| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Fixes CVE-2017-7526
Updates since 1.4.22:
2018-06-11 Werner Koch <wk@gnupg.org>
Release 1.4.23.
+ commit 8ae6a246bef5b5eb0684e9fb1c933a4f8441dadd
2018-06-08 Werner Koch <wk@gnupg.org>
gpg: Sanitize diagnostic with the original file name.
+ commit 2326851c60793653069494379b16d84e4c10a0ac
* g10/mainproc.c (proc_plaintext): Sanitize verbose output.
2018-04-13 NIIBE Yutaka <gniibe@fsij.org>
g10: Push compress filter only if compressed.
+ commit 0f8fd95ab32a6d29dac79e19f0850037c7d0c16f
* g10/compress.c (handle_compressed): Fix memory leak.
2017-12-18 NIIBE Yutaka <gniibe@fsij.org>
po: Update Japanese translation.
+ commit 1338bce5f66a95b53f18c4b54f0e9ac79604500a
* po/ja.po: Fix message with no "%s".
2017-12-04 NIIBE Yutaka <gniibe@fsij.org>
Damien Goutte-Gattat <dgouttegattat@incenp.org>
g10: Fix regexp sanitization.
+ commit 9441946e1824eb58249c58432ed1f554d0d8a102
* g10/trustdb.c (sanitize_regexp): Only escape operators.
2017-11-10 Dario Niedermann <dario@darioniedermann.it>
Do not use C99 feature.
+ commit 877e3073d731fec55a88673f91ed646a75e786c8
* cipher/rsa.c (secret): Move var decl to the beginning.
2017-09-06 Frans Spiesschaert <Frans.Spiesschaert@yucom.be>
po: update Dutch translation.
+ commit aa26eda8ab679a80a7be2c82478cb4440b45ec8c
2017-08-04 Marcus Brinkmann <marcus.brinkmann@ruhr-uni-bochum.de>
doc: Remove documentation for future option --faked-system-time.
+ commit eb15d5ed8e4a765998e9de7698bdc65328bcaaa3
doc/gpg.texi: Remove documentation for --faked-system-time.
2017-08-02 Daniel Kahn Gillmor <dkg@fifthhorseman.net>
debian: Remove packaging from upstream repository.
+ commit 9832a4bacfa5232534f2c7fe7655bd0677a41f6e
Debian packaging for GnuPG is handled in debian git repositories, and
doesn't belong here in the upstream repository. The packaging was
significantly out of date anyway.
If you're looking for debian packaging for the 1.4 branch of GnuPG,
please use the following git remote:
https://anonscm.debian.org/git/pkg-gnupg/gnupg1.git
2017-08-02 Joe Hansen <joedalton2@yahoo.dk>
po: Update Danish translation.
+ commit 12afc37a946477692257d725acac513f271c4e9e
Originally reported at:
http://lists.gnupg.org/pipermail/gnupg-i18n/2014-November/000308.html
2017-08-02 Frans Spiesschaert <Frans.Spiesschaert@yucom.be>
po: Update Dutch translation.
+ commit 6d5c5204d79fa9d01981c0076d3acde18534640a
Debian-Bug-Id: 845695
2017-08-01 Manuel Venturi Porras Peralta <venturi@openmailbox.org>
po: Update Spanish translation.
+ commit 76239356bcb3bfeec5327637ed87429594868fef
Debian-Bug-Id: 814541
|
|
Noteworthy changes in version 1.4.22 (2017-07-19)
-------------------------------------------------
* Mitigate a flush+reload side-channel attack on RSA secret keys
dubbed "Sliding right into disaster". For details see
<https://eprint.iacr.org/2017/627>. [CVE-2017-7526]
* Fix some minor bugs.
|
|
Changelog:
2016-08-17 Werner Koch <wk@gnupg.org>
Release 1.4.21.
gpg: Add dummy option --with-subkey-fingerprint.
* g10/gpg.c (opts): Add dummy option.
build: Create a swdb file during "make distcheck".
* Makefile.am (distcheck-hook): New.
2016-08-17 Ineiev <ineiev@gnu.org>
po: Update Russian translation.
2016-08-17 Werner Koch <wk@gnupg.org>
random: Hash continuous areas in the csprng pool.
* cipher/random.c (mix_pool): Store the first hash at the end of the
pool.
cipher: Improve readability by using a macro.
* cipher/random.c (mix_pool): Use DIGESTLEN instead of 20.
2016-08-09 Daniel Kahn Gillmor <dkg@fifthhorseman.net>
gpg: Avoid publishing the GnuPG version by default.
