![[BACK]](/icons/back.gif){kind=icon}
Up to [cvs.netbsd.org] / pkgsrc / security / gnupg
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.14 / (download) - annotate - [select for diffs], Fri Jan 20 17:07:38 2012 UTC (4 months ago) by drochner
Branch: MAIN
CVS Tags: pkgsrc-2012Q1-base,
pkgsrc-2012Q1,
HEAD
Changes since 1.13: +1 -6
lines
Diff to previous 1.13 (colored)
remove restrictions related to idea and mdc2 patents - both are expired
Revision 1.13 / (download) - annotate - [select for diffs], Sat Apr 12 22:43:09 2008 UTC (4 years, 1 month ago) by jlam
Branch: MAIN
CVS Tags: pkgsrc-2011Q4-base,
pkgsrc-2011Q4,
pkgsrc-2011Q3-base,
pkgsrc-2011Q3,
pkgsrc-2011Q2-base,
pkgsrc-2011Q2,
pkgsrc-2011Q1-base,
pkgsrc-2011Q1,
pkgsrc-2010Q4-base,
pkgsrc-2010Q4,
pkgsrc-2010Q3-base,
pkgsrc-2010Q3,
pkgsrc-2010Q2-base,
pkgsrc-2010Q2,
pkgsrc-2010Q1-base,
pkgsrc-2010Q1,
pkgsrc-2009Q4-base,
pkgsrc-2009Q4,
pkgsrc-2009Q3-base,
pkgsrc-2009Q3,
pkgsrc-2009Q2-base,
pkgsrc-2009Q2,
pkgsrc-2009Q1-base,
pkgsrc-2009Q1,
pkgsrc-2008Q4-base,
pkgsrc-2008Q4,
pkgsrc-2008Q3-base,
pkgsrc-2008Q3,
pkgsrc-2008Q2-base,
pkgsrc-2008Q2,
cwrapper,
cube-native-xorg-base,
cube-native-xorg
Changes since 1.12: +6 -6
lines
Diff to previous 1.12 (colored)
Convert to use PLIST_VARS instead of manually passing "@comment " through PLIST_SUBST to the plist module.
Revision 1.12 / (download) - annotate - [select for diffs], Wed Oct 31 12:29:33 2007 UTC (4 years, 6 months ago) by rillig
Branch: MAIN
CVS Tags: pkgsrc-2008Q1-base,
pkgsrc-2008Q1,
pkgsrc-2007Q4-base,
pkgsrc-2007Q4
Changes since 1.11: +2 -2
lines
Diff to previous 1.11 (colored)
Renamed the deprecated LICENCE to LICENSE, which has the exactly same meaning.
Revision 1.11 / (download) - annotate - [select for diffs], Thu Feb 22 19:01:24 2007 UTC (5 years, 3 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2007Q3-base,
pkgsrc-2007Q3,
pkgsrc-2007Q2-base,
pkgsrc-2007Q2,
pkgsrc-2007Q1-base,
pkgsrc-2007Q1
Changes since 1.10: +2 -2
lines
Diff to previous 1.10 (colored)
pkglint cleanup; update HOMEPAGE/MASTER_SITES. From Sergey Svishchev in private mail.
Revision 1.10 / (download) - annotate - [select for diffs], Thu Aug 3 14:49:14 2006 UTC (5 years, 9 months ago) by gdt
Branch: MAIN
CVS Tags: pkgsrc-2006Q4-base,
pkgsrc-2006Q4,
pkgsrc-2006Q3-base,
pkgsrc-2006Q3
Changes since 1.9: +6 -2
lines
Diff to previous 1.9 (colored)
When using idea option, change license from fee-based-commercial-use to idea-license, and also set RESTRICTED and NO_*_CDROM. (Note that this doesn't change what happens if the idea option is unused.)
