpgsm: New command --show-certs.
  * scd: Fix CCID driver for SCM SPR332/SPR532.
  * scd: Further improvements for PKCS#15 cards.
  * New configure option --with-tss to allow the selection of the
    TSS library.
- Rebase patches:
  * gnupg-add_legacy_FIPS_mode_option.patch
  * gnupg-allow-import-of-previously-known-keys-even-without-UIDs.patch
  * gnupg-dont-fail-with-seahorse-agent.patch
  * gnupg-set_umask_before_open_outfile.patch

- GnuPG 2.3.0:
  * A new experimental key database daemon is provided.  To enable
    it put "use-keyboxd" into gpg.conf and gpgsm.conf.  Keys are stored
    in a SQLite database and make key lookup much faster.
  * New tool gpg-card as a flexible frontend for all types of
    supported smartcards.
  * New option --chuid for gpg, gpgsm, gpgconf, gpg-card, and
    gpg-connect-agent.
  * The gpg-wks-client tool is now installed under bin; a wrapper for
    its old location at libexec is also installed.

OBS-URL: https://build.opensuse.org/request/show/899451
OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=267
2021-06-21 14:51:47 +00:00
8c6498bf40 Accepting request 899100 from home:AndreasStieger:branches:Base:System
- Remove the "files-are-digests" option from the openSUSE package.
  This feature was not upstream and only used in the OBS signing
  daemon. The recommended upstream feature for separating the data
  to be signed from the private keys is gpg agent forwarding,
  available from 2.1. Drop gnupg-2.2.8-files-are-digests.patch

OBS-URL: https://build.opensuse.org/request/show/899100
OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=265
2021-06-11 09:17:32 +00:00
e859003726 Accepting request 888302 from home:AndreasStieger:branches:Base:System
Let's leave Factory at 2.2.x, and put 2.3.x into security:privacy until it becomes stable at 2.4.x. See SR#888300

OBS-URL: https://build.opensuse.org/request/show/888302
OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=264
2021-04-26 09:47:29 +00:00
58d8332fde Accepting request 883690 from home:AndreasStieger:branches:Base:System
GnuPG 2.3.0

OBS-URL: https://build.opensuse.org/request/show/883690
OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=263
2021-04-17 14:15:27 +00:00
c9e0dcf362 Accepting request 862726 from home:AndreasStieger:branches:Base:System
GnuPG 2.2.27

OBS-URL: https://build.opensuse.org/request/show/862726
OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=261
2021-01-15 10:22:29 +00:00
0de8e05766 Accepting request 850318 from home:AndreasStieger:branches:Base:System
GnuPG 2.2.25

OBS-URL: https://build.opensuse.org/request/show/850318
OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=259
2020-11-26 09:55:58 +00:00
441b25f76d Accepting request 849176 from home:AndreasStieger:branches:Base:System
GnuPG 2.2.24

OBS-URL: https://build.opensuse.org/request/show/849176
OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=257
2020-11-18 09:45:38 +00:00
d42a10b126 * gpg: fix AHEAD preference list overflow boo#1176034 / CVE-2020-25125
OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=255
2020-09-03 18:07:32 +00:00
03802fc910 Accepting request 831935 from home:AndreasStieger:branches:Base:System
GnuPG 2.2.23
with security fix gpg: fix AHEAD preference list overflow boo#1176034

OBS-URL: https://build.opensuse.org/request/show/831935
OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=254
2020-09-03 17:55:58 +00:00
3c3e528fd8 Accepting request 831325 from home:AndreasStieger:branches:Base:System
GnuPG 2.2.22, with keyring refresh

OBS-URL: https://build.opensuse.org/request/show/831325
OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=253
2020-09-02 15:10:22 +00:00
87317a4d5e Accepting request 820859 from home:pmonrealgonzalez:branches:Base:System
- Fix regression in latest gpg2 that makes gpgme fail to build [bsc#1174007]
- Add gnupg-gpgme-t-encrypt-sym.patch

OBS-URL: https://build.opensuse.org/request/show/820859
OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=251
2020-07-14 11:02:45 +00:00
a1dcded9f7 Accepting request 819712 from home:AndreasStieger:branches:Base:System
GnuPG 2.2.21

OBS-URL: https://build.opensuse.org/request/show/819712
OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=250
2020-07-09 11:50:14 +00:00
d54932d177 Accepting request 799267 from home:pmonrealgonzalez:branches:Base:System
- Fix gpgme and gpgme-qt builds on gpg2 2.2.20 update [bsc#1170811]
- Refresh patches:
  * gnupg-2.2.8-files-are-digests.patch
  * gnupg-add_legacy_FIPS_mode_option.patch