* g10/gpg.c (main): initialize opt.emit_version to 0
* doc/gpg.texi: document different default for --emit-version
2016-08-04 Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Clean up "allow to"
* README, cipher/cipher.c, cipher/pubkey.c, doc/gpg.texi: replace
"allow to" with clearer text
In standard English, the normal construction is "${XXX} allows ${YYY}
to" -- that is, the subject (${XXX}) of the sentence is allowing the
object (${YYY}) to do something. When the object is missing, the
phrasing sounds awkward, even if the object is implied by context.
There's almost always a better construction that isn't as awkward.
These changes should make the language a bit clearer.
Fix spelling: "occured" should be "occurred"
* checks/armor.test, cipher/des.c, g10/ccid-driver.c, g10/pkclist.c,
util/regcomp.c, util/regex_internal.c: correct the spelling of
"occured" to "occurred"
2016-08-04 NIIBE Yutaka <gniibe@fsij.org>
g10: Fix checking key for signature validation.
* g10/sig-check.c (signature_check2): Not only subkey, but also primary
key should have flags.valid=1.
2016-08-03 Justus Winter <justus@g10code.com>
Partially revert "g10: Fix another race condition for trustdb access."
This amends db246f8b which accidentally included the compiled
translation files.
2016-07-09 NIIBE Yutaka <gniibe@fsij.org>
gpgv: Tweak default options for extra security.
* g10/gpgv.c (main): Set opt.no_sig _cache, so that it doesn't depend on
cached status. Similarly, set opt.flags.require_cross_cert for backsig
validation for subkey signature.
2016-07-06 NIIBE Yutaka <gniibe@fsij.org>
g10: Fix keysize with --expert.
* g10/keygen.c (ask_keysize): It's 768 only for DSA.
2016-06-28 NIIBE Yutaka <gniibe@fsij.org>
g10: Fix --list-packets.
* g10/gpg.c (main): Call set_packet_list_mode after assignment of
opt.list_packets.
* g10/mainproc.c (do_proc_packets): Don't stop processing with
--list-packets as the comment says.
* g10/options.h (list_packets): Fix the comment.
* g10/parse-packet.c: Fix the condition for opt.list_packets.
2016-06-15 Niibe Yutaka <gniibe@fsij.org>
g10: Fix another race condition for trustdb access.
* g10/tdbio.c (create_version_record): Call create_hashtable to always
make hashtable, together with the version record.
(get_trusthashrec): Remove call to create_hashtable.
2016-02-12 NIIBE Yutaka <gniibe@fsij.org>
g10: Make sure to have the directory for trustdb.
* g10/tdbio.c (tdbio_set_dbname): Return earlier if !CREATE. Check
the directory and create it if none before calling take_write_lock.
2016-02-01 Werner Koch <wk@gnupg.org>
Fix possible sign extension problem with newer compilers.
* cipher/des.c (READ_64BIT_DATA): Cast to u32 before shifting by 24.
* cipher/blowfish.c (do_encrypt_block): Ditto.
(do_decrypt_block): Ditto.
* cipher/camellia.c (CAMELLIA_RR8): Ditto.
* cipher/cast5.c (do_encrypt_block): Ditto.
(do_decrypt_block): Ditto.
(do_cast_setkey): Ditto.
* cipher/twofish.c (INPACK): Ditto.
* util/iobuf.c (block_filter): Ditto.
2016-01-26 NIIBE Yutaka <gniibe@fsij.org>
g10: Fix iobuf API of filter function for alignment.
* include/iobuf.h (struct iobuf_struct): Remove DESC.
* util/iobuf.c (iobuf_desc): New.
(print_chain, iobuf_close, iobuf_open, iobuf_fdopen, iobuf_sockopen)
(iobuf_create, iobuf_append, iobuf_openrw, iobuf_ioctl)
(iobuf_push_filter2, pop_filter, underflow): Use iobuf_desc.
(file_filter, sock_filter, block_filter): Fill the description.
* g10/armor.c, g10/cipher.c, g10/compress-bz2.c, g10/compress.c,
g10/encode.c, g10/encr-data.c, g10/mdfilter.c, g10/pipemode.c,
g10/progress.c, g10/textfilter.c: Likewise.
2016-01-15 Werner Koch <wk@gnupg.org>
Fix possible AIX problem with sysconf in rndunix.
* cipher/rndunix.c [HAVE_STDINT_H]: Include stdint.h.
(start_gatherer): Detect misbehaving sysconf.
