![[BACK]](/icons/back.gif){kind=icon}
Up to [cvs.NetBSD.org] / pkgsrc / security / gnupg2
Request diff between arbitrary revisions
Default branch: MAIN
Revision 1.86 / (download) - annotate - [select for diffs], Sat Mar 9 07:58:32 2024 UTC (5 weeks, 6 days ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2024Q1-base,
pkgsrc-2024Q1,
HEAD
Changes since 1.85: +4 -4
lines
Diff to previous 1.85 (colored) to selected 1.21 (colored)
gnupg2: updated to 2.4.5
Noteworthy changes in version 2.4.5 (2024-03-07)
------------------------------------------------
* gpg,gpgv: New option --assert-pubkey-algo. [T6946]
* gpg: Emit status lines for errors in the compression layer.
[T6977]
* gpg: Fix invocation with --trusted-keys and --no-options. [T7025]
* gpgsm: Allow for a longer salt in PKCS#12 files. [T6757]
* gpgtar: Make --status-fd=2 work on Windows. [T6961]
* scd: Support for the ACR-122U NFC reader. [rG1682ca9f01]
* scd: Suport D-TRUST ECC cards. [T7000,T7001]
* scd: Allow auto detaching of kernel drivers; can be disabled with
the new compatibility-flag ccid-no-auto-detach. [rGa1ea3b13e0]
* scd: Allow setting a PIN length of 6 also with a reset code for
openpgp cards. [T6843]
* agent: Allow GET_PASSPHRASE in restricted mode. [rGadf4db6e20]
* dirmngr: Trust system's root CAs for checking CRL issuers.
[T6963]
* dirmngr: Fix regression in 2.4.4 in fetching keys via hkps.
[T6997]
* gpg-wks-client: Make option --mirror work properly w/o specifying
domains. [rG37cc255e49]
* g13,gpg-wks-client: Allow command style options as in "g13 mount
foo". [rGa09157ccb2]
* Allow tilde expansion for the foo-program options. [T7017]
* Make the getswdb.sh tool usable outside the GnuPG tree.
Revision 1.85 / (download) - annotate - [select for diffs], Fri Jan 26 13:35:40 2024 UTC (2 months, 3 weeks ago) by adam
Branch: MAIN
Changes since 1.84: +4 -5
lines
Diff to previous 1.84 (colored) to selected 1.21 (colored)
gnupg2: updated to 2.4.4 Noteworthy changes in version 2.4.4 (2024-01-25) ------------------------------------------------ * gpg: Do not keep an unprotected smartcard backup key on disk. See https://gnupg.org/blog/20240125-smartcard-backup-key.html for a security advisory. * gpg: Allow to specify seconds since Epoch beyond 2038 on 32-bit platforms. * gpg: Fix expiration time when Creation-Date is specified. * gpg: Add support for Subkey-Expire-Date. * gpg: Add option --with-v5-fingerprint. * gpg: Add sub-option ignore-attributes to --import-options. * gpg: Add --list-filter properties sig_expires/sig_expires_d. * gpg: Fix validity of re-imported keys. * gpg: Report BEGIN_ status before examining the input. * gpg: Don't try to compress a read-only keybox. * gpg: Choose key from inserted card over a non-inserted card. * gpg: Allow to create revocations even with non-compliant algos. * gpg: Fix regression in the Revoker keyword of the parameter file. * gpg: Improve error message for expired default keys. * gpgsm: Add --always-trust feature. * gpgsm: Support ECC certificates in de-vs mode. * gpgsm: Major rewrite of the PKCS#12 parser. * gpgsm: No not show the pkcs#12 passphrase in debug output. * keyboxd: Timeout on failure to get the database lock. * agent: Update the key stubs only if really modified. * scd: Add support for certain Starcos 3.2 cards. * scd: Add support for CardOS 5.4 cards. * scd: Add support for D-Trust 4.1/4.4 cards. * scd: Add support for Smartcafe Expert 7.0 cards. * scd: Add a length check for a new PIN. * tpm: Fix keytotpm handling in the agent. * tpm: Fixes for the TPM test suite. * dirmngr: Avoid starting a second instance on Windows via GPGME based launching. * dirmngr: New option --ignore-crl-extensions. * dirmngr: Support config value "none" to disable the default keyserver. * dirmngr: Implement automatic proxy detection on Windows. * dirmngr: Fix handling of the HTTP Content-Length. * dirmngr: Add code to support proxy authentication using the Negotiation method on Windows. * gpgconf: Add commands --lock and --unlock. * gpgconf: Add keyword socketdir to gpgconf.ctl. * gpgconf: Adjust the -X command for the new VERSION file format. * wkd: Use export-clean for gpg-wks-client's --mirror and --create commands. * wkd: Make --add-revocs the default in gpg-wks-client. New option --no-add-revocs. * Remove duplicated backslashes when setting the homedir. * Ignore attempts to remove the /dev/null device. * Improve advisory file lock retry strategy. * Improve the speedo build system for Unix.
