-------------------------------------------------------------------
Fri Dec 26 21:15:55 UTC 2014 - andreas.stieger@gmx.de

- update to 2.1.1:
  * gpg: Detect faulty use of --verify on detached signatures.
  * gpg: New import option "keep-ownertrust".
  * gpg: New sub-command "factory-reset" for --card-edit.
  * gpg: A stub key for smartcards is now created by --card-status.
  * gpg: Fixed regression in --refresh-keys.
  * gpg: Fixed regresion in %g and %p codes for --sig-notation.
  * gpg: Fixed best matching hash algo detection for ECDSA and EdDSA.
  * gpg: Improved perceived speed of secret key listisngs.
  * gpg: Print number of skipped PGP-2 keys on import.
  * gpg: Removed the option aliases --throw-keyid and --notation-data;
    use --throw-keyids and --set-notation instead.
  * gpg: New import option "keep-ownertrust".
  * gpg: Skip too large keys during import.
  * gpg,gpgsm: New option --no-autostart to avoid starting gpg-agent or
    dirmngr.
  * gpg-agent: New option --extra-socket to provide a restricted
    command set for use with remote clients.
  * gpgconf --kill does not anymore start a service only to kill it.
  * gpg-pconnect-agent: Add convenience option --uiserver.
  * More translations (but most of them are not complete).
  * To support remotely mounted home directories, the IPC sockets may
    now be redirected.  This feature requires Libassuan 2.2.0.
  * Improved portability and the usual bunch of bug fixes.
- removed patch not part of upstream release:
    gnupg-2.1.0-boo-907198-openpgp_oid_to_str-buffer-overflow.patch
- refresh for context changes:
    gnupg-2.0.18-files-are-digests.patch
    gnupg-2.0.4-install_tools.diff
- refresh for upstream code changes:
    gnupg-add_legacy_FIPS_mode_option.patch
    gnupg-detect_FIPS_mode.patch (MD5 removed)

-------------------------------------------------------------------
Thu Dec 25 18:09:11 UTC 2014 - dev@stellardeath.org

- Support for large RSA keys
  This involves compiling with --enable-large-rsa and
  --enable-large-secmem, as well as patching the number
  of secmem bytes and IPC bytes to slightly larger values.
  See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=739424
  * added gnupg-large_keys.patch
  
-------------------------------------------------------------------
Wed Dec  3 22:37:59 UTC 2014 - andreas.stieger@gmx.de

- update build requirement versions that changed with 2.1.0

-------------------------------------------------------------------
Wed Nov 26 19:21:15 UTC 2014 - andreas.stieger@gmx.de

- fix buffer overflow in OID to string conversion function
  [boo#907198], adding
  gnupg-2.1.0-boo-907198-openpgp_oid_to_str-buffer-overflow.patch

-------------------------------------------------------------------
Tue Nov 11 16:10:04 UTC 2014 - vcizek@suse.com

- obsolete dirmngr (shipped with gpg since 2.1.0)
- spec cleanup after previous update
- get rid of "THIS IS A DEVELOPMENT VERSION" warning
  http://lists.gnupg.org/pipermail/gnupg-devel/2014-November/029065.html
  * added gnupg-remove_development_version_warning.patch

-------------------------------------------------------------------
Thu Nov  6 17:32:39 UTC 2014 - vcizek@suse.com

- upgrade to 2.1.0 (modern)
  - The file "secring.gpg" is not anymore used to store the secret
    keys.  Merging of secret keys is now supported.
  - All support for PGP-2 keys has been removed for security reasons.
  - The standard key generation interface is now much leaner.  This
    will help a new user to quickly generate a suitable key.
  - Support for Elliptic Curve Cryptography (ECC) is now available.
  - Commands to create and sign keys from the command line without any
    extra prompts are now available.
  - The Pinentry may now show the new passphrase entry and the
    passphrase confirmation entry in one dialog.
  - There is no more need to manually start the gpg-agent.  It is now
    started by any part of GnuPG as needed.
  - Problems with importing keys with the same long key id have been
    addressed.
  - The Dirmngr is now part of GnuPG proper and also takes care of
    accessing keyserver.
  - Keyserver pools are now handled in a smarter way.
  - A new format for locally storing the public keys is now used.
    This considerable speeds up operations on large keyrings.
  - Revocation certificates are now created by default.
  - Card support has been updated, new readers and token types are
    supported.
  - The format of the key listing has been changed to better identify
    the properties of a key.
  - The gpg-agent may now be used on Windows as a Pageant replacement
    for Putty in the same way it is used for years on Unix as
    ssh-agent replacement.
  - Creation of X.509 certificates has been improved.  It is now also
    possible to export them directly in PKCS#8 and PEM format for use
    on TLS servers.
- dropped patches:
  * gnupg-2.0.20-automake113.diff
  * gnupg-2.0.18-tmpdir.diff (socket is created in homedir now)
- refresh most of the remaining patches
- added new BuildRequires: gnutls-devel, pkg-config, npth-devel

