diff options
| author | wiz <wiz@pkgsrc.org> | 2006-12-06 23:00:46 +0000 |
|---|---|---|
| committer | wiz <wiz@pkgsrc.org> | 2006-12-06 23:00:46 +0000 |
| commit | e162ec1863e5f13c05c938756b85f4fe92e57421 (patch) | |
| tree | ea166b36607bc6cbb49d011bcac7536dd0076518 /security | |
| parent | 01a799bb36910fdc0c73f298ebca7069aae409af (diff) | |
| download | pkgsrc-e162ec1863e5f13c05c938756b85f4fe92e57421.tar.gz | |
Update to 1.4.6:
Noteworthy changes in version 1.4.6 (2006-12-06)
------------------------------------------------
* Fixed a serious and exploitable bug in processing encrypted
packages. [CVE-2006-6235].
* Fixed a buffer overflow in gpg. [bug#728, CVE-2006-6169]
(already fixed in pkgsrc)
* Fixed a bug while decrypting certain compressed and encrypted
messages. [bug#537]
* Added --s2k-count to set the number of times passphrase mangling
is repeated. The default is 65536 times.
* Added --passphrase-repeat to set the number of times GPG will
prompt for a new passphrase to be repeated. This is useful to
help memorize a new passphrase. The default is 1 repetition.
* Added a GPL license exception to the keyserver helper programs
gpgkeys_ldap, gpgkeys_curl, and gpgkeys_hkp, to clarify any
potential questions about the ability to distribute binaries
that link to the OpenSSL library. GnuPG does not link directly
to OpenSSL, but libcurl (used for HKP, HTTP, and FTP) and
OpenLDAP (used for LDAP) may. Note that this license exception
is considered a bug fix and is intended to forgive any
violations pertaining to this issue, including those that may
have occurred in the past.
* Man pages are now build from the same source as those of GnuPG-2.
Diffstat (limited to 'security')
| -rw-r--r-- | security/gnupg/Makefile | 5 | ||||
| -rw-r--r-- | security/gnupg/PLIST | 5 | ||||
| -rw-r--r-- | security/gnupg/distinfo | 9 | ||||
| -rw-r--r-- | security/gnupg/patches/patch-al | 15 |
4 files changed, 8 insertions, 26 deletions
diff --git a/security/gnupg/Makefile b/security/gnupg/Makefile index 026c3203f5e..7022744d686 100644 --- a/security/gnupg/Makefile +++ b/security/gnupg/Makefile @@ -1,7 +1,6 @@ -# $NetBSD: Makefile,v 1.92 2006/11/28 05:39:41 taca Exp $ +# $NetBSD: Makefile,v 1.93 2006/12/06 23:00:46 wiz Exp $ -DISTNAME= gnupg-1.4.5 -PKGREVISION= 1 +DISTNAME= gnupg-1.4.6 CATEGORIES= security MASTER_SITES= ftp://ftp.gnupg.org/gcrypt/gnupg/ \ ftp://ftp.planetmirror.com/pub/gnupg/ \ diff --git a/security/gnupg/PLIST b/security/gnupg/PLIST index 67e49c771e4..62624f7c533 100644 --- a/security/gnupg/PLIST +++ b/security/gnupg/PLIST @@ -1,10 +1,9 @@ -@comment $NetBSD: PLIST,v 1.19 2006/08/02 10:37:34 drochner Exp $ +@comment $NetBSD: PLIST,v 1.20 2006/12/06 23:00:46 wiz Exp $ bin/gpg bin/gpg-zip bin/gpgsplit bin/gpgv -info/gpg.info -info/gpgv.info +info/gnupg1.info libexec/gnupg/gpgkeys_curl libexec/gnupg/gpgkeys_finger libexec/gnupg/gpgkeys_hkp diff --git a/security/gnupg/distinfo b/security/gnupg/distinfo index a38d7ce8d08..39e87b3fa29 100644 --- a/security/gnupg/distinfo +++ b/security/gnupg/distinfo @@ -1,12 +1,11 @@ -$NetBSD: distinfo,v 1.44 2006/11/28 05:39:41 taca Exp $ +$NetBSD: distinfo,v 1.45 2006/12/06 23:00:46 wiz Exp $ -SHA1 (gnupg-1.4.5.tar.bz2) = 553fefe0da5a91108dd9468e381faf9487754f9a -RMD160 (gnupg-1.4.5.tar.bz2) = f27447b3aec1423ac10c3a5b4745ea3b13c5a5e5 -Size (gnupg-1.4.5.tar.bz2) = 3089617 bytes +SHA1 (gnupg-1.4.6.tar.bz2) = 9cbbef5c94f793867ff3ae4941816962311a0563 +RMD160 (gnupg-1.4.6.tar.bz2) = c7e7409358aaaaf7f3bb202aa86f6121749b97e3 +Size (gnupg-1.4.6.tar.bz2) = 3149454 bytes SHA1 (idea.c.gz) = 82fded4ec31b97b3b2dd22741880b67cfee40f84 RMD160 (idea.c.gz) = e35be5a031d10d52341ac5f029d28f811edd908d Size (idea.c.gz) = 5216 bytes SHA1 (patch-aa) = 91d55ca22b58e8a1f3c17a2fd0ad888d4c85c6cf SHA1 (patch-ab) = 29a7d0b736322eb1ecf0925a2419b513f323000e SHA1 (patch-ak) = 89a6a7552104f4d5b97a98889da88fca68c54f31 -SHA1 (patch-al) = 504ff52178d9ffa36f14d6741e4805c212156c0e diff --git a/security/gnupg/patches/patch-al b/security/gnupg/patches/patch-al deleted file mode 100644 index 3b08605939c..00000000000 --- a/security/gnupg/patches/patch-al +++ /dev/null @@ -1,15 +0,0 @@ -$NetBSD: patch-al,v 1.1 2006/11/28 05:39:42 taca Exp $ - -# http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000241.html - ---- ./g10/openfile.c.orig 2006-09-14 08:18:39.000000000 -0600 -+++ ./g10/openfile.c -@@ -145,7 +145,7 @@ ask_outfile_name( const char *name, size - - s = _("Enter new filename"); - -- n = strlen(s) + namelen + 10; -+ n = strlen(s) + (defname?strlen (defname):0) + 10; - defname = name && namelen? make_printable_string( name, namelen, 0): NULL; - prompt = xmalloc(n); - if( defname ) |