OBS-URL: https://build.opensuse.org/request/show/799267
OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=248
2020-04-30 14:04:35 +00:00
Tomáš Chvátal
166cc8d6b6 Accepting request 786987 from home:AndreasStieger:branches:Base:System
GnuPG 2.2.20

OBS-URL: https://build.opensuse.org/request/show/786987
OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=247
2020-03-21 08:06:35 +00:00
Tomáš Chvátal
24f6e57c6d Accepting request 784621 from home:favogt:rpmsmalle
- Split dirmngr into a subpackage to avoid a hard dependency of
  gpg2 on libgnutls

OBS-URL: https://build.opensuse.org/request/show/784621
OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=245
2020-03-13 12:49:16 +00:00
Tomáš Chvátal
85543adb99 Accepting request 776234 from home:pmonrealgonzalez:branches:Base:System
- Fix build with GCC-10: [bsc#1160394]
  * Always use EXTERN_UNLESS_MAIN_MODULE pattern
  * In GCC-10, the default option -fcommon will change to -fno-common
- Add gpg2-gcc10-build-fno-common.patch

OBS-URL: https://build.opensuse.org/request/show/776234
OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=243
2020-02-19 09:09:05 +00:00
Tomáš Chvátal
0905c56a1b Accepting request 762902 from home:pmonrealgonzalez:branches:Base:System
- Accept key updates even without UIDs [bsc#1143158]
- Add patches:
  * gnupg-allow-import-of-previously-known-keys-even-without-UIDs.patch
  * gnupg-accept_subkeys_with_a_good_revocation_but_no_self-sig_during_import.patch
  * gnupg-add-test-cases-for-import-without-uid.patch

OBS-URL: https://build.opensuse.org/request/show/762902
OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=241
2020-01-13 08:40:05 +00:00
Tomáš Chvátal
e32388cbf9 Accepting request 755072 from home:AndreasStieger:branches:Base:System
GnuPG 2.2.19

OBS-URL: https://build.opensuse.org/request/show/755072
OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=239
2019-12-09 07:32:12 +00:00
d539c287c5 Accepting request 751408 from home:pmonrealgonzalez:branches:Base:System
- Update to 2.2.18 [bsc#1157900, CVE-2019-14855]
  * gpg: Changed the way keys are detected on a smartcards; this
    allows the use of non-OpenPGP cards.  In the case of a not very
    likely regression the new option --use-only-openpgp-card is
    available.  [#4681]
  * gpg: The commands --full-gen-key and --quick-gen-key now allow
    direct key generation from supported cards.  [#4681]
  * gpg: Prepare against chosen-prefix SHA-1 collisions in key
    signatures.  This change removes all SHA-1 based key signature
    newer than 2019-01-19 from the web-of-trust.  Note that this
    includes all key signature created with dsa1024 keys.  The new
    option --allow-weak-key-signatues can be used to override the new
    and safer behaviour.  [#4755,CVE-2019-14855]
  * gpg: Improve performance for import of large keyblocks.  [#4592]
  * gpg: Implement a keybox compression run.  [#4644]
  * gpg: Show warnings from dirmngr about redirect and certificate
    problems (details require --verbose as usual).
  * gpg: Allow to pass the empty string for the passphrase if the
    '--passphase=' syntax is used.  [#4633]
  * gpg: Fix printing of the KDF object attributes.
  * gpg: Avoid surprises with --locate-external-key and certain
    --auto-key-locate settings.  [#4662]
  * gpg: Improve selection of best matching key.  [#4713]
  * gpg: Delete key binding signature when deletring a subkey.
    [#4665,#4457]
  * gpg: Fix a potential loss of key sigantures during import with
    self-sigs-only active.  [#4628]
  * gpg: Silence "marked as ultimately trusted" diagnostics if
    option --quiet is used.  [#4634]
  * gpg: Silence some diagnostics during in key listsing even with

OBS-URL: https://build.opensuse.org/request/show/751408
OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=237
2019-11-28 11:22:11 +00:00
Tomáš Chvátal
9fd70b3f74 Accepting request 741446 from home:lnussel:branches:Base:System
- Do not recommend lang package. The lang package already has a
  supplements.