-------------------------------------------------------------------
Tue Aug 12 20:19:45 UTC 2014 - andreas.stieger@gmx.de

- update to 2.0.26:
 * gpg: Fix a regression in 2.0.24 if a subkey id is given
   to --recv-keys et al.
 * gpg: Cap attribute packets at 16MB.
 * gpgsm: Auto-create the ".gnupg" home directory in the same
   way gpg does.
 * scdaemon: Allow for certificates > 1024 when using PC/SC.
- remove URL from package keyring, upstream file metadata changes

-------------------------------------------------------------------
Tue Jul  1 21:05:55 UTC 2014 - andreas.stieger@gmx.de

- gnupg-add_legacy_FIPS_mode_option.patch (part of [bnc#856312])
  mentions GCRYCTL_INACTIVATE_FIPS_FLAG, raising the requirement
  for gcrypt from 1.4.0 (from configure) to 1.6.1 where said flag
  was introduced. Require this version to build.

-------------------------------------------------------------------
Mon Jun 30 18:52:36 UTC 2014 - andreas.stieger@gmx.de

- update to 2.0.25:
 * gpg: Fix a regression in 2.0.24 if more than one keyid is given
   to --recv-keys et al.
 * gpg: Cap RSA and Elgamal keysize at 4096 bit also for unattended
   key generation.
 * gpgsm: Fix a DISPLAY related problem with
   --export-secret-key-p12.
 * scdaemon: Support reader Gemalto IDBridge CT30.

-------------------------------------------------------------------
Tue Jun 24 22:25:12 UTC 2014 - andreas.stieger@gmx.de

- update to 2.0.24
  Contains a security fix to stop a possible DoS using garbled
  compressed data packets which can be used to put gpg into an
  infinite loop. [bnc#884130] [CVE-2014-4617]
  * gpg: Avoid DoS due to garbled compressed data packets.
- further:
  * gpg: Screen keyserver responses to avoid importing unwanted
    keys from rogue servers.
  * gpg: The validity of user ids is now shown by default. To
    revert this add "list-options no-show-uid-validity" to gpg.conf
  * gpg: Print more specific reason codes with the INV_RECP status.
  * gpg: Allow loading of a cert only key to an OpenPGP card.
  * gpg-agent: Make ssh support for ECDSA keys work with Libgcrypt
    1.6.

-------------------------------------------------------------------
Tue Jun  3 21:55:34 UTC 2014 - andreas.stieger@gmx.de

- update to 2.0.23:
 * gpg: Reject signatures made using the MD5 hash algorithm unless the
   new option --allow-weak-digest-algos or --pgp2 are given.
 * gpg: Do not create a trustdb file if --trust-model=always is used.
 * gpg: Only the major version number is by default included in the
   armored output.
 * gpg: Print a warning if the Gnome-Keyring-Daemon intercepts the
   communication with the gpg-agent.
 * gpg: The format of the fallback key listing ("gpg KEYFILE") is now more
   aligned to the regular key listing ("gpg -k").
 * gpg: The option--show-session-key prints its output now before the
   decryption of the bulk message starts.
 * gpg: New %U expando for the photo viewer.
 * gpgsm: Improved handling of re-issued CA certificates.
 * scdaemon: Various fixes for pinpad equipped card readers.
 * Minor bug fixes.
- Packaging changes:
  * add gpgtar utility
  * update and use use source URL for tarball signing key
  * removed gnupg-2.0.9-RSA_ES.patch, applied upstream
  * updated for context changes:
    gnupg-add_legacy_FIPS_mode_option.patch
    gnupg-2.0.18-files-are-digests.patch
    gnupg-dont-fail-with-seahorse-agent.patch

-------------------------------------------------------------------
Tue Apr 29 12:06:03 UTC 2014 - vcizek@suse.com

- add patch by Stephan Mueller which adds an option to enable
  legacy ciphers in FIPS mode
  * added gnupg-add_legacy_FIPS_mode_option.patch
  (part of bnc#856312)
- added BuildRequires: makeinfo (to build info pages from the
  patched gnupg.texi)