Revision 1.84 / (download) - annotate - [select for diffs], Tue Jul 11 08:40:45 2023 UTC (9 months, 1 week ago) by tnn
Branch: MAIN
CVS Tags: pkgsrc-2023Q4-base,
pkgsrc-2023Q4,
pkgsrc-2023Q3-base,
pkgsrc-2023Q3
Changes since 1.83: +2 -1
lines
Diff to previous 1.83 (colored) to selected 1.21 (colored)
gnupg2: fix build w/o ldap. From upstream.
Revision 1.83 / (download) - annotate - [select for diffs], Tue Jul 11 06:46:36 2023 UTC (9 months, 1 week ago) by adam
Branch: MAIN
Changes since 1.82: +4 -4
lines
Diff to previous 1.82 (colored) to selected 1.21 (colored)
gnupg2: updated to 2.4.3 Noteworthy changes in version 2.4.3 (2023-07-04) ------------------------------------------------ * gpg: Set default expiration date to 3 years. [T2701] * gpg: Add --list-filter properties "key_expires" and "key_expires_d". [T6529] * gpg: Emit status line and proper diagnostics for write errors. [T6528] * gpg: Make progress work for large files on Windows. [T6534] * gpg: New option --no-compress as alias for -z0. * gpgsm: Print PROGRESS status lines. Add new --input-size-hint. [T6534] * gpgsm: Support SENDCERT_SKI for --call-dirmngr. [rG701a8b30f0] * gpgsm: Major rewrite of the PKCS#12 parser. [T6536] * gpgtar: New option --no-compress. * dirmngr: Extend the AD_QUERY command. [rG207c99567c] * dirmngr: Disable the HTTP redirect rewriting. [T6477] * dirmngr: New option --compatibility-flags. [rGbf04b07327] * dirmngr: New option --ignore-crl-extensions. [T6545] * wkd: Use export-clean for gpg-wks-client's --mirror and --create commands. [rG2c7f7a5a27] * wkd: Make --add-revocs the default in gpg-wks-client. New option --no-add-revocs. [rG10c937ee68] * scd: Make signing work for Nexus cards. [rGb83d86b988] * scd: Fix authentication with Administration Key for PIV. [rG25b59cf6ce]
Revision 1.82 / (download) - annotate - [select for diffs], Wed Jun 7 09:57:43 2023 UTC (10 months, 1 week ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2023Q2-base,
pkgsrc-2023Q2
Changes since 1.81: +4 -4
lines
Diff to previous 1.81 (colored) to selected 1.21 (colored)
gnupg2: updated to 2.4.2 Noteworthy changes in version 2.4.2 (2023-05-30) ------------------------------------------------ * gpg: Print a warning if no more encryption subkeys are left over after changing the expiration date. [rGef2c3d50fa] * gpg: Fix searching for the ADSK key when adding an ADSK. [T6504] * gpgsm: Speed up key listings on Windows. [rG08ff55bd44] * gpgsm: Reduce the number of "failed to open policy file" diagnostics. [rG68613a6a9d] * agent: Make updating of private key files more robust and track display S/N. [T6135] * keyboxd: Avoid longish delays on Windows when listing keys. [rG6944aefa3c] * gpgtar: Emit extra status lines to help GPGME. [T6497] * w32: Avoid using the VirtualStore. [T6403]
Revision 1.81 / (download) - annotate - [select for diffs], Fri Apr 28 16:33:41 2023 UTC (11 months, 3 weeks ago) by nikita
Branch: MAIN
Changes since 1.80: +4 -4
lines
Diff to previous 1.80 (colored) to selected 1.21 (colored)
gnupg2: update to version 2.4.1
Changelog:
Noteworthy changes in version 2.4.1
===================================
* If the ~/.gnupg directory does not exist, the keyboxd is now
automagically enabled. [rGd9e7488b17]
* gpg: New option --add-desig-revoker. [rG3d094e2bcf]
* gpg: New option --assert-signer. [rGc9e95b8dee]
* gpg: New command --quick-add-adsk and other ADSK features.