Revision 1.9 / (download) - annotate - [select for diffs], Thu Jul 27 18:48:03 2006 UTC (5 years, 10 months ago) by jlam
Branch: MAIN
Changes since 1.8: +2 -2
lines
Diff to previous 1.8 (colored)
Rename "SITES_* to "SITES.*" for file-specific lists of sites from which to fetch the file. This completes the renaming described in revision 1.1799 of bsd.pkg.mk.
Revision 1.5.4.1 / (download) - annotate - [select for diffs], Sun Jun 25 08:58:14 2006 UTC (5 years, 11 months ago) by snj
Branch: pkgsrc-2006Q1
Changes since 1.5: +13 -5
lines
Diff to previous 1.5 (colored) next main 1.6 (colored)
Pullup ticket 1709 - requested by salo
security update for gnupg
Revisions pulled up:
- pkgsrc/security/gnupg/Makefile 1.83, 1.86
- pkgsrc/security/gnupg/PLIST 1.16
- pkgsrc/security/gnupg/distinfo 1.39, 1.40
- pkgsrc/security/gnupg/options.mk 1.6, 1.7
- pkgsrc/security/gnupg/patches/patch-aa 1.11
- pkgsrc/security/gnupg/patches/patch-ak 1.3
- pkgsrc/security/gnupg/patches/patch-ba 1.1
Module Name: pkgsrc
Committed By: wiz
Date: Tue Apr 4 21:16:37 UTC 2006
Modified Files:
pkgsrc/security/gnupg: Makefile PLIST distinfo options.mk
pkgsrc/security/gnupg/patches: patch-aa patch-ak
Log Message:
Update to 1.4.3:
Noteworthy changes in version 1.4.3 (2006-04-03)
------------------------------------------------
* If available, cURL-based keyserver helpers are built that can
retrieve keys using HKP or any protocol that cURL supports
(HTTP, HTTPS, FTP, FTPS, etc). If cURL is not available, HKP
and HTTP are still supported using a built-in cURL emulator. To
force building the old pre-cURL keyserver helpers, use the
configure option --enable-old-keyserver-helpers. Note that none
of this affects finger or LDAP support, which are unchanged.
Note also that a future version of GnuPG will remove the old
keyserver helpers altogether.
* Implemented Public Key Association (PKA) signature verification.
This uses special DNS records and notation data to associate a
mail address with an OpenPGP key to prove that mail coming from
that address is legitimate without the need for a full trust
path to the signing key.
* When exporting subkeys, those specified with a key ID or
fingerpint and the '!' suffix are now merged into one keyblock.
* Added "gpg-zip", a program to create encrypted archives that can
interoperate with PGP Zip.
* Added support for signing subkey cross-certification "back
signatures". Requiring cross-certification to be present is
currently off by default, but will be changed to on by default
in the future, once more keys use it. A new "cross-certify"
command in the --edit-key menu can be used to update signing
subkeys to have cross-certification.
* The key cleaning options for --import-options and
--export-options have been further polished. "import-clean" and
"export-clean" replace the older
import-clean-sigs/import-clean-uids and
export-clean-sigs/export-clean-uids option pairs.
* New "minimize" command in the --edit-key menu removes everything
that can be removed from a key, rendering it as small as
possible. There are corresponding "export-minimal" and
"import-minimal" commands for --export-options and
--import-options.
* New --fetch-keys command to retrieve keys by specifying a URI.
This allows direct key retrieval from a web page or other
location that can be specified in a URI. Available protocols
are HTTP and finger, plus anything that cURL supplies, if built
with cURL support.
* Files containing several signed messages are not allowed any
longer as there is no clean way to report the status of such
files back to the caller. To partly revert to the old behaviour
the new option --allow-multisig-verification may be used.
* The keyserver helpers can now handle keys in either ASCII armor
or binary format.
