diff options
| author | wiz <wiz@pkgsrc.org> | 2013-05-29 22:53:36 +0000 |
|---|---|---|
| committer | wiz <wiz@pkgsrc.org> | 2013-05-29 22:53:36 +0000 |
| commit | d5cd4e4c97682d544b0e0a7f32fcb316cfbb83ee (patch) | |
| tree | 4ffe168dafe1b4161661552e204d26d1a35cce62 /security | |
| parent | a1c18bbbe050052ff068e0f474468ecc9eb84891 (diff) | |
| download | pkgsrc-d5cd4e4c97682d544b0e0a7f32fcb316cfbb83ee.tar.gz | |
Update to 2.0.20:
Noteworthy changes in version 2.0.20 (2013-05-10)
-------------------------------------------------
* Decryption using smartcards keys > 3072 bit does now work.
* New meta option ignore-invalid-option to allow using the same
option file by other GnuPG versions.
* gpg: The hash algorithm is now printed for sig records in key listings.
* gpg: Skip invalid keyblock packets during import to avoid a DoS.
* gpg: Correctly handle ports from DNS SRV records.
* keyserver: Improve use of SRV records
* gpg-agent: Avoid tty corruption when killing pinentry.
* scdaemon: Improve detection of card insertion and removal.
* scdaemon: Rename option --disable-keypad to --disable-pinpad.
* scdaemon: Better support for CCID readers. Now, the internal CCID
driver supports readers without the auto configuration feature.
* scdaemon: Add pinpad input for PC/SC, if your reader has pinpad and
it supports variable length PIN input, and you specify
--enable-pinpad-varlen option.
* scdaemon: New option --enable-pinpad-varlen.
* scdaemon: Install into libexecdir to avoid accidental execution
from the command line.
* Support building using w64-mingw32.
* Assorted bug fixes.
Diffstat (limited to 'security')
| -rw-r--r-- | security/gnupg2/Makefile | 5 | ||||
| -rw-r--r-- | security/gnupg2/PLIST.gpgsm | 4 | ||||
| -rw-r--r-- | security/gnupg2/distinfo | 8 | ||||
| -rw-r--r-- | security/gnupg2/patches/patch-CVE-2012-6085 | 43 |
4 files changed, 8 insertions, 52 deletions
diff --git a/security/gnupg2/Makefile b/security/gnupg2/Makefile index a48aeae2b07..d4d31d0654d 100644 --- a/security/gnupg2/Makefile +++ b/security/gnupg2/Makefile @@ -1,8 +1,7 @@ -# $NetBSD: Makefile,v 1.44 2013/02/06 23:23:37 jperkin Exp $ +# $NetBSD: Makefile,v 1.45 2013/05/29 22:53:36 wiz Exp $ -DISTNAME= gnupg-2.0.19 +DISTNAME= gnupg-2.0.20 PKGNAME= ${DISTNAME:S/gnupg/gnupg2/} -PKGREVISION= 3 CATEGORIES= security MASTER_SITES= ftp://ftp.gnupg.org/gcrypt/gnupg/ EXTRACT_SUFX= .tar.bz2 diff --git a/security/gnupg2/PLIST.gpgsm b/security/gnupg2/PLIST.gpgsm index 479ca63c132..b69b066b97f 100644 --- a/security/gnupg2/PLIST.gpgsm +++ b/security/gnupg2/PLIST.gpgsm @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST.gpgsm,v 1.12 2011/05/05 08:55:23 adam Exp $ +@comment $NetBSD: PLIST.gpgsm,v 1.13 2013/05/29 22:53:36 wiz Exp $ bin/gpg-connect-agent bin/gpg2 bin/gpgconf @@ -8,7 +8,6 @@ bin/gpgsm bin/gpgsm-gencert.sh bin/gpgv2 bin/kbxutil -bin/scdaemon bin/watchgnupg info/gnupg.info info/gnupg.info-1 @@ -18,6 +17,7 @@ libexec/gpg2keys_curl libexec/gpg2keys_finger libexec/gpg2keys_hkp libexec/gpg2keys_ldap +libexec/scdaemon man/man1/gpg-agent.1 man/man1/gpg-connect-agent.1 man/man1/gpg-preset-passphrase.1 diff --git a/security/gnupg2/distinfo b/security/gnupg2/distinfo index dbb811b0c62..fafa779dcad 100644 --- a/security/gnupg2/distinfo +++ b/security/gnupg2/distinfo @@ -1,8 +1,8 @@ -$NetBSD: distinfo,v 1.26 2013/01/15 11:21:50 drochner Exp $ +$NetBSD: distinfo,v 1.27 2013/05/29 22:53:36 wiz Exp $ -SHA1 (gnupg-2.0.19.tar.bz2) = 190c09e6688f688fb0a5cf884d01e240d957ac1f -RMD160 (gnupg-2.0.19.tar.bz2) = 026b5c5fa2b21c3586f325f48ff1420c987b88a7 -Size (gnupg-2.0.19.tar.bz2) = 4187460 bytes +SHA1 (gnupg-2.0.20.tar.bz2) = 7ddfefa37ee9da89a8aaa8f9059d251b4cd02562 +RMD160 (gnupg-2.0.20.tar.bz2) = 5a506b29a5c42b8b4870f76c99a41eeaf45a0911 +Size (gnupg-2.0.20.tar.bz2) = 4286191 bytes SHA1 (patch-CVE-2012-6085) = cbc5ff88eaaebcff9c7bc7983b3d363eff4fcd8b SHA1 (patch-ai) = 4445d30150518f71f996e3b368a81523daded2e2 SHA1 (patch-aj) = bfd21504e0d55f99df543912b1cdf2c573de2f98 diff --git a/security/gnupg2/patches/patch-CVE-2012-6085 b/security/gnupg2/patches/patch-CVE-2012-6085 deleted file mode 100644 index 003694a7bf3..00000000000 --- a/security/gnupg2/patches/patch-CVE-2012-6085 +++ /dev/null @@ -1,43 +0,0 @@ -$NetBSD: patch-CVE-2012-6085,v 1.1 2013/01/15 11:21:50 drochner Exp $ - -upstream rev. 498882296ffac7987c644aaf2a0aa108a2925471 - ---- g10/import.c.orig 2012-03-27 08:00:37.000000000 +0000 -+++ g10/import.c -@@ -347,6 +347,27 @@ import_print_stats (void *hd) - } - - -+/* Return true if PKTTYPE is valid in a keyblock. */ -+static int -+valid_keyblock_packet (int pkttype) -+{ -+ switch (pkttype) -+ { -+ case PKT_PUBLIC_KEY: -+ case PKT_PUBLIC_SUBKEY: -+ case PKT_SECRET_KEY: -+ case PKT_SECRET_SUBKEY: -+ case PKT_SIGNATURE: -+ case PKT_USER_ID: -+ case PKT_ATTRIBUTE: -+ case PKT_RING_TRUST: -+ return 1; -+ default: -+ return 0; -+ } -+} -+ -+ - /**************** - * Read the next keyblock from stream A. - * PENDING_PKT should be initialzed to NULL -@@ -424,7 +445,7 @@ read_block( IOBUF a, PACKET **pending_pk - } - in_cert = 1; - default: -- if( in_cert ) { -+ if (in_cert && valid_keyblock_packet (pkt->pkttype)) { - if( !root ) - root = new_kbnode( pkt ); - else |