[T6395, https://gnupg.org/blog/20230321-adsk.html]
* gpg: New list-option "show-unusable-sigs". Also show
"[self-signature]" instead of the user-id in key signature
listings. [rG103acfe9ca]
* gpg: For symmetric encryption the default S2K hash is now SHA256.
[T6367]
* gpg: Detect already compressed data also when using a pipe. Also
detect JPEG and PNG file formats. [T6332]
* gpg: New subcommand "openpgp" for --card-edit. [T6462]
* gpgsm: Verification of detached signatures does now strip trailing
zeroes from the input if --assume-binary is used. [rG2a13f7f9dc]
* gpgsm: Non-armored detached signature are now created without
using indefinite form length octets. This improves compatibility
with some PDF signature verification software. [rG8996b0b655]
* gpgtar: Emit progress status lines in create mode. [T6363]
* dirmngr: The LDAP modifyTimestamp is now returned by some
keyserver commands. [rG56d309133f]
* ssh: Allow specification of the order keys are presented to ssh.
See the man page entry for --enable-ssh-support. [T5996, T6212]
* gpg: Make list-options "show-sig-subpackets" work again.
Fixes regression in 2.4.0. [rG5a223303d7]
* gpg: Fix the keytocard command for Yubikeys. [T6378]
* gpg: Do not continue an export after a cancel for the primary key.
[T6093]
* gpg: Replace the --override-compliance-check hack by a real fix.
[T5655]
* gpgtar: Fix decryption with input taken from stdin. [T6355]
Release-info: https://dev.gnupg.org/T6454
Revision 1.80 / (download) - annotate - [select for diffs], Mon Feb 27 12:35:35 2023 UTC (13 months, 3 weeks ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2023Q1-base,
pkgsrc-2023Q1
Changes since 1.79: +4 -4
lines
Diff to previous 1.79 (colored) to selected 1.21 (colored)
gnupg2: updated to 2.4.0
Noteworthy changes in version 2.4.0 (2022-12-16)
------------------------------------------------
* gpg: New command --quick-update-pref. [rGd40d23b233]
* gpg: New list-options show-pref and show-pref-verbose.
[rG811cfa34cb]
* gpg: New option --list-filter to restrict key listings like
gpg -k --list-filter 'select=revoked-f && sub/algostr=ed25519'
[rG1324dc3490]
* gpg: New --export-filter export-revocs. [rGc985b52e71]
* gpg: Also import stray revocation certificates. [rG7aaedfb107]
* gpg: Add a notation to encryption subkeys in de-vs mode. [T6279]
* gpg: Improve signature verification speed by a factor of more than
four. Double detached signing speed. [T5826]
* gpg: Allow only OCB for AEAD encryption. [rG5a2cef801d]
* gpg: Fix trusted introducer for mbox only user-ids. [T6238]
* gpg: Report an error via status-fd for receiving a key from the
agent. [T5151]
* gpg: Make --require-compliance work without the --status-fd
option. [rG2aacd843ad]
* gpg: Fix verification of cleartext signatures with overlong lines.
[T6272]
* agent: Fix import of protected OpenPGP v5 keys. [T6294]
* gpgsm: Change the default cipher algorithm from AES128 to AES256.
Also announce support for this in signatures. [rG2d8ac55d26]
* gpgsm: Always use the chain validation model if the root-CA
requests this. [rG7fa1d3cc82]
* gpgsm: Print OCSP revocation date and reason in cert listings.