OBS-URL: https://build.opensuse.org/request/show/741446
OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=235
2019-10-21 09:54:11 +00:00
Tomáš Chvátal
02187aebb9 Accepting request 714630 from home:pmonrealgonzalez:branches:Base:System
- Update to 2.2.17 [bsc#1141093]
  * gpg: Do not try the import fallback if the options are already used.
  * gpg: Fix regression in option "self-sigs-only".
  * gpg: With --auto-key-retrieve prefer WKD over keyservers.
  * gpg: Add "self-sigs-only" and "import-clean" to the keyserver options.
  * gpg: Avoid printing false AKL error message.
  * gpg: New command --locate-external-key.
  * gpg: Make the get_pubkey_byname interface easier to understand.
  * gpg: Fallback to import with self-sigs-only on too large keyblocks.
  * gpg: New import and keyserver option "self-sigs-only"
  * gpg: Make read_block in import.c more flexible.
  * dirmngr: fix handling of HTTPS redirections during HKP.
  * dirmngr: Avoid endless loop in case of HTTP error 503.
  * dirmngr: Do not rewrite the redirection for the "openpgpkey" subdomain.
  * dirmngr: Support the new WKD draft with the openpgpkey subdomain.
  * wkd: Change client/server limit back to 64 KiB.
  * tools: gpgconf: Killing order is children-first.
  * Return better error code for some getinfo IPC commands.
  * po: Update Russian translation.

OBS-URL: https://build.opensuse.org/request/show/714630
OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=233
2019-07-11 11:35:13 +00:00
Tomáš Chvátal
bb500be7ab Accepting request 710973 from home:jsikes:branches:Base:System
Finally fixed boo#1137307. Finally! ... Enjoy!

OBS-URL: https://build.opensuse.org/request/show/710973
OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=231
2019-06-20 04:09:17 +00:00
Tomáš Chvátal
147effa398 Accepting request 706483 from home:pmonrealgonzalez:branches:Base:System
- Update to 2.2.16
  * gpg: Fixed i18n markup of some strings.
  * gpg: Allow deletion of subkeys with --delete-[secret-]key.
  * gpg: Do not bail on an invalid packet in the local keyring.
  * gpg: Do not allow creation of user ids larger than our parser allows.
  * gpg: Do not delete any keys if --dry-run is passed.
  * gpg: Fix using --decrypt along with --use-embedded-filename.
  * gpg: Improve the photo image viewer selection.
  * gpg: enable OpenPGP export of cleartext keys with comments.
  * gpg: Do not print a hint to use the deprecated --keyserver option.
  * gpg: Change update_keysig_packet to replace SHA-1 by SHA-256.
  * gpg: Use just the addrspec from the Signer's UID.
  * gpg: Accept also armored data from the WKD.
  * gpg: Set a limit of 5 to the number of keys imported from the WKD.
  * gpg: Don't use EdDSA algo ID for ECDSA curves.
  * agent: Stop scdaemon after reload when disable_scdaemon.
  * agent: For SSH key, don't put NUL-byte at the end.
  * agent: correct length for uri and comment on 64-bit big-endian platforms
  * dirmngr: Allow for other hash algorithms than SHA-1 in OCSP.
  * dirmngr: Improve domaininfo cache update algorithm.
  * dirmngr: Better error code for http status 413.
  * g10: Fix possible null dereference.
  * g10: Fix double free when locating by mbox.
  * g10: Fix symmetric cipher algo constant for ECDH.
  * sm: Avoid confusing diagnostic for the default key.
  * sm: Fix a warning in an es_fopencooie function.
  * gpgconf: Before --launch check that the config file is fine.
  * gpgconf: Support --homedir for --launch.
  * build: Update m4/iconv.m4.
  * doc: correct documentation for gpgconf --kill.

OBS-URL: https://build.opensuse.org/request/show/706483
OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=229
2019-05-30 08:23:36 +00:00
Tomáš Chvátal
dfebaf9022 Accepting request 689283 from home:kbabioch:branches:Base:System
Fixed changes file

OBS-URL: https://build.opensuse.org/request/show/689283
OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=227
2019-03-28 10:26:54 +00:00
Tomáš Chvátal
d9db15d33e Accepting request 689265 from home:kbabioch:branches:Base:System
- Update to 2.2.14
  * sm: Allow decryption even if expired keys are configured.
  * agent: Change command KEYINFO to print ssh fingerprints with other
    hash algos.
  * dirmngr: Fix build problems on Solaris due to the use of reserved
    symbol names.
  * wkd: New commands --print-wkd-hash and --print-wkd-url for
    gpg-wks-client.