2016-01-13 NIIBE Yutaka <gniibe@fsij.org>
Fix to support git worktree.
* Makefile.am: Use -e for testing .git.
2015-12-21 NIIBE Yutaka <gniibe@fsij.org>
po: Update Japanese translation.
|
|
Changelog:
Noteworthy changes in version 1.4.20 (2015-12-20)
-------------------------------------------------
* Reject signatures made using the MD5 hash algorithm unless the
new option --allow-weak-digest-algos or --pgp2 are given.
* New option --weak-digest to specify hash algorithms which
should be considered weak.
* Changed default cipher for symmetric-only encryption to AES-128.
* Fix for DoS when importing certain garbled secret keys.
* Improved error reporting for secret subkey w/o corresponding public
subkey.
* Improved error reporting in decryption due to wrong algorithm.
* Fix cluttering of stdout with trustdb info in double verbose mode.
* Pass a DBUS envvar to gpg-agent for use by gnome-keyring.
|
|
From upstream via Petar Bogdanovic on pkgsrc-users.
Bump PKGREVISION.
|
|
Problems found locating distfiles:
Package f-prot-antivirus6-fs-bin: missing distfile fp-NetBSD.x86.32-fs-6.2.3.tar.gz
Package f-prot-antivirus6-ws-bin: missing distfile fp-NetBSD.x86.32-ws-6.2.3.tar.gz
Package libidea: missing distfile libidea-0.8.2b.tar.gz
Package openssh: missing distfile openssh-7.1p1-hpn-20150822.diff.bz2
Package uvscan: missing distfile vlp4510e.tar.Z
Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden). All existing
SHA1 digests retained for now as an audit trail.
|
|
Noteworthy changes in version 1.4.19 (2015-02-27)
-------------------------------------------------
* Use ciphertext blinding for Elgamal decryption [CVE-2014-3591].
See http://www.cs.tau.ac.il/~tromer/radioexp/ for details.
* Fixed data-dependent timing variations in modular exponentiation
[related to CVE-2015-0837, Last-Level Cache Side-Channel Attacks
are Practical].
* Detect faulty use of --verify on detached signatures.
* Changed the PKA method to use CERT records and hashed names.
* New import option "keep-ownertrust".
* Support algorithm names when generating keys using the --command-fd
method.
* Updated many translations.
* Updated build system.
* Fixed a regression in keyserver import
* Fixed argument parsing for option --debug-level.
* Fixed DoS based on bogus and overlong key packets.
* Fixed bugs related to bogus keyrings.
* The usual minor minor bug fixes.
|
|
Noteworthy changes in version 1.4.18 (2014-06-30)
-------------------------------------------------
* Fix a regression in 1.4.17 if more than one keyid is given
to --recv-keys et al.
* Cap RSA and Elgamal keysize at 4096 bit also for unattended key
generation.
|
|
Noteworthy changes in version 1.4.17 (2014-06-23)
-------------------------------------------------
* Avoid DoS due to garbled compressed data packets.
* Screen keyserver reponses to avoid import of unwanted keys by rogue
servers.
* Add hash algorithms to the "sig" records of the colon output.
* More specific reason codes for INV_RECP status.
* Fixes for PC/SC access on Apple.
* Minor bug fixes.
|
|
Noteworthy changes in version 1.4.16 (2013-12-18)
-------------------------------------------------
* Fixed the RSA Key Extraction via Low-Bandwidth Acoustic
Cryptanalysis attack as described by Genkin, Shamir, and Tromer.
See <http://www.cs.tau.ac.il/~tromer/acoustic/>. [CVE-2013-4576]
* Put only the major version number by default into armored output.
* Do not create a trustdb file if --trust-model=always is used.
* Print the keyid for key packets with --list-packets.
* Changed modular exponentiation algorithm to recover from a small
performance loss due to a change in 1.4.14.
|
|
Noteworthy changes in version 1.4.15 (2013-10-04)
-------------------------------------------------
* Fixed possible infinite recursion in the compressed packet
parser. [CVE-2013-4402]
* Protect against rogue keyservers sending secret keys.
* Use 2048 bit also as default for batch key generation.
* Minor bug fixes.
|
|
Noteworthy changes in version 1.4.14 (2013-07-25)
-------------------------------------------------
* Mitigate the Yarom/Falkner flush+reload side-channel attack on
RSA secret keys. See <http://eprint.iacr.org/2013/448>.
* Fixed IDEA for big-endian CPUs
* Improved the diagnostics for failed keyserver lockups.