[rGb6abaed2b5]
* agent: Support Win32-OpenSSH emulation by gpg-agent. [T3883]
* scd: Support the Telesec Signature Card v2.0. [T6252]
* scd: Redact --debug cardio output of a VERIFY APDU. [T5085]
* scd: Skip deleted pkcs#15 records in CARDOS 5. [rG061efac03f]
* dirmngr: Fix build with no LDAP support. [T6239]
* dirmngr: Fix verification of ECDSA signed CRLs. [rG868dabb402]
* wkd: New option --add-revocs for gpg-wks-client. [rGc3f9f2d497]
* wkd: Ignore expired user-ids in gpg-wks-client. [T6292]
* card: New commands "gpg" and "gpgsm". [rG9c4691c73e]
Revision 1.79 / (download) - annotate - [select for diffs], Wed Dec 28 09:40:04 2022 UTC (15 months, 3 weeks ago) by adam
Branch: MAIN
Changes since 1.78: +4 -5
lines
Diff to previous 1.78 (colored) to selected 1.21 (colored)
gnupg2: updated to 2.2.41 Noteworthy changes in version 2.2.41 (2022-12-09) ------------------------------------------------- * gpg: Add a notation to encryption subkeys in de-vs mode. * gpg: Fix trusted introducer for mbox only user-ids. * gpg: Report an error via status-fd for receiving a key from the agent. * gpg: Make --require-compliance work without the --status-fd option. * gpg: Improve signature verification speed by a factor of more than four. Double detached signing speed. * gpg: New --export-filter export-revocs. * gpg: Import stray revocation certificates to improve WKD usability. * wkd: New option --add-revocs for gpg-wks-client. * wkd: Ignore expired user-ids in gpg-wks-client. * scd: Support the Telesec Signature Card v2.0. * Fix build regression depending on libgpg-error version.
Revision 1.78 / (download) - annotate - [select for diffs], Mon Oct 17 09:08:17 2022 UTC (18 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2022Q4-base,
pkgsrc-2022Q4
Changes since 1.77: +5 -4
lines
Diff to previous 1.77 (colored) to selected 1.21 (colored)
gnupg2: updated to 2.2.40 Noteworthy changes in version 2.2.40 (2022-10-10) ------------------------------------------------- * gpg: Do not consider unknown public keys as non-compliant while decrypting. * gpg: Avoid to emit a compliance mode line if Libgcrypt is non-compliant. * gpg: In de-vs mode use AES-128 instead of 3-DES as implicit preference. * gpgsm: Fix reporting of bad passphrase error during PKCS-11 import. * dirmngr: Fix CRL Distribution Point fallback to other schemes. * dirmngr: New LDAP server flag "areconly" (A-record-only). * dirmngr: Fix upload of multiple keys for an LDAP server specified using the colon format. * dirmngr: Use LDAP schema v2 when a Base DN is specified. * wkd: New command --mirror for gpg-wks-client.
Revision 1.77 / (download) - annotate - [select for diffs], Tue Sep 27 12:49:06 2022 UTC (18 months, 3 weeks ago) by adam
Branch: MAIN
Changes since 1.76: +4 -4
lines
Diff to previous 1.76 (colored) to selected 1.21 (colored)
gnupg2: updated to 2.2.39 Noteworthy changes in version 2.2.39 (2022-09-02) ------------------------------------------------- * agent: Fix regression in 2.2.37 related to non-extended format private keys. Noteworthy changes in version 2.2.38 (2022-09-01) ------------------------------------------------- * gpg: Make --require-compliance work for sign+encrypt. * gpg: Fix an encoding problem under Windows in the printed timezone. * gpg: Emit a FAILURE status for --require-compliance errors. * dirmngr: Avoid caching expired certificates.
Revision 1.76 / (download) - annotate - [select for diffs], Wed Aug 31 09:42:12 2022 UTC (19 months, 2 weeks ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2022Q3-base,
pkgsrc-2022Q3
Changes since 1.75: +4 -4
lines
Diff to previous 1.75 (colored) to selected 1.21 (colored)
gnupg2: updated to 2.2.37
Noteworthy changes in version 2.2.37 (2022-08-24)
-------------------------------------------------
* gpg: In de-vs mode use SHA-256 instead of SHA-1 as implicit
preference. [T6043]
* gpg: Actually show symmetric+pubkey encrypted data as de-vs
compliant. Add extra compliance checks for symkey_enc packets.
[T6119]
* gpg: Request keygrip of key to be added via command-fd interface.
[T5771]
* gpg: Look up user ID to revoke by UID hash. [T5936]
* gpg: Fix wrong error message for "keytocard". [T6122]
* gpg: --card-status shows the application type for non-openpgp
cards again. [rG8e393e2592]
* gpg: The options --auto-key-import and --include-key-block are
again listed by gpgconf. [T6138]
* gpgsm: New option --compatibility-flags. [rG77b6896f7a]
* agent: New options --no-user-trustlist and --sys-trustlist-name.