-------------------------------------------------------------------
Fri Feb 14 16:14:14 UTC 2014 - vcizek@suse.com

- install scdaemon to /usr/bin (bnc#863645)

-------------------------------------------------------------------
Sat Oct  5 11:44:42 UTC 2013 - andreas.stieger@gmx.de

- update to 2.0.22 [bnc#844175]
  * Fixed possible infinite recursion in the compressed packet
    parser. [CVE-2013-4402]
  * Improved support for some card readers.
  * Prepared building with the forthcoming Libgcrypt 1.6.
  * Protect against rogue keyservers sending secret keys.
- remove gpg2-CVE-2013-4351.patch, committed upstream

-------------------------------------------------------------------
Mon Sep 16 11:08:55 UTC 2013 - vcizek@suse.com

- fix CVE-2013-4351 (bnc#840510)

-------------------------------------------------------------------
Mon Aug 19 17:59:48 UTC 2013 - andreas.stieger@gmx.de

- update to 2.0.21
 * gpg-agent: By default the users are now asked via the Pinentry
   whether they trust an X.509 root key.  To prohibit interactive
   marking of such keys, the new option --no-allow-mark-trusted may
   be used.
 * gpg-agent: The command KEYINFO has options to add info from
   sshcontrol.
 * The included ssh agent does now support ECDSA keys.
- now requires libgpg-error 1.11
- update gnupg-2.0.9-langinfo.patch for upstream whitespace changes
- drop gnupg-broken-curl-test.patch, no longer required

-------------------------------------------------------------------
Mon Jun 17 12:48:24 UTC 2013 - coolo@suse.com

- revert usage of gpg-offline to avoid cycles

-------------------------------------------------------------------
Mon Jun 17 12:40:10 UTC 2013 - coolo@suse.com

- add gnupg-2.0.20-automake113.diff to fix build with automake 1.13

-------------------------------------------------------------------
Tue May 14 14:00:45 UTC 2013 - vcizek@suse.com

- set safe umask before creating a plaintext file (bnc#780943)
  added gpg2-set_umask_before_open_outfile.patch
- select proper ciphers when running in FIPS mode (bnc#808958)
  added gnupg-detect_FIPS_mode.patch

-------------------------------------------------------------------
Fri May 10 19:33:24 UTC 2013 - andreas.stieger@gmx.de

- update to 2.0.20
 * Decryption using smartcards keys > 3072 bit does now work.
 * New meta option ignore-invalid-option to allow using the same
   option file by other GnuPG versions.
 * gpg: The hash algorithm is now printed for sig records in key listings.
 * gpg: Skip invalid keyblock packets during import to avoid a DoS.
 * gpg: Correctly handle ports from DNS SRV records.
 * keyserver: Improve use of SRV records
 * gpg-agent: Avoid tty corruption when killing pinentry.
 * scdaemon: Improve detection of card insertion and removal.
 * scdaemon: Rename option --disable-keypad to --disable-pinpad.
 * scdaemon: Better support for CCID readers.  Now, the internal CCID
   driver supports readers without the auto configuration feature.
 * scdaemon: Add pinpad input for PC/SC, if your reader has pinpad and
   it supports variable length PIN input, and you specify
   --enable-pinpad-varlen option.
 * scdaemon: New option --enable-pinpad-varlen.
 * scdaemon: Install into libexecdir to avoid accidental execution
   from the command line.
 * Assorted bug fixes.
- refresh gnupg-2.0.9-RSA_ES.patch
- verify gpg signature of source tarball

-------------------------------------------------------------------
Wed Mar 27 12:16:19 UTC 2013 - mmeister@suse.com

- Added url as source.
  Please see http://en.opensuse.org/SourceUrls

-------------------------------------------------------------------
Fri Jan 11 20:26:50 UTC 2013 - lazy.kent@opensuse.org

- BuildRequires: libbz2-devel (support BZIP2 compression
  algorithm) (bnc#798175).

-------------------------------------------------------------------
Wed Apr 18 10:55:34 UTC 2012 - vcizek@suse.com

- Mention some of the changes in Greg's version update

-------------------------------------------------------------------
Tue Mar 27 20:38:27 UTC 2012 - gregkh@opensuse.org

- update to upstream 2.0.19
  * GPG now accepts a space separated fingerprint as a user ID.  This
    allows to copy and paste the fingerprint from the key listing.
  * GPG now uses the longest key ID available.  Removed support for the
    original HKP keyserver which is not anymore used by any site.
  * Rebuild the trustdb after changing the option --min-cert-level.
  * Ukrainian translation.
  * Honor option --cert-digest-algo when creating a cert.
  * Emit a DECRYPTION_INFO status line.
  * Improved detection of JPEG files.