* Minor bug and portability fixes.
|
|
From http://bugs.g10code.com/gnupg/issue1461
Reported by tez.
Bump PKGREVISION.
|
|
|
|
|
|
|
|
Fixes CVE-2012-6085
Upstream Changes:
* Add support for the old cipher algorithm IDEA.
* Minor bug fixes.
* Small changes to better cope with future OpenPGP and GnuPG
features.
|
|
|
|
|
|
|
|
Noteworthy changes in version 1.4.12 (2012-01-30)
-------------------------------------------------
* GPG now accepts a space separated fingerprint as a user ID.
This allows to copy and paste the fingerprint from the key
listing.
* Removed support for the original HKP keyserver which is not
anymore used by any site.
* Rebuild the trustdb after changing the option --min-cert-level.
* Improved JPEG detection.
* Included more VMS patches
* Made it easier to create an installer for Windows.
* Supports the 32 bit variant of the mingw-w64 toolchain.
* Made file locking more portable.
* Minor bug fixes.
|
|
|
|
Noteworthy changes in version 1.4.11 (2010-10-18)
-------------------------------------------------
* Bug fixes and portability changes.
* Minor changes for better interoperability with GnuPG-2.
|
|
Noteworthy changes in version 1.4.10 (2009-09-02)
-------------------------------------------------
* 2048 bit RSA keys are now generated by default. The default
hash algorithm preferences has changed to prefer SHA-256 over
SHA-1. 2048 bit DSA keys are now generated to use a 256 bit
hash algorithm
* Support v2 OpenPGP cards.
* The algorithm to compute the SIG_ID status has been changed to
match the one from 2.0.10.
* Improved file locking. Implemented it for W32.
* Fixed a memory leak which made imports of many keys very slow.
* Many smaller bug fixes.
* Support for the Camellia cipher (RFC-5581).
* Support for HKP keyservers over SSL ("HKPS").
|
|
Addresses a recent security issue that only impacts 1.4.8 and 2.0.8
* Improved AES encryption performance by more than 20% (on ia32).
Decryption is also a bit faster.
* Fixed possible memory corruption bug in 1.4.8 while importing
OpenPGP keys.
|
|
Noteworthy changes in version 1.4.8 (2007-12-20)
------------------------------------------------
*******************************************
* A decade of GnuPG: g10-0.0.0.tar.gz was *
* released exactly 10 years ago. *
*******************************************
* Changed the license to GPLv3.
* Improved detection of keyrings specified multiple times.
* Changes to better cope with broken keyservers.
* Minor bug fixes.
* The new OpenPGP standard is now complete, and has been published
as RFC-4880. The GnuPG --openpgp mode (note this is not the
default) has been updated to match the new standard. The
--rfc2440 option can be used to return to the older RFC-2440
behavior. The main differences between the two are
"--enable-dsa2 --no-rfc2440-text --escape-from-lines
--require-cross-certification".
* By default (i.e. --gnupg mode), --require-cross-certification is
now on. --rfc2440-text and --force-v3-sigs are now off.
* Allow encryption using legacy Elgamal sign+encrypt keys if
option --rfc2440 is used.
* Fixed the auto creation of the key stub for smartcards.
* Fixed a rare bug in decryption using the OpenPGP card.
* Fix RFC-4880 typo in the SHA-224 hash prefix. Old SHA-224
signatures will continue to work.
|
|
This fixes a security problem which is rather an application issue:
The user wasn't notified about additional text (not covered by the
signature) unless the --status-fd flag is used.
|
|
Noteworthy changes in version 1.4.6 (2006-12-06)
------------------------------------------------
* Fixed a serious and exploitable bug in processing encrypted
packages. [CVE-2006-6235].
* Fixed a buffer overflow in gpg. [bug#728, CVE-2006-6169]
(already fixed in pkgsrc)
* Fixed a bug while decrypting certain compressed and encrypted
messages. [bug#537]
* Added --s2k-count to set the number of times passphrase mangling
is repeated. The default is 65536 times.
* Added --passphrase-repeat to set the number of times GPG will
prompt for a new passphrase to be repeated. This is useful to
help memorize a new passphrase. The default is 1 repetition.
* Added a GPL license exception to the keyserver helper programs
gpgkeys_ldap, gpgkeys_curl, and gpgkeys_hkp, to clarify any
potential questions about the ability to distribute binaries
that link to the OpenSSL library. GnuPG does not link directly
to OpenSSL, but libcurl (used for HKP, HTTP, and FTP) and
OpenLDAP (used for LDAP) may. Note that this license exception
is considered a bug fix and is intended to forgive any
violations pertaining to this issue, including those that may
have occurred in the past.