[T5990]
* agent: Track and update the Display-S/N of cards so that the
"please insert card" prompt may now show more information. Use
"gpg --card-status" to update stored card meta data. [T6135]
* scd:openpgp: Fix problem with ECC algorithm attributes on
Yubikeys. [rG225c66f13b87]
* scd:openpgp: Fix problem with Yubikey 5.4 firmware. [T6070]
* dirmngr: Ask keyservers to provide the key fingerprints. [T5741]
* ssh: Allow authentication as used by OpenSSH's PQ crypto support.
[T5935]
* wkd: Fix path traversal attack in gpg-wks-server. Add the mail
address to the pending request data. [rGc1489ca0e1, T6098]
* gpgconf: Improve registry dumping. [rG6bc9592318]
* Silence warnings from AllowSetForegroundWindow. [rG6583abedf3]
Revision 1.75 / (download) - annotate - [select for diffs], Tue Jul 12 05:46:00 2022 UTC (21 months, 1 week ago) by adam
Branch: MAIN
Changes since 1.74: +4 -5
lines
Diff to previous 1.74 (colored) to selected 1.21 (colored)
gnupg2: updated to 2.2.36
Noteworthy changes in version 2.2.36 (2022-07-06)
-------------------------------------------------
* g10: Fix possibly garbled status messages in NOTATION_DATA. This
bug could trick GPGME and other parsers to accept faked status
lines. [T6027, CVE-2022-34903]
* gpg: Handle leading zeroes in Ed25519 private keys and reverse
change regarding Ed25519 SOS encoding as introduced with 2.2.34.
[T5120]
* gpg: Allow Unicode file names for iobuf_cancel under Windows.
* gpgsm: Improve pkcs#12 import. [T6037,T5793,T4921,T4757]
* scd,p15: Fix reading certificates w/o length info.
* scd,p15: Improve the displayed S/N for Technology Nexus cards.
* scd,openpgp: Add workaround for ECC attribute on Yubikey. [T5963]
* scd: Fix use of SCardListReaders for PC/SC. [T5979]
* gpgconf: New short options -X and -V.
* Make sure to always set CONFIDENTIAL flag in Assuan.
Revision 1.74 / (download) - annotate - [select for diffs], Thu Jun 30 14:48:55 2022 UTC (21 months, 2 weeks ago) by wiz
Branch: MAIN
Changes since 1.73: +2 -1
lines
Diff to previous 1.73 (colored) to selected 1.21 (colored)
gnupg2: fix possible security issue Per https://www.openwall.com/lists/oss-security/2022/06/30/1 using upstream patch. Bump PKGREVISION.
Revision 1.73 / (download) - annotate - [select for diffs], Tue Apr 26 08:15:35 2022 UTC (23 months, 3 weeks ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2022Q2-base,
pkgsrc-2022Q2
Changes since 1.72: +4 -4
lines
Diff to previous 1.72 (colored) to selected 1.21 (colored)
gnupg2: updated to 2.2.35 Noteworthy changes in version 2.2.35 (2022-04-25) ------------------------------------------------- * gpg,gpgsm: New option --require-compliance. * gpgtar: New option --with-log. * gpg: Threefold decryption speedup for large files. * gpgtar: Support file names longer than MAX_PATH. * scdaemon: Add support for GeNUA cards. * gpg: Allow decryption of symmetric encrypted data even for non-compliant cipher. * gpg: Avoid possible race condition in --edit-card/factory-reset. * gpg: Emit an ERROR status as hint for a bad passphrase. * gpg: Avoid NULL-ptr access due to corrupted packets. * gpgsm: Fix parsing of certain PKCS#12 files. * gpgtar: Use a pipe for decryption and thus avoid memory exhaustion. * scdaemon: Use extended mode for pkcs#15 already for rsa2048. * dirmngr: Make WKD lookups work for resolvers not handling SRV records. * dirmngr: Escape more characters in WKD requests. * gpgconf: Silence warnings from parsing the option files. * Improve removing of stale lockfiles under Unix.
Revision 1.72 / (download) - annotate - [select for diffs], Wed Feb 16 08:53:26 2022 UTC (2 years, 2 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2022Q1-base,
pkgsrc-2022Q1
Changes since 1.71: +4 -4
lines
Diff to previous 1.71 (colored) to selected 1.21 (colored)
gnupg2: updated to 2.2.34
Noteworthy changes in version 2.2.34 (2022-02-07)
-------------------------------------------------
* gpgconf: Backport the improved option reading and writing code
from 2.3. [rG7a3a1ef370,T4788]
* gpgconf: Do not list ignored options and mark forced options as
read-only. [T5732]
* gpgconf: Correctly show registry entries with --show-configs.