-------------------------------------------------------------------
Tue Dec  6 10:58:36 UTC 2011 - vcizek@suse.com

- fixed licence to GPL-3.0+ (bnc#734878)

-------------------------------------------------------------------
Wed Nov 30 09:55:47 UTC 2011 - coolo@suse.com

- add automake as buildrequire to avoid implicit dependency

-------------------------------------------------------------------
Sat Oct  1 15:53:04 UTC 2011 - crrodriguez@opensuse.org

- Test suite hangs in qemu-arm, workaround. 

-------------------------------------------------------------------
Wed Aug 31 10:00:35 UTC 2011 - puzel@suse.com

- link with -pie 

-------------------------------------------------------------------
Fri Aug 19 01:11:42 UTC 2011 - crrodriguez@opensuse.org

- libcurl.m4 tests were broken, resulting in the usage
  of a "fake" internal libcurl.

-------------------------------------------------------------------
Sat Aug  6 20:19:09 UTC 2011 - andreas.stieger@gmx.de

- update to upstream 2.0.18
 * Bug fix for newer versions of Libgcrypt.
 * Support the SSH confirm flag and show SSH fingerprints in ssh
   related pinentries.
 * Improved dirmngr/gpgsm interaction for OCSP.
 * Allow generation of card keys up to 4096 bit.
- refresh patch gnupg-2.0.10-tmpdir.diff -> gnupg-2.0.18-tmpdir.diff
- refresh patch gnupg-files-are-digests.patch -> gnupg-2.0.18-files-are-digests.patch

-------------------------------------------------------------------
Tue Mar 15 09:29:42 UTC 2011 - puzel@novell.com

- update to gnupg-2.0.17
 * Allow more hash algorithms with the OpenPGP v2 card.
 * The gpg-agent now tests for a new gpg-agent.conf on a HUP.
 * Fixed output of "gpgconf --check-options".
 * Fixed a bug where Scdaemon sends a signal to Gpg-agent running
   in non-daemon mode.
 * Fixed TTY management for pinentries and session variable update
   problem.
- drop gnupg-CVE-2010-2547.patch (in upstream)

-------------------------------------------------------------------
Fri Jan  7 13:24:17 CET 2011 - sbrabec@suse.cz

- Removed obsolete BuildRequires of opensc-devel.

-------------------------------------------------------------------
Sun Oct 31 12:37:02 UTC 2010 - jengelh@medozas.de

- Use %_smp_mflags

-------------------------------------------------------------------
Wed Jul 28 09:39:00 UTC 2010 - puzel@novell.com

- gnupg-CVE-2010-2547.patch (bnc#625947)
- renumber patches

-------------------------------------------------------------------
Mon Jul 19 21:49:40 UTC 2010 - puzel@novell.com

- update to gnupg-2.0.16
 * If the agent's --use-standard-socket option is active, all tools
   try to start and daemonize the agent on the fly.  In the past this
   was only supported on W32; on non-W32 systems the new configure
   option --use-standard-socket may now be used to use this feature by
   default.
 * The gpg-agent commands KILLAGENT and RELOADAGENT are now available
   on all platforms.
 * Minor bug fixes.
- drop gnupg-2.0.14-s2kcount.patch (builds fine without it now)

-------------------------------------------------------------------
Mon Jun  7 09:40:32 UTC 2010 - adrian@suse.de

- add special provides to make sure that obs signd gets correct gpg version

-------------------------------------------------------------------
Fri Apr  9 12:47:11 UTC 2010 - chris@computersalat.de

- fix deps
  o libassuan-devel >= 2.0.0
  o pth / libpth-devel >= 1.3.7
- added BuildReq libcurl-devel >= 7.10
- removed BuildReq openldap2
  is already solved by openldap2-devel
- removed unrecognized configure options
  --enable-external-hkp, --enable-shared, --enable-static-rnd

-------------------------------------------------------------------
Wed Apr  7 14:19:11 UTC 2010 - puzel@novell.com

- add gnupg-dont-fail-with-seahorse-agent.patch (bnc#589994) 

-------------------------------------------------------------------
Wed Mar 31 13:47:00 UTC 2010 - puzel@novell.com

- update to gnupg-2.0.15 
 * New command --passwd for GPG.
 * Fixes a regression in 2.0.14 which prevented unprotection of new
   or changed gpg-agent passphrases.
 * Make use of libassuan 2.0 which is available as a DSO.