* Man pages are now build from the same source as those of GnuPG-2.
|
|
While fixing a bug reported by Hugh Warrington, a buffer overflow has
been identified in all released GnuPG versions. The current versions
1.4.5 and 2.0.0 are affected. A small patch is provided.
...
2006-11-27 Werner Koch <wk@g10code.com>
* openfile.c (ask_outfile_name): Fixed buffer overflow occurring
if make_printable_string returns a longer string. Fixes bug 728.
Bump PKGREVISION.
|
|
security update, recommended by gnupg.org
(fixes CVE-2006-3746)
changes:
* More DSA2 tweaks.
* Fixed a problem uploading certain keys to the smart card.
* Fixed 2 more possible memory allocation attacks.
* Added Norwegian translation.
|
|
if tar supports "ustar" so feed through strings before grep.
Fixes PR pkg/33776.
|
|
Noteworthy changes in version 1.4.4 (2006-06-25)
------------------------------------------------
* User IDs are now capped at 2048 byte. This avoids a memory
allocation attack (see CVE-2006-3082).
[was already fixed in pkgsrc]
* Added support for the SHA-224 hash. Like the SHA-384 hash, it
is mainly useful when DSS (the US Digital Signature Standard)
compatibility is desired.
* Added support for the latest update to DSA keys and signatures.
This allows for larger keys than 1024 bits and hashes other than
SHA-1 and RIPEMD/160. Note that not all OpenPGP implementations
can handle these new keys and signatures yet. See
"--enable-dsa2" in the manual for more information.
|
|
"parse-packet.c in GnuPG (gpg) 1.4.3 and 1.9.20, and earlier versions,
allows remote attackers to cause a denial of service (gpg crash) and
possibly overwrite memory via a message packet with a large length,
which could lead to an integer overflow, as demonstrated using the
--no-armor option."
Patch from GnuPG CVS repository.
Bump PKGREVISION.
|
|
Noteworthy changes in version 1.4.3 (2006-04-03)
------------------------------------------------
* If available, cURL-based keyserver helpers are built that can
retrieve keys using HKP or any protocol that cURL supports
(HTTP, HTTPS, FTP, FTPS, etc). If cURL is not available, HKP
and HTTP are still supported using a built-in cURL emulator. To
force building the old pre-cURL keyserver helpers, use the
configure option --enable-old-keyserver-helpers. Note that none
of this affects finger or LDAP support, which are unchanged.
Note also that a future version of GnuPG will remove the old
keyserver helpers altogether.
* Implemented Public Key Association (PKA) signature verification.
This uses special DNS records and notation data to associate a
mail address with an OpenPGP key to prove that mail coming from
that address is legitimate without the need for a full trust
path to the signing key.
* When exporting subkeys, those specified with a key ID or
fingerpint and the '!' suffix are now merged into one keyblock.
* Added "gpg-zip", a program to create encrypted archives that can
interoperate with PGP Zip.
* Added support for signing subkey cross-certification "back
signatures". Requiring cross-certification to be present is
currently off by default, but will be changed to on by default
in the future, once more keys use it. A new "cross-certify"
command in the --edit-key menu can be used to update signing
subkeys to have cross-certification.
* The key cleaning options for --import-options and
--export-options have been further polished. "import-clean" and
"export-clean" replace the older
import-clean-sigs/import-clean-uids and
export-clean-sigs/export-clean-uids option pairs.
* New "minimize" command in the --edit-key menu removes everything
that can be removed from a key, rendering it as small as
possible. There are corresponding "export-minimal" and
"import-minimal" commands for --export-options and
--import-options.
* New --fetch-keys command to retrieve keys by specifying a URI.
This allows direct key retrieval from a web page or other
location that can be specified in a URI. Available protocols
are HTTP and finger, plus anything that cURL supplies, if built
with cURL support.
* Files containing several signed messages are not allowed any
longer as there is no clean way to report the status of such
files back to the caller. To partly revert to the old behaviour
the new option --allow-multisig-verification may be used.
* The keyserver helpers can now handle keys in either ASCII armor
or binary format.
* New auto-key-locate option that takes an ordered list of methods
to locate a key if it is not available at encryption time (-r or
--recipient). Possible methods include "cert" (use DNS CERT as
per RFC2538bis, "pka" (use DNS PKA), "ldap" (consult the LDAP
server for the domain in question), "keyserver" (use the
currently defined keyserver), as well as arbitrary keyserver
URIs that will be contacted for the key.