[T5724]
* gpgconf: Add command aliases -L, -K, and -R. [rGf16c535eee]
* gpgconf: Tweak the use of the ldapserver option. [T5801]
* gpgconf: Make "--launch gpg-agent" work again. [rG5a7ed6dd8f]
* gpg: Accept Ed25519 private keys in modernized encoding. [T5120]
* gpg: Fix adding the list of ultimate trusted keys. [T5742]
* gpgsm: New option --ignore-cert-with-oid. [rGbcf446b70c]
* dirmngr: Avoid initial delay on the first keyserver access in
presence of --no-use-tor. [rGdde88897e2]
* scdaemon: Also prefer Yubikeys if no reader port is given.
[rG38c666ec3f]
* agent: Make missing strings translatable and update German and
Japanese translations. [T4777]
* ssh: Fix adding an ed25519 key with a zero length comment. [T5794]
* gpgtar: Create and handle extended headers to support long file
names. [T5754]
* Fix the creation of socket directories under Windows for non-ascii
account names. [rG7d1215cb9c]
* Improve the registry HKCU->HKLM fallback. [rG96db487a4d]
* Prettify the --help output of most commands.
Revision 1.71 / (download) - annotate - [select for diffs], Thu Nov 25 14:42:19 2021 UTC (2 years, 4 months ago) by ryoon
Branch: MAIN
CVS Tags: pkgsrc-2021Q4-base,
pkgsrc-2021Q4
Changes since 1.70: +4 -4
lines
Diff to previous 1.70 (colored) to selected 1.21 (colored)
gnupg2: Update to 2.2.33
Changelog:
Noteworthy changes in version 2.2.33 (2021-11-23)
-------------------------------------------------
* gpg: New option --min-rsa-length. [rG6ee01c1d26]
* gpg: New option --forbid-gen-key. [rG985fb25c46]
* gpg: New option --override-compliance-check. [T5655]
* gpgconf: New command --show-configs. [rG8fe3f57643]
* agent,dirmngr: New option --steal-socket. [rG6507c6ab10]
* scd: Improve the selection of the default PC/SC reader. [T5644]
* gpg: Fix printing of binary notations. [T5667]
* gpg: Remove stale ultimately trusted keys from the trustdb. [T5685]
* gpgsm: Detect circular chains in --list-chain. [rGc9343bec83]
* gpgconf: Create the local option file even if the global file
exists. [T5650]
* dirmngr: Make reading resolv.conf more robust. [T5657]
* gpg-wks-server: Fix created file permissions. [rGf54feb4470]
* scd: Support longer data for ssh-agent authentication with openpgp
cards. [T5682]
* Support gpgconf.ctl for NetBSD and Solaris. [T5656,T5671]
* Silence "Garbled console data" warning under Windows in most
cases.
* Silence warning about the rootdir under Unices w/o a mounted /proc
file system.
* Fix possible build problems about missing include files. [T5592]
* i18n: Replace the term "PIN-Cache" by "Passswort-Cache" in the
German translation. [rgf453d52e53]
* i18n: Update the Russian translation.
Release-info: https://dev.gnupg.org/T5641
See-also: gnupg-announce/2021q4/000467.html
Revision 1.70 / (download) - annotate - [select for diffs], Tue Oct 26 11:17:06 2021 UTC (2 years, 5 months ago) by nia
Branch: MAIN
Changes since 1.69: +2 -2
lines
Diff to previous 1.69 (colored) to selected 1.21 (colored)
security: Replace RMD160 checksums with BLAKE2s checksums All checksums have been double-checked against existing RMD160 and SHA512 hashes Unfetchable distfiles (fetched conditionally?): ./security/cyrus-sasl/distinfo cyrus-sasl-dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d.patch.v2
Revision 1.69 / (download) - annotate - [select for diffs], Tue Oct 12 18:48:00 2021 UTC (2 years, 6 months ago) by adam
Branch: MAIN
Changes since 1.68: +4 -4
lines
Diff to previous 1.68 (colored) to selected 1.21 (colored)
gnupg2: updated to 2.2.32 Noteworthy changes in version 2.2.32 (2021-10-06) ------------------------------------------------- * dirmngr: Fix Let's Encrypt certificate chain validation. * dirmngr: New option --ignore-cert. * gpg: Fix --list-packets for AEAD packets with unknown key.