-------------------------------------------------------------------
Mon Mar 22 15:09:24 UTC 2010 - puzel@novell.com

- fix files-are-digests patch (bnc#469229)

-------------------------------------------------------------------
Wed Feb 17 13:29:18 CET 2010 - dimstar@opensuse.org

- Update to version 2.0.14:
  + The default for --include-cert is now to include all
    certificates in the chain except for the root certificate.
  + Numerical values may now be used as an alternative to the
    debug-level keywords.
  + The GPGSM --audit-log feature is now more complete.
  + GPG now supports DNS lookups for SRV, PKA and CERT on W32.
  + New GPGSM option --ignore-cert-extension.
  + New and changed passphrases are now created with an iteration
    count requiring about 100ms of CPU work.
- Add gnupg-2.0.14-s2kcount.patch: use fixed s2k-count number
  otherwise the gpg2 would want to consult gpg-agent which is not
  yet installed in the mock chroot (Patch shamelessly stolen from
  Fedora).

-------------------------------------------------------------------
Thu Jan 28 14:15:24 UTC 2010 - puzel@novell.com

- fix build for older distributions 

-------------------------------------------------------------------
Wed Jan 27 16:30:41 UTC 2010 - puzel@novell.com

- port files-are-digests patch from gpg1 (bnc#469229) 

-------------------------------------------------------------------
Tue Dec 15 20:56:35 CET 2009 - jengelh@medozas.de

- enable parallel building
- SPARC needs large PIE model

-------------------------------------------------------------------
Sun Dec  6 08:52:32 UTC 2009 - coolo@novell.com

- change -lang require to recommended

-------------------------------------------------------------------
Fri Nov 13 14:37:58 UTC 2009 - puzel@novell.com

- update to gnupg-2.0.13
 * GPG now generates 2048 bit RSA keys by default.  The default hash
   algorithm preferences has changed to prefer SHA-256 over SHA-1.
   2048 bit DSA keys are now generated to use a 256 bit hash algorithm
 * The envvars XMODIFIERS, GTK_IM_MODULE and QT_IM_MODULE are now
   passed to the Pinentry to make SCIM work.
 * The GPGSM command --gen-key features a --batch mode and implements
   all features of gpgsm-gencert.sh in standard mode.
 * New option --re-import for GPGSM's IMPORT server command.
 * Enhanced writing of existing keys to OpenPGP v2 cards.
 * Add hack to the internal CCID driver to allow the use of some
   Omnikey based card readers with 2048 bit keys.
 * GPG now repeatly asks the user to insert the requested OpenPGP
   card.  This can be disabled with --limit-card-insert-tries=1.
 * Minor bug fixes.
- drop gnupg-2.0.4-default-tty.diff

-------------------------------------------------------------------
Thu Jun 18 13:22:00 CEST 2009 - puzel@novell.com

- update to gnupg-2.0.12
 * GPGSM now always lists ephemeral certificates if specified by
   fingerprint or keygrip.
 * New command "KEYINFO" for GPG_AGENT.  GPGSM now also returns
   information about smartcards.
 * Made sure not to leak file descriptors if running gpg-agent with a
   command.  Restore the signal mask to solve a problem in Mono.
 * Changed order of the confirmation questions for root certificates
   and store negative answers in trustlist.txt.
 * Better synchronization of concurrent smartcard sessions.
 * Support 2048 bit OpenPGP cards.
 * Support Telesec Netkey 3 cards.
 * The gpg-protect-tool now uses gpg-agent via libassuan.
 * Changed code to avoid a possible Mac OS X system freeze.
- drop gpg2-fix-rtsignals.patch (fixed upstream)
- drop gnupg-1.9.22-ccid-driver-fix.diff (unused)

-------------------------------------------------------------------
Thu Jun 11 11:19:58 CEST 2009 - puzel@suse.cz

- change BuildRequires: (pth-devel -> libpth-devel) 

-------------------------------------------------------------------
Mon Jun  1 11:26:12 CEST 2009 - puzel@suse.cz

- BuildRequires: pth-devel 

-------------------------------------------------------------------
Wed Mar 18 13:51:30 CET 2009 - puzel@suse.cz

- add gpg2-fix-rtsignals.patch (bnc#481463)

