| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
Noteworthy changes in version 1.4.18 (2014-06-30)
-------------------------------------------------
* Fix a regression in 1.4.17 if more than one keyid is given
to --recv-keys et al.
* Cap RSA and Elgamal keysize at 4096 bit also for unattended key
generation.
|
|
Noteworthy changes in version 1.4.17 (2014-06-23)
-------------------------------------------------
* Avoid DoS due to garbled compressed data packets.
* Screen keyserver reponses to avoid import of unwanted keys by rogue
servers.
* Add hash algorithms to the "sig" records of the colon output.
* More specific reason codes for INV_RECP status.
* Fixes for PC/SC access on Apple.
* Minor bug fixes.
|
|
|
|
Noteworthy changes in version 1.4.16 (2013-12-18)
-------------------------------------------------
* Fixed the RSA Key Extraction via Low-Bandwidth Acoustic
Cryptanalysis attack as described by Genkin, Shamir, and Tromer.
See <http://www.cs.tau.ac.il/~tromer/acoustic/>. [CVE-2013-4576]
* Put only the major version number by default into armored output.
* Do not create a trustdb file if --trust-model=always is used.
* Print the keyid for key packets with --list-packets.
* Changed modular exponentiation algorithm to recover from a small
performance loss due to a change in 1.4.14.
|
|
in PR 48345.
|
|
Noteworthy changes in version 1.4.15 (2013-10-04)
-------------------------------------------------
* Fixed possible infinite recursion in the compressed packet
parser. [CVE-2013-4402]
* Protect against rogue keyservers sending secret keys.
* Use 2048 bit also as default for batch key generation.
* Minor bug fixes.
|
|
Noteworthy changes in version 1.4.14 (2013-07-25)
-------------------------------------------------
* Mitigate the Yarom/Falkner flush+reload side-channel attack on
RSA secret keys. See <http://eprint.iacr.org/2013/448>.
* Fixed IDEA for big-endian CPUs
* Improved the diagnostics for failed keyserver lockups.
* Minor bug and portability fixes.
|
|
are replaced with .include "../../devel/readline/buildlink3.mk", and
USE_GNU_READLINE are removed,
* .include "../../devel/readline/buildlink3.mk" without USE_GNU_READLINE
are replaced with .include "../../mk/readline.buildlink3.mk".
|
|
|
|
|
|
|
|
From http://bugs.g10code.com/gnupg/issue1461
Reported by tez.
Bump PKGREVISION.
|
|
|
|
|
|
|
|
|
|
Fixes CVE-2012-6085
Upstream Changes:
* Add support for the old cipher algorithm IDEA.
* Minor bug fixes.
* Small changes to better cope with future OpenPGP and GnuPG
features.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Noteworthy changes in version 1.4.12 (2012-01-30)
-------------------------------------------------
* GPG now accepts a space separated fingerprint as a user ID.
This allows to copy and paste the fingerprint from the key
listing.
* Removed support for the original HKP keyserver which is not
anymore used by any site.
* Rebuild the trustdb after changing the option --min-cert-level.
* Improved JPEG detection.
* Included more VMS patches
* Made it easier to create an installer for Windows.
* Supports the 32 bit variant of the mingw-w64 toolchain.
* Made file locking more portable.
* Minor bug fixes.
|
|
|
|
Bump PKGREVISIONs
|
|
|
|
|
|
Noteworthy changes in version 1.4.11 (2010-10-18)
-------------------------------------------------
* Bug fixes and portability changes.
* Minor changes for better interoperability with GnuPG-2.
|
|
|
|
|
|
- kill a trailing whitespace
|
|
Noteworthy changes in version 1.4.10 (2009-09-02)
-------------------------------------------------
* 2048 bit RSA keys are now generated by default. The default
hash algorithm preferences has changed to prefer SHA-256 over
SHA-1. 2048 bit DSA keys are now generated to use a 256 bit
hash algorithm
* Support v2 OpenPGP cards.
* The algorithm to compute the SIG_ID status has been changed to
match the one from 2.0.10.
* Improved file locking. Implemented it for W32.
* Fixed a memory leak which made imports of many keys very slow.
* Many smaller bug fixes.
* Support for the Camellia cipher (RFC-5581).
* Support for HKP keyservers over SSL ("HKPS").
|
|
|
|
requires active ftp. (renders it useless with PASV).
|
|
block). Uncomment some commented out LICENSE lines while here.
|
|
|
|
|
|
|
|
|
|
through PLIST_SUBST to the plist module.
|
|
Addresses a recent security issue that only impacts 1.4.8 and 2.0.8
* Improved AES encryption performance by more than 20% (on ia32).
Decryption is also a bit faster.
* Fixed possible memory corruption bug in 1.4.8 while importing
OpenPGP keys.
|
|
Noteworthy changes in version 1.4.8 (2007-12-20)
------------------------------------------------
*******************************************
* A decade of GnuPG: g10-0.0.0.tar.gz was *
* released exactly 10 years ago. *
*******************************************
* Changed the license to GPLv3.
* Improved detection of keyrings specified multiple times.
* Changes to better cope with broken keyservers.
* Minor bug fixes.
* The new OpenPGP standard is now complete, and has been published
as RFC-4880. The GnuPG --openpgp mode (note this is not the
default) has been updated to match the new standard. The
--rfc2440 option can be used to return to the older RFC-2440
behavior. The main differences between the two are
"--enable-dsa2 --no-rfc2440-text --escape-from-lines
--require-cross-certification".
* By default (i.e. --gnupg mode), --require-cross-certification is
now on. --rfc2440-text and --force-v3-sigs are now off.
* Allow encryption using legacy Elgamal sign+encrypt keys if
option --rfc2440 is used.
* Fixed the auto creation of the key stub for smartcards.
* Fixed a rare bug in decryption using the OpenPGP card.
* Fix RFC-4880 typo in the SHA-224 hash prefix. Old SHA-224
signatures will continue to work.
|
|
meaning.
|
|
This fixes a security problem which is rather an application issue:
The user wasn't notified about additional text (not covered by the
signature) unless the --status-fd flag is used.
|
|
Patch provided by Sergey Svishchev in private mail.
|
|
From Sergey Svishchev in private mail.
|