OBS-URL: https://build.opensuse.org/request/show/689265
OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=226
2019-03-28 09:20:17 +00:00
Tomáš Chvátal
6dfbd8614c Accepting request 686406 from home:kbabioch:branches:Base:System
- Update to 2.2.14:
  * gpg: Allow import of PGP desktop exported secret keys. Also avoid
    importing secret keys if the secret keyblock is not valid.
  * gpg: Do not error out on version 5 keys in the local keyring.
  * gpg: Make invalid primary key algo obvious in key listings.
  * sm: Do not mark a certificate in a key listing as de-vs compliant
    if its use for a signature will not be possible.
  * sm: Fix certificate creation with key on card.
  * sm: Create rsa3072 bit certificates by default.
  * sm: Print Yubikey attestation extensions with --dump-cert.
  * agent: Fix cancellation handling for scdaemon.
  * agent: Support --mode=ssh option for CLEAR_PASSPHRASE.
  * scd: Fix flushing of the CA-FPR DOs in app-openpgp.
  * scd: Avoid a conflict error with the "undefined" app.
  * dirmngr: Add CSRF protection exception for protonmail.
  * dirmngr: Fix build problems with gcc 9 in libdns.
  * gpgconf: New option --show-socket for use wity --launch.
  * gpgtar: Make option -C work for archive creation.
- Removed patches that are included upstream by now:
  - 0001-libdns-Avoid-using-compound-literals.patch
  - 0002-libdns-Avoid-using-compound-literals-2.patch
  - 0003-libdns-Avoid-using-compound-literals-3.patch
  - 0004-libdns-Avoid-using-compound-literals-4.patch
  - 0005-libdns-Avoid-using-compound-literals-5.patch
  - 0006-libdns-Avoid-using-compound-literals-6.patch
  - 0007-libdns-Avoid-using-compound-literals-7.patch
  - 0008-libdns-Avoid-using-compound-literals-8.patch

OBS-URL: https://build.opensuse.org/request/show/686406
OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=224
2019-03-19 12:28:29 +00:00
Tomáš Chvátal
6a078f40f8 Accepting request 679660 from home:pmonrealgonzalez:branches:Base:System
- Fix build with gcc9 [bsc#1121223]
  * Avoid using compound literals
    - Upstream bug: https://dev.gnupg.org/T4367
  * Added upstream patches:
    - 0001-libdns-Avoid-using-compound-literals.patch
    - 0002-libdns-Avoid-using-compound-literals-2.patch
    - 0003-libdns-Avoid-using-compound-literals-3.patch
    - 0004-libdns-Avoid-using-compound-literals-4.patch
    - 0005-libdns-Avoid-using-compound-literals-5.patch
    - 0006-libdns-Avoid-using-compound-literals-6.patch
    - 0007-libdns-Avoid-using-compound-literals-7.patch
    - 0008-libdns-Avoid-using-compound-literals-8.patch

OBS-URL: https://build.opensuse.org/request/show/679660
OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=222
2019-02-27 08:22:45 +00:00
637188eb82 Accepting request 678281 from home:olh:branches:Base:System
- Allow coredumps in X11 desktop sessions (bsc#1124847)
  gpg-agent unconditionally disables coredumps, which is not
  supposed to happen in the code path that does just exec(argv[])
  gnupg-gpg-agent-ulimit.patch

OBS-URL: https://build.opensuse.org/request/show/678281
OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=221
2019-02-26 17:21:53 +00:00
b8b9908935 Accepting request 674396 from home:kbabioch:branches:Base:System
- Update to 2.2.13:
  * gpg: Implement key lookup via keygrip (using the & prefix).
  * gpg: Allow generating Ed25519 key from existing key.
  * gpg: Emit an ERROR status line if no key was found with -k.
  * gpg: Stop early when trying to create a primary Elgamal key.
  * gpgsm: Print the card's key algorithms along with their keygrips
    in interactive key generation.
  * agent: Clear bogus pinentry cache in the error case.
  * scd: Support "acknowledge button" feature.
  * scd: Fix for USB INTERRUPT transfer.
  * wks: Do no use compression for the the encrypted challenge and response.
Release-info: https://dev.gnupg.org/T4290
See-also: gnupg-announce/2019q1/000434.html

- Update to 2.2.12:

OBS-URL: https://build.opensuse.org/request/show/674396
OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=219
2019-02-13 06:56:04 +00:00
Tomáš Chvátal
e8a2e1cb86 Accepting request 658084 from home:atopt:branches:Base:System
-Update to 2.2.12:
  * tools: New commands --install-key and --remove-key for
    gpg-wks-client.  This allows to prepare a Web Key Directory on a
    local file system for later upload to a web server.
  * gpg: New --list-option "show-only-fpr-mbox".  This makes the use
    of the new gpg-wks-client --install-key command easier on Windows.
  * gpg: Improve processing speed when --skip-verify is used.
  * gpg: Fix a bug where a LF was accidentally written to the console.
  * gpg: --card-status now shwos whether a card has the new KDF
    feature enabled.
  * agent: New runtime option --s2k-calibration=MSEC.  New configure
    option --with-agent-s2k-calibration=MSEC.  [#3399]
  * dirmngr: Try another keyserver from the pool on receiving a 502,
    503, or 504 error.  [#4175]
  * dirmngr: Avoid possible CSRF attacks via http redirects.  A HTTP
    query will not anymore follow a 3xx redirect unless the Location
    header gives the same host.  If the host is different only the
    host and port is taken from the Location header and the original
    path and query parts are kept.
  * dirmngr: New command FLUSHCRL to flush all CRLS from disk and
    memory.  [#3967]

OBS-URL: https://build.opensuse.org/request/show/658084
OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=217
2018-12-15 09:09:24 +00:00
Tomáš Chvátal
15416dc96c OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=215 2018-11-12 07:39:44 +00:00
Tomáš Chvátal
72a4d09e3e Accepting request 647368 from home:elvigia:branches:Base:System
- Code no longer uses libcurl, remove from buildrequires.

OBS-URL: https://build.opensuse.org/request/show/647368
OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=214
2018-11-08 20:43:23 +00:00
234678ce30 Accepting request 646642 from home:kbabioch:branches:Base:System
- Update to 2.2.11:
  * gpgsm: Fix CRL loading when intermediate certicates are not yet trusted.
  * gpgsm: Fix an error message about the digest algo.
  * gpg: Fix a wrong warning due to new sign usage check introduced with 2.2.9.
  * gpg: Print the "data source" even for an unsuccessful keyserver query.
  * gpg: Do not store the TOFU trust model in the trustdb.
  * scd: Fix cases of "Bad PIN" after using "forcesig".
  * agent: Fix possible hang in the ssh handler.
  * dirmngr: Tack the unmodified mail address to a WKD request.
  * dirmngr: Tweak diagnostic about missing LDAP server file.
  * dirmngr: In verbose mode print the OCSP responder id.
  * dirmngr: Fix parsing of the LDAP port.
  * wks: Add option --directory/-C to the server.
  * wks: Add option --with-colons to the client. 
  * Fix EBADF when gpg et al. are called by broken CGI scripts.
  * Fix some minor memory leaks and bugs.

OBS-URL: https://build.opensuse.org/request/show/646642
OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=213
2018-11-07 07:22:17 +00:00
9327ae7cc9 Accepting request 639831 from home:bmwiedemann:branches:Base:System
Make package build reproducible (boo#1047218)

doc/mkdefsinc.c used the mtime for info file date

doc/Makefile.am:180 would empty defsincdate and thereby change date in man pages

OBS-URL: https://build.opensuse.org/request/show/639831
OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=211
2018-10-09 09:24:41 +00:00
4a257d029e OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=209 2018-08-30 14:24:22 +00:00
2ede4f9497 Accepting request 632343 from home:kbabioch:branches:Base:System
- Update to 2.2.10:
- Refresh expired keys originating from the WKD.
- Use a 256 KiB limit for a WKD imported key.
- New option --known-notation.
- dirmngr: Validate SRV records in WKD queries.

OBS-URL: https://build.opensuse.org/request/show/632343
OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=208
2018-08-30 14:23:51 +00:00
Tomáš Chvátal
d5b2e196b6 - Add basic udev rules for smartcards to be used with
scdaemon, taken from debian:
  * scdaemon.udev

OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=206
2018-07-25 06:15:59 +00:00
b97c394713 Accepting request 622428 from security:privacy
GnuPG 2.2.9

OBS-URL: https://build.opensuse.org/request/show/622428
OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=204
2018-07-13 07:19:53 +00:00
a1f48048e7 tweak patches
OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=202
2018-06-08 14:38:26 +00:00
539c3348ab OBS-URL: https://build.opensuse.org/package/show/Base:System/gpg2?expand=0&rev=201 2018-06-08 14:30:19 +00:00