* New auto-key-locate option that takes an ordered list of methods
to locate a key if it is not available at encryption time (-r or
--recipient). Possible methods include "cert" (use DNS CERT as
per RFC2538bis, "pka" (use DNS PKA), "ldap" (consult the LDAP
server for the domain in question), "keyserver" (use the
currently defined keyserver), as well as arbitrary keyserver
URIs that will be contacted for the key.
* Able to retrieve keys using DNS CERT records as per RFC-2538bis
(currently in draft): http://www.josefsson.org/rfc2538bis
pkgsrc change:
make architecture-specific options really architecture-specific.
---
Module Name: pkgsrc
Committed By: drochner
Date: Wed Apr 5 10:04:12 UTC 2006
Modified Files:
pkgsrc/security/gnupg: options.mk
Log Message:
--with-libcurl is on per default, so revert the logics
(no functional change, just more effective because a compile check
is skipped)
---
Module Name: pkgsrc
Committed By: salo
Date: Sat Jun 24 14:20:29 UTC 2006
Modified Files:
pkgsrc/security/gnupg: Makefile distinfo
Added Files:
pkgsrc/security/gnupg/patches: patch-ba
Log Message:
Security fix for CVE-2006-3082:
"parse-packet.c in GnuPG (gpg) 1.4.3 and 1.9.20, and earlier versions,
allows remote attackers to cause a denial of service (gpg crash) and
possibly overwrite memory via a message packet with a large length,
which could lead to an integer overflow, as demonstrated using the
--no-armor option."
Patch from GnuPG CVS repository.
Bump PKGREVISION.
Revision 1.8 / (download) - annotate - [select for diffs], Wed May 31 18:22:25 2006 UTC (5 years, 11 months ago) by ghen
Branch: MAIN
CVS Tags: pkgsrc-2006Q2-base,
pkgsrc-2006Q2
Changes since 1.7: +2 -2
lines
Diff to previous 1.7 (colored)
The databases/openldap package has been split in -client and -server component packages. Convert LDAP-based applications to depend on openldap-client, and bump PKGREVISION for those that depend on it by default.
Revision 1.7 / (download) - annotate - [select for diffs], Wed Apr 5 10:04:12 2006 UTC (6 years, 1 month ago) by drochner
Branch: MAIN
Changes since 1.6: +3 -2
lines
Diff to previous 1.6 (colored)
--with-libcurl is on per default, so revert the logics (no functional change, just more effective because a compile check is skipped)
Revision 1.6 / (download) - annotate - [select for diffs], Tue Apr 4 21:16:37 2006 UTC (6 years, 1 month ago) by wiz
Branch: MAIN
Changes since 1.5: +12 -5
lines
Diff to previous 1.5 (colored)
Update to 1.4.3:
Noteworthy changes in version 1.4.3 (2006-04-03)
------------------------------------------------
* If available, cURL-based keyserver helpers are built that can
retrieve keys using HKP or any protocol that cURL supports
(HTTP, HTTPS, FTP, FTPS, etc). If cURL is not available, HKP
and HTTP are still supported using a built-in cURL emulator. To
force building the old pre-cURL keyserver helpers, use the
configure option --enable-old-keyserver-helpers. Note that none
of this affects finger or LDAP support, which are unchanged.
Note also that a future version of GnuPG will remove the old
keyserver helpers altogether.
* Implemented Public Key Association (PKA) signature verification.
This uses special DNS records and notation data to associate a
mail address with an OpenPGP key to prove that mail coming from
that address is legitimate without the need for a full trust
path to the signing key.
* When exporting subkeys, those specified with a key ID or
fingerpint and the '!' suffix are now merged into one keyblock.
* Added "gpg-zip", a program to create encrypted archives that can
interoperate with PGP Zip.
* Added support for signing subkey cross-certification "back
signatures". Requiring cross-certification to be present is
currently off by default, but will be changed to on by default
in the future, once more keys use it. A new "cross-certify"
command in the --edit-key menu can be used to update signing
subkeys to have cross-certification.