* Able to retrieve keys using DNS CERT records as per RFC-2538bis
(currently in draft): http://www.josefsson.org/rfc2538bis
pkgsrc change:
make architecture-specific options really architecture-specific.
|
|
* Files containing several signed messages are not allowed any
longer as there is no clean way to report the status of such
files back to the caller. To partly revert to the old behaviour
the new option --allow-multisig-verification may be used.
|
|
|
|
this fixes a false positive signature verification if only the exit
code of "gpgv" or "gpg --verify" is used
|
|
Noteworthy changes in version 1.4.2 (2005-07-26)
------------------------------------------------
* New command "verify" in the card-edit menu to display
the Private-DO-3. The Admin command has been enhanced to take
the optional arguments "on", "off" and "verify". The latter may
be used to verify the Admin Pin without modifying data; this
allows displaying the Private-DO-4 with the "list" command.
* Rewrote large parts of the card code to optionally make use of a
running gpg-agent. If --use-agent is being used and a gpg-agent
with enabled scdaemon is active, gpg will now divert all card
operations to that daemon. This is required because both,
scdaemon and gpg require exclusive access to the card reader. By
delegating the work to scdaemon, both can peacefully coexist and
scdaemon is able to control the use of the reader. Note that
this requires at least gnupg 1.9.17.
* Fixed a couple of problems with the card reader.
* Command completion is now available in the --edit-key and
--card-edit menus. Filename completion is available at all
filename prompts. Note that completion is only available if the
system provides a readline library.
* New experimental HKP keyserver helper that uses the cURL
library. It is enabled via the configure option --with-libcurl
like the other (also experimental) cURL helpers.
* New key cleaning options that can be used to remove unusable
(expired, revoked) signatures from a key. This is available via
the new "clean" command in --edit-key on a key by key basis, as
well as via the import-clean-sigs/import-clean-uids and
export-clean-sigs/export-clean-uids options for --import-options
and --export-options. These are currently off by default, and
replace the import-unusable-sigs/export-unusable-sigs options
from version 1.4.1.
* New export option export-reset-subkey-passwd.
* New option --limit-card-insert-tries.
|
|
Noteworthy changes in version 1.4.1 (2005-03-15)
------------------------------------------------
* New --rfc2440-text option which controls how text is handled in
signatures. This is in response to some problems seen with
certain PGP/MIME mail clients and GnuPG version 1.4.0. More
details about this are available at
<http://lists.gnupg.org/pipermail/gnupg-users/2005-January/024408.html>.
* New "import-unusable-sigs" and "export-unusable-sigs" tags for
--import-options and --export-options. These are off by
default, and cause GnuPG to not import or export key signatures
that are not usable (e.g. expired signatures).
* New experimental HTTP, HTTPS, FTP, and FTPS keyserver helper
that uses the cURL library <http://curl.haxx.se> to retrieve
keys. This is disabled by default, but may be enabled with the
configure option --with-libcurl. Without this option, the
existing HTTP code is used for HTTP, and HTTPS, FTP, and FTPS
are not supported.
[enabled with the "curl" option for the package]
* When running a --card-status or --card-edit and a public key is
available, missing secret key stubs will be created on the fly.
Details of the key are listed too.
* The implicit packet dumping in double verbose mode is now sent
to stderr and not to stdout.
* Added countermeasures against the Mister/Zuccherato CFB attack
<http://eprint.iacr.org/2005/033>.
* Add new --edit-key command "bkuptocard" to allow restoring a
card key from a backup.
* The "fetch" command of --card-edit now retrieves the key using
the default keyserver if no URL has been stored on the card.
* New configure option --enable-noexecstack.
Also, gpgkeys_mailto is not installed any longer, dropping the
dependency on perl.
|
|
|
|
While here, convert to options.mk.
GnuPG 1.4 Highlights
====================
This is a brief overview of the changes between the GnuPG 1.2 series
and the new GnuPG 1.4 series. To read the full list of highlights for
each revision that led up to 1.4, see the NEWS file in the GnuPG
distribution. This document is based on the NEWS file, and is thus
the highlights of the highlights.
When upgrading, note that RFC-2440, the OpenPGP standard, is currently
being revised. Most of the revisions in the latest draft (2440bis-12)
have already been incorporated into GnuPG 1.4.
Algorithm Changes
-----------------
OpenPGP supports many different algorithms for encryption, hashing,
and compression, and taking into account the OpenPGP revisions, GnuPG
1.4 supports a slightly different algorithm set than 1.2 did.