-------------------------------------------------------------------
Thu Mar  5 13:39:42 CET 2009 - puzel@suse.cz

- update to 2.0.11
  * Fixed a problem in SCDAEMON which caused unexpected card resets.
  * SCDAEMON is now aware of the Geldkarte.
  * The SCDAEMON option --allow-admin is now used by default.
  * GPGCONF now restarts SCdaemon if necessary.
  * The default cipher algorithm in GPGSM is now again 3DES.  This is
    due to interoperability problems with Outlook 2003 which still
    can't cope with AES.
- dropped gnupg-2.0.10-fix-convert.patch (upstream)
- dropped gnupg-2.0.10-fix-missing-option.patch (upstream)
- disabled gnupg-1.9.22-ccid-driver-fix.diff (does not apply and it is
  not clear what it is good for)

-------------------------------------------------------------------
Mon Mar  2 15:53:22 CET 2009 - puzel@suse.cz

- gnupg-2.0.10-fix-missing-option.patch (bnc#477362) 

-------------------------------------------------------------------
Mon Jan 19 16:16:11 CET 2009 - puzel@suse.cz

- add gnupg-2.0.10-fix-convert.patch 
  - fix broken 'make check' on ppc, s390 and s390x

-------------------------------------------------------------------
Tue Jan 13 10:38:38 CET 2009 - puzel@suse.cz

- update to 2.0.10
  * New keyserver helper gpg2keys_kdns as generic DNS CERT
    lookup.  
  * New mechanisms "local" and "nodefault" for --auto-key-locate.
    Fixed a few problems with this option.
  * New command --locate-keys.
  * New options --with-sig-list and --with-sig-check.
  * The option "-sat" is no longer an alias for --clearsign.
  * The option --fixed-list-mode is now implicitly used and obsolete.
  * New control statement %ask-passphrase for the unattended key
    generation.
  * The algorithm to compute the SIG_ID status has been changed.
  * [gpgsm] Now uses AES by default.
  * [gpgsm] Made --output option work with --export-secret-key-p12.
  * [gpg-agent] Terminate process if the own listening socket is not
    anymore served by ourself.
  * [gpg-connect-agent] Accept commands given as command line arguments.
  * The gpg-preset-passphrase mechanism works again. An arbitrary
    string may now be used for a custom cache ID.
  * Admin PINs are cached again (bug in 2.0.9).
  * Support for version 2 OpenPGP cards.

- specfile changes:
  * require libadns 
  * explicit versions for some BuildRequires
  * BuildRequires libgpg-error
  * changed license to GPL v3
  * /etc/gnupg/gnupg.conf is now (noreplace)
  * documentation is installed with install

-------------------------------------------------------------------
Wed Jun 11 11:06:09 CEST 2008 - puzel@suse.cz

- fix [bnc#305725] - UTF-8 problems
  * non latin characters displayed incorrectly by pinentry-*

-------------------------------------------------------------------
Wed May 21 14:01:14 CEST 2008 - puzel@suse.cz

- added missing gpgconf.conf (bnc#391347)

-------------------------------------------------------------------
Fri Mar 28 16:14:33 CET 2008 - pcerny@suse.cz

- update to 2.0.9
  * fixes CVE-2008-1530 (bnc#374254)
  * removing gnupg-2.0.8-from-upstream.diff (included in release)
  * removing gnupg-2.0.4-oldkey.diff (accepted by upstream)
  * removing gnupg-2.0.8-warningfixes.diff 
    (also appears in upstream)
- patch gnupg-2.0.9-RSA_ES.patch
  * adding back support for deprecated RSA_E, RSA_S algorithms
    (bnc#342979)

-------------------------------------------------------------------
Wed Mar 26 22:07:29 CET 2008 - coolo@suse.de

- require the split out lang package

-------------------------------------------------------------------
Sun Mar 23 12:10:56 CET 2008 - coolo@suse.de

- splitting out a third of the package by using a lang subpack

-------------------------------------------------------------------
Tue Feb 12 19:24:37 CET 2008 - bk@suse.de

- install gpg-zip and gpgsplit again and use -pie for randomisation

-------------------------------------------------------------------
Wed Feb  6 18:16:34 CET 2008 - bk@suse.de

- add selected upstream fixes and fix gcc and rpmlint warnings 

-------------------------------------------------------------------
Tue Jan  8 10:48:30 CET 2008 - sassmann@suse.de