* The key cleaning options for --import-options and
--export-options have been further polished. "import-clean" and
"export-clean" replace the older
import-clean-sigs/import-clean-uids and
export-clean-sigs/export-clean-uids option pairs.
* New "minimize" command in the --edit-key menu removes everything
that can be removed from a key, rendering it as small as
possible. There are corresponding "export-minimal" and
"import-minimal" commands for --export-options and
--import-options.
* New --fetch-keys command to retrieve keys by specifying a URI.
This allows direct key retrieval from a web page or other
location that can be specified in a URI. Available protocols
are HTTP and finger, plus anything that cURL supplies, if built
with cURL support.
* Files containing several signed messages are not allowed any
longer as there is no clean way to report the status of such
files back to the caller. To partly revert to the old behaviour
the new option --allow-multisig-verification may be used.
* The keyserver helpers can now handle keys in either ASCII armor
or binary format.
* New auto-key-locate option that takes an ordered list of methods
to locate a key if it is not available at encryption time (-r or
--recipient). Possible methods include "cert" (use DNS CERT as
per RFC2538bis, "pka" (use DNS PKA), "ldap" (consult the LDAP
server for the domain in question), "keyserver" (use the
currently defined keyserver), as well as arbitrary keyserver
URIs that will be contacted for the key.
* Able to retrieve keys using DNS CERT records as per RFC-2538bis
(currently in draft): http://www.josefsson.org/rfc2538bis
pkgsrc change:
make architecture-specific options really architecture-specific.
Revision 1.5 / (download) - annotate - [select for diffs], Mon Dec 5 20:50:56 2005 UTC (6 years, 5 months ago) by rillig
Branch: MAIN
CVS Tags: pkgsrc-2006Q1-base,
pkgsrc-2005Q4-base,
pkgsrc-2005Q4
Branch point for: pkgsrc-2006Q1
Changes since 1.4: +2 -2
lines
Diff to previous 1.4 (colored)
Fixed pkglint warnings. The warnings are mostly quoting issues, for
example MAKE_ENV+=FOO=${BAR} is changed to MAKE_ENV+=FOO=${BAR:Q}. Some
other changes are outlined in
http://mail-index.netbsd.org/tech-pkg/2005/12/02/0034.html
Revision 1.4 / (download) - annotate - [select for diffs], Fri Jul 15 18:27:53 2005 UTC (6 years, 10 months ago) by jlam
Branch: MAIN
CVS Tags: pkgsrc-2005Q3-base,
pkgsrc-2005Q3
Changes since 1.3: +2 -2
lines
Diff to previous 1.3 (colored)
Drop distinction between PKGSRC_USE_TOOLS and USE_TOOLS by making PKGSRC_USE_TOOLS go away. There is now only a single USE_TOOLS variable that specifies all of the tools we need to build/run the package.
Revision 1.3 / (download) - annotate - [select for diffs], Sun May 15 04:26:24 2005 UTC (7 years ago) by jlam
Branch: MAIN
CVS Tags: pkgsrc-2005Q2-base,
pkgsrc-2005Q2
Changes since 1.2: +2 -1
lines
Diff to previous 1.2 (colored)
gzcat is needed, so note it as such for the new tools framework.
Revision 1.1.2.1 / (download) - annotate - [select for diffs], Sat Mar 26 10:53:35 2005 UTC (7 years, 2 months ago) by snj
Branch: pkgsrc-2005Q1
Changes since 1.1: +14 -6
lines
Diff to previous 1.1 (colored) next main 1.2 (colored)
Pullup ticket 391 - requested by Thomas Klausner
security fix for gnupg
Revisions pulled up:
- pkgsrc/security/gnupg/Makefile 1.74
- pkgsrc/security/gnupg/PLIST 1.15
- pkgsrc/security/gnupg/distinfo 1.34
- pkgsrc/security/gnupg/options.mk 1.2
Module Name: pkgsrc
Committed By: wiz
Date: Tue Mar 22 17:50:55 UTC 2005
Modified Files:
pkgsrc/security/gnupg: Makefile PLIST distinfo options.mk
Log Message:
Update to 1.4.1:
Noteworthy changes in version 1.4.1 (2005-03-15)
------------------------------------------------
* New --rfc2440-text option which controls how text is handled in
signatures. This is in response to some problems seen with
certain PGP/MIME mail clients and GnuPG version 1.4.0. More
details about this are available at
<http://lists.gnupg.org/pipermail/gnupg-users/2005-January/024408.html>.