The SHA256, SHA384, and SHA512 hashes are now supported for read and
write.
The BZIP2 compression algorithm is now supported for read and write.
Due to the recent successful attack on the MD5 hash algorithm
(discussed in <http://www.rsasecurity.com/rsalabs/node.asp?id=2738>,
among other places), MD5 is deprecated for OpenPGP use. It is still
allowed in GnuPG 1.4 for backwards compatibility, but a warning is
given when it is used.
The TIGER/192 hash is no longer available. This should not be
interpreted as a statement as to the quality of TIGER/192 - rather,
the revised OpenPGP standard removes support for several unused or
mostly unused hashes, and TIGER/192 was one of them.
Similarly, Elgamal signatures and the Elgamal signing key type have
been removed from the OpenPGP standard, and thus from GnuPG. Please
do not confuse Elgamal signatures with DSA or DSS signatures or with
Elgamal encryption. Elgamal signatures were very rarely used and were
not supported in any product other than GnuPG. Elgamal encryption was
and still is part of OpenPGP and GnuPG.
Very old (pre-1.0) versions of GnuPG supported a nonstandard (contrary
to OpenPGP) Elgamal key type. While no recent version of GnuPG
permitted the generation of such keys, GnuPG 1.2 could still use them.
GnuPG 1.4 no longer allows the use of these keys or the (also
nonstandard) messages generated using them.
At build time, it is possible to select which algorithms will be built
into GnuPG. This can be used to build a smaller program binary for
embedded uses where space is tight.
Keyserver Changes
-----------------
GnuPG 1.4 does all keyserver operations via plugin or helper
applications. This allows the main GnuPG program to be smaller and
simpler. People who package GnuPG for various reasons have the
flexibility to include or leave out support for any keyserver type as
desired.
Support for fetching keys via HTTP and finger has been added. This is
mainly useful for setting a preferred keyserver URL like
"http://www.jabberwocky.com/key.asc". or "finger:wk at g10code.com".
The LDAP keyserver helper now supports storing, retrieving, and
searching for keys in both the old NAI "LDAP keyserver" as well as the
more recent method to store OpenPGP keys in standard LDAP servers.
This is compatible with the storage schema that PGP uses, so both
products can interoperate with the same LDAP server.
The LDAP keyserver helper is compatible with the PGP company's new
"Global Directory" service.
If the LDAP library you use supports LDAP-over-TLS and LDAPS, then
GnuPG detects this and supports them as well. Note that using TLS or
LDAPS does not improve the security of GnuPG itself, but may be useful
in certain key distribution scenarios.
HTTP Basic authentication is now supported for all HKP and HTTP
keyserver functions, either through a proxy or via direct access.
The HKP keyserver plugin supports the new machine-readable key
listing format for those keyservers that provide it.
IPv6 is supported for HKP and HTTP keyserver access.
When using a HKP keyserver with multiple DNS records (such as
subkeys.pgp.net which has the addresses of multiple servers around the
world), all DNS address records are tried until one succeeds. This
prevents a single down server in the rotation from stopping access.
DNS SRV records are used in HKP keyserver lookups to allow
administrators to load balance and select keyserver ports
automatically.
Timeout support has been added to the keyserver plugins. This allows
users to set an upper limit on how long to wait for the keyserver
before giving up.
Preferred Keyserver URL
-----------------------
Preferred keyserver support has been added. Users may set a preferred
keyserver via the --edit-key command "keyserver". If the
--keyserver-option honor-keyserver-url is set (and it is by default),
then the preferred keyserver is used when refreshing that key with
--refresh-keys.
The --sig-keyserver-url option can be used to inform signature
recipients where the signing key can be downloaded. When verifying
the signature, if the signing key is not present, and the keyserver
options honor-keyserver-url and auto-key-retrieve are set, this URL
will be used to retrieve the key.
Trust Signatures
----------------
GnuPG 1.4 supports OpenPGP trust signatures, which allow a user to
specify the trust level and distance from the user along with the
signature so users can delegate different levels of certification
ability to other users, possibly restricted by a regular expression on
the user ID.
Trust Models
------------
GnuPG 1.4 supports several ways of looking at trust:
Classic - The classic PGP trust model, where people sign each others
keys and thus build up an assurance (called "validity") that
the key belongs to the right person. This was the default
trust model in GnuPG 1.2.
Always - Bypass all trust checks, and make all keys fully valid.
Direct - Users may set key validity directly.
PGP - The PGP 7 and 8 behavior which combines Classic trust with trust
signatures overlaid on top. This is the default trust model in
GnuPG 1.4.