- update to GnuPG-2.0.8
- adapted patches to apply properly
  * gnupg-1.9.18-tmpdir.diff
  * gnupg-2.0.4-install_tools.diff
- gnupg-2.0.5.fixes-from-svn-20070812.diff commented out,
  included in upstream 2.0.8
- use optflags during build

-------------------------------------------------------------------
Wed Sep 12 22:40:46 CEST 2007 - ltinkl@suse.cz

- fix #304749 - gpg2 unable to use old secret key

-------------------------------------------------------------------
Mon Sep 10 20:13:07 CEST 2007 - ltinkl@suse.cz

- fix gpg2 crash on accessing key (#307666)
- fix gpg doesn't work on the console (#302323)

-------------------------------------------------------------------
Fri Aug 10 11:50:20 CEST 2007 - bk@suse.de

- update to GnuPG-2.0.5             - requries libassuan-1.0.2!
  * Switched license to GPLv3.
  * Fixed bug when using the --p12-charset without --armor.
  * The command --gen-key may now be used instead of the
    gpgsm-gencert.sh script.
  * Changed key generation to reveal less information about the
    machine.  Bug fixes for gpg2's card key generation.
- enable make check to test against build issues in the crypto engine
- cleanup disabled nld patch for linking with -lgpg-error-nld
- use %find_lang to label the locale files properly with %lang
- add opensc-devel to BuildRequrires to enanble smartcard support
- del Makefile.in patches where we patch Makefile.am and run automake
- cleanup the standrd GNU INSTALL and the empty VERSION from %doc

-------------------------------------------------------------------
Thu Jul 26 13:16:22 CEST 2007 - sbrabec@suse.cz

- Build with libassuan-devel.

-------------------------------------------------------------------
Thu Jun 21 20:31:44 CEST 2007 - ro@suse.de

- install compat symlinks for gpg2 and gpgv2
- install gpg-zip and gpgsplit
- added openldap2 to buildrequires (for gpgkeys_ldap) 
- added fPIE/pie to CFLAGS/LDFLAGS for gpgsplit

-------------------------------------------------------------------
Wed May 23 19:02:45 CEST 2007 - dmueller@suse.de

- add libusb-devel build requires

-------------------------------------------------------------------
Wed May 16 14:27:28 CEST 2007 - ltinkl@suse.cz

- remove gpg from Require's (#273491)

-------------------------------------------------------------------
Fri May 11 13:20:19 CEST 2007 - ltinkl@suse.cz

- updated to 2.0.4 stable snapshot

-------------------------------------------------------------------
Wed Apr  4 12:42:06 CEST 2007 - ltinkl@suse.cz

- update to 2.0.3
- fixed #251605 - VUL-0: signing issues within GNUPG
- removed outdated patches

-------------------------------------------------------------------
Fri Mar 30 01:58:56 CEST 2007 - ro@suse.de

- added zlib-devel to buildreq 

-------------------------------------------------------------------
Wed Feb 14 15:14:44 CET 2007 - ltinkl@suse.cz

- fix file conflicts with gpg (#242133)

-------------------------------------------------------------------
Tue Jan 30 00:34:50 CET 2007 - ro@suse.de

- fix build (exclude possible debuginfo directory) 

-------------------------------------------------------------------
Mon Jan 29 16:22:15 CET 2007 - ltinkl@suse.cz

- fix #221212 - gpg2 is not updated and do not contain documentation
- fix #233525 - gpg1/2: bug in vasprintf() implementation

-------------------------------------------------------------------
Thu Nov 30 16:59:25 CET 2006 - anicka@suse.cz

- fix overflow in openfile.c (CVE-2006-6169, #224108) 

-------------------------------------------------------------------
Mon Sep 11 13:44:21 CEST 2006 - pnemec@suse.cz

- updated gnupg to new version 1.9.22
        Enhanced pkcs#12 support
        Support for the CardMan 4040 PCMCIA
        Collected bug fixes
- updated pth library to 2.0.7
- changed using pinetry-qt to pinentry
- removed -cfb.diff -signature.patch -cap_large_uid.patch patches
  they are no longer needed
- change patch -warnings-fix.diff -ccid-driver-fix.diff

-------------------------------------------------------------------
Thu Aug 17 11:55:09 CEST 2006 - pnemec@suse.de

- remove unused package in build requires

-------------------------------------------------------------------
Wed Aug  9 09:32:56 CEST 2006 - pnemec@suse.cz

- fix spec file to build with new gettext 0.15 

-------------------------------------------------------------------
Mon Aug  7 11:06:19 CEST 2006 - pnemec@suse.cz

- fixed security fix with large uid CVE-2006-3746 [#195569]

-------------------------------------------------------------------
Thu Feb 23 17:07:18 CET 2006 - pnemec@suse.cz

- fixed signature security problem CVE-2006-0455 (bugzilla#150742)

-------------------------------------------------------------------
Thu Feb  2 15:37:22 CET 2006 - pnemec@suse.cz

- fixed install info in spec file

-------------------------------------------------------------------
Thu Jan 26 15:52:26 CET 2006 - sbrabec@suse.cz

- Added missing %install_info.