* New "import-unusable-sigs" and "export-unusable-sigs" tags for
--import-options and --export-options. These are off by
default, and cause GnuPG to not import or export key signatures
that are not usable (e.g. expired signatures).
* New experimental HTTP, HTTPS, FTP, and FTPS keyserver helper
that uses the cURL library <http://curl.haxx.se> to retrieve
keys. This is disabled by default, but may be enabled with the
configure option --with-libcurl. Without this option, the
existing HTTP code is used for HTTP, and HTTPS, FTP, and FTPS
are not supported.
[enabled with the "curl" option for the package]
* When running a --card-status or --card-edit and a public key is
available, missing secret key stubs will be created on the fly.
Details of the key are listed too.
* The implicit packet dumping in double verbose mode is now sent
to stderr and not to stdout.
* Added countermeasures against the Mister/Zuccherato CFB attack
<http://eprint.iacr.org/2005/033>.
* Add new --edit-key command "bkuptocard" to allow restoring a
card key from a backup.
* The "fetch" command of --card-edit now retrieves the key using
the default keyserver if no URL has been stored on the card.
* New configure option --enable-noexecstack.
Also, gpgkeys_mailto is not installed any longer, dropping the
dependency on perl.
Revision 1.2 / (download) - annotate - [select for diffs], Tue Mar 22 17:50:55 2005 UTC (7 years, 2 months ago) by wiz
Branch: MAIN
Changes since 1.1: +14 -25
lines
Diff to previous 1.1 (colored)
Update to 1.4.1:
Noteworthy changes in version 1.4.1 (2005-03-15)
------------------------------------------------
* New --rfc2440-text option which controls how text is handled in
signatures. This is in response to some problems seen with
certain PGP/MIME mail clients and GnuPG version 1.4.0. More
details about this are available at
<http://lists.gnupg.org/pipermail/gnupg-users/2005-January/024408.html>.
* New "import-unusable-sigs" and "export-unusable-sigs" tags for
--import-options and --export-options. These are off by
default, and cause GnuPG to not import or export key signatures
that are not usable (e.g. expired signatures).
* New experimental HTTP, HTTPS, FTP, and FTPS keyserver helper
that uses the cURL library <http://curl.haxx.se> to retrieve
keys. This is disabled by default, but may be enabled with the
configure option --with-libcurl. Without this option, the
existing HTTP code is used for HTTP, and HTTPS, FTP, and FTPS
are not supported.
[enabled with the "curl" option for the package]
* When running a --card-status or --card-edit and a public key is
available, missing secret key stubs will be created on the fly.
Details of the key are listed too.
* The implicit packet dumping in double verbose mode is now sent
to stderr and not to stdout.
* Added countermeasures against the Mister/Zuccherato CFB attack
<http://eprint.iacr.org/2005/033>.
* Add new --edit-key command "bkuptocard" to allow restoring a
card key from a backup.
* The "fetch" command of --card-edit now retrieves the key using
the default keyserver if no URL has been stored on the card.
* New configure option --enable-noexecstack.
Also, gpgkeys_mailto is not installed any longer, dropping the
dependency on perl.
Revision 1.1 / (download) - annotate - [select for diffs], Sat Dec 25 02:54:49 2004 UTC (7 years, 5 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2005Q1-base
Branch point for: pkgsrc-2005Q1
Add options.mk file.