The OpenPGP Smartcard
---------------------
GnuPG 1.4 supports the OpenPGP smartcard
(<http://www.g10code.de/p-card.html>)
Secret keys may be kept fully or partially on the smartcard. The
smartcard may be used for primary keys or subkeys.
Other Interesting New Features
------------------------------
For those using Security-Enhanced Linux <http://www.nsa.gov/selinux/>,
the configure option --enable-selinux-support prevents GnuPG from
processing its own files (i.e. reading the secret keyring for
something other than getting a secret key from it). This simplifies
writing ACLs for the SELinux kernel.
Readline support is now available at all prompts if the system
provides a readline library.
GnuPG can now create messages that can be decrypted with either a
passphrase or a secret key. These messages may be generated with
--symmetric --encrypt or --symmetric --sign --encrypt.
--list-options and --verify-options allow the user to customize
exactly what key listings or signature verifications look like,
enabling or disabling things such as photo display, preferred
keyserver URL, calculated validity for each user ID, etc.
The --primary-keyring option designates the keyring that the user
wants new keys imported into.
The --hidden-recipient (or -R) command encrypts to a user, but hides
the identity of that user. This is the same functionality as
--throw-keyid, but can be used on a per-user basis.
Full algorithm names (e.g. "3DES", "SHA1", "ZIP") can now be used
interchangeably with the short algorithm names (e.g. "S2", "H2", "Z1")
anywhere algorithm names are used in GnuPG.
The --keyid-format option selects short (99242560), long
(DB698D7199242560), 0xshort (0x99242560), or 0xlong
(0xDB698D7199242560) key ID displays. This lets users tune the
display to what they prefer.
While it is not recommended for extended periods, it is possible to
run both GnuPG 1.2.x and GnuPG 1.4 during the transition. To aid in
this, GnuPG 1.4 tries to load a config file suffixed with its version
before it loads the default config file. For example, 1.4 will try
for gpg.conf-1.4 and gpg.conf-1 before falling back to the regular
gpg.conf file.
|
|
|
|
* Updated the included gettext. This also fixes the installation
problem from 1.2.5
* Fixed a race condition possibly leading to deleted keys.
|
|
|
|
* New --ask-cert-level/--no-ask-cert-level option to turn on and
off the prompt for signature level when signing a key. Defaults
to on.
* New --min-cert-level option to disregard key signatures that are
under a specified level. Defaults to 1 (i.e. don't disregard
anything).
* New --max-output option to limit the amount of plaintext output
generated by GnuPG. This option can be used by programs which
call GnuPG to process messages that may result in plaintext
larger than the calling program is prepared to handle. This is
sometimes called a "Decompression Bomb".
* New --list-config command for frontends and other programs that
call GnuPG. See doc/DETAILS for the specifics of this.
* New --gpgconf-list command for internal use by the gpgconf
utility from gnupg 1.9.x.
* Some performance improvements with large keyrings. See
--enable-key-cache=SIZE in the README file for details.
* Some portability fixes for the OpenBSD/i386, HPPA, and AIX
platforms.
* Simplified Chinese translation.
|
|
bug gnupg/293, so grant has blessed it for inclusion in pkgsrc.
No more GNU sed build dependency, but the binaries do not change; thus
PKGREVISION untouched.
|
|
of speedup on m68060 machines.
From S.P. Zeidler in PR 24579.
|
|
* Added read-only support for BZIP2 compression. This should be
considered experimental, and is only available if the libbzip2
library <http://sources.redhat.com/bzip2/> is installed.
* Added the ability to handle messages that can be decrypted with
either a passphrase or a secret key.
* Most support for Elgamal sign+encrypt keys has been removed.
Old signatures may still be verified, and existing encrypted
messages may still be decrypted, but no new signatures may be
issued by, and no new messages will be encrypted to, these keys.
Elgamal sign+encrypt keys are not part of the web of trust. The
only new message that can be generated by an Elgamal
sign+encrypt key is a key revocation. Note that in a future
version of GnuPG (currently planned for 1.4), all support for
Elgamal sign+encrypt keys will be removed, so take this
opportunity to revoke old keys now.
* A Russian translation is included again as well as a new
Belarusian translation.
|
|
macro. This could happen with UNIX98-type systems, such as the code on
our netbsd-1-5 branch, and would prevent this package from building on
such systems. Problem also reported to the original author.
|
|
gnupg-devel at gnupg org. The old patch didn't completely disable usage
of the compromised keys.
Move the old and new fix to the patches/ directory.
|