-------------------------------------------------------------------
Wed Jan 25 21:36:18 CET 2006 - mls@suse.de

- converted neededforbuild to BuildRequires

-------------------------------------------------------------------
Fri Aug  5 12:52:44 CEST 2005 - postadal@suse.cz

- updated to version to 1.9.18
- removed obsoleted gcc patch
- added patch tmpdir.diff for using $TMPDIR by gpg-agent [#bug95732] 

-------------------------------------------------------------------
Tue Jul 12 14:17:11 CEST 2005 - postadal@suse.cz

- updated to version to 1.9.17
- updated pth to version 2.0.4
- removed obsoleted patch agent-cache-fix.diff
- fixed ccid-driver.c
- fixed gcc4
- explicitly enabled gpg building in configure

-------------------------------------------------------------------
Thu Mar 24 13:55:34 CET 2005 - postadal@suse.cz

- fixed caching passphrase in gpg-agent [#71975]

-------------------------------------------------------------------
Tue Mar 22 18:11:12 CET 2005 - postadal@suse.cz

- fixed on 64bit archs [#72440]

-------------------------------------------------------------------
Wed Feb 23 15:16:55 CET 2005 - postadal@suse.cz

- security fix for cfb-cipher issue [#65862]

-------------------------------------------------------------------
Wed Jan 12 16:02:00 CET 2005 - postadal@suse.cz

- update to version 1.9.14
- removed obsoleted patch automake-fixes.diff

-------------------------------------------------------------------
Tue Sep 28 08:52:32 CEST 2004 - adrian@suse.de

- link against libpth staticaly to make S/MIME support in kmail
  usable. Hopefully we can convert this to a native thread implementation
  later. (#46260)

-------------------------------------------------------------------
Sat Jul 31 15:07:26 CEST 2004 - adrian@suse.de

- update to version 1.9.10

-------------------------------------------------------------------
Tue Jul 20 09:01:50 CEST 2004 - adrian@suse.de

- remove openct and opensc packages from nfb
  (we will need thread support, when enabling card reader support,
   but it isn't anyway implemented yet in gpg2)

-------------------------------------------------------------------
Mon Jul 12 17:55:32 CEST 2004 - adrian@suse.de

- use GnuPG 2 sources version 1.9.9
- opensc support misses some functions atm, support disabled for now
- threading is disabled, since we do not have a pth package for now
- prepare for nld

-------------------------------------------------------------------
Thu Feb 26 13:27:08 CET 2004 - postadal@suse.cz

- adapted some functions to the libgcrypt version 1.1.91 [#34987]
- added libgpg-error to needforbuild flag

-------------------------------------------------------------------
Wed Feb 18 14:02:47 CET 2004 - kukuk@suse.de

- Don't build against libpth.

-------------------------------------------------------------------
Tue Feb 10 16:00:08 CET 2004 - postadal@suse.cz

- fixed code that broke strict aliasing

-------------------------------------------------------------------
Fri Dec  5 14:35:32 CET 2003 - garloff@suse.de

- disable core dumpe in child after forking. [#33499]

-------------------------------------------------------------------
Mon Aug 11 14:48:50 CEST 2003 - adrian@suse.de

- cleanup #neededforbuild and requires

-------------------------------------------------------------------
Mon Aug  4 15:28:41 CEST 2003 - ro@suse.de

- added openct to neededforbuild 

-------------------------------------------------------------------
Fri Jul 18 14:23:15 CEST 2003 - mc@suse.de

- build against opensc 

-------------------------------------------------------------------
Thu Jun 19 19:04:45 CEST 2003 - schwab@suse.de

- Add %install_info.

-------------------------------------------------------------------
Mon Mar 17 15:25:30 CET 2003 - adrian@suse.de

- add signal handler to check if the parent is still alive and
  exit if not
- use pinentry-qt by default (/usr/bin/pinentry do not exist)

-------------------------------------------------------------------
Tue Feb 11 15:38:30 CET 2003 - mc@suse.de

- initial release