Revision 1.68 / (download) - annotate - [select for diffs], Thu Oct 7 14:53:50 2021 UTC (2 years, 6 months ago) by nia
Branch: MAIN
Changes since 1.67: +1 -2
lines
Diff to previous 1.67 (colored) to selected 1.21 (colored)
security: Remove SHA1 hashes for distfiles
Revision 1.67 / (download) - annotate - [select for diffs], Tue Oct 5 12:14:28 2021 UTC (2 years, 6 months ago) by adam
Branch: MAIN
Changes since 1.66: +5 -5
lines
Diff to previous 1.66 (colored) to selected 1.21 (colored)
gnupg2: updated to 2.2.31
Noteworthy changes in version 2.2.31 (2021-09-15)
-------------------------------------------------
* agent: Fix a regression in GET_PASSPHRASE.
* scd: Fix an assertion failure in close_pcsc_reader.
* scd: Add support for PC/SC in "GETINFO reader_list".
Noteworthy changes in version 2.2.30 (2021-08-26)
-------------------------------------------------
* gpg: Extended gpg-check-pattern to support accept rules,
conjunctions, and case-sensitive matching.
* agent: New option --pinentry-formatted-passphrase.
* agent: New option --check-sym-passphrase-pattern.
* agent: Use the sysconfdir for the pattern files.
* agent: Add "checkpin" inquiry for use by pinentry.
* wkd: Fix client issue with leading or trailing spaces in
user-ids.
* Pass XDG_SESSION_TYPE and QT_QPA_PLATFORM envvars to Pinentry.
* Under Windows use LOCAL_APPDATA for the socket directory.
Noteworthy changes in version 2.2.29 (2021-07-04)
-------------------------------------------------
* Fix regression in 2.2.28 for Yubikey NEO.
* Change the default keyserver to keyserver.ubuntu.com. This is a
temporary change due to the shutdown of the SKS keyserver pools.
* gpg: Let --fetch-key return an exit code on failure.
* dirmngr: Fix regression in KS_GET for mail address pattern.
* Add fallback in case the Windows console can't cope with Unicode.
* Improve initialization of SPR532 in the CCID driver and make the
driver more robust.
* Make test suite work in presence of a broken Libgcrypt
installation.
* Make configure option --disable-ldap work again.
Noteworthy changes in version 2.2.28 (2021-06-10)
-------------------------------------------------
* gpg: Auto import keys specified with --trusted-keys.
* gpg: Allow decryption w/o public key but with correct card
inserted.
* gpg: Allow fingerprint based lookup with --locate-external-key.
* gpg: Lookup a missing public key of the current card via LDAP.
* gpg: New option --force-sign-key.
* gpg: Use a more descriptive password prompt for symmetric
decryption.
* gpg: Do not use the self-sigs-only option for LDAP keyserver
imports.
* gpg: Keep temp files when opening images via xdg-open.
* gpg: Fix mailbox based search via AKL keyserver method.
* gpg: Fix sending an OpenPGP key with umlaut to an LDAP keyserver.
* gpg: Allow ECDH with a smartcard returning only the x-coordinate.
* gpgsm: New option --ldapserver as an alias for --keyserver. Note
that configuring servers in gpgsm and gpg is deprecated; please
use the dirmngr configuration options.
* gpgsm: Support AES-GCM decryption.
* gpgsm: Support decryption of password protected files.
* gpgsm: Lock keyboxes also during a search to fix lockups on
Windows.
* agent: Skip unknown unknown ssh curves seen on
cards.
* scdaemon: New option --pcsc-shared.
* scdaemon: Backport PKCS#15 card support from GnuPG 2.3
* scdaemon: Fix CCID driver for SCM SPR332/SPR532.
* scdaemon: Fix possible PC/SC removed card problem.
* scdaemon: Fix unblock PIN by a Reset Code with KDF.
* scdaemon: Support compressed points.
* scdaemon: Prettify S/N for Yubikeys and fix reading for early
Yubikey 5 tokens.
* dirmngr: New option --ldapserver to avoid the need for the
separate dirmngr_ldapservers.conf file.
* dirmngr: The dirmngr_ldap wrapper has been rewritten to properly
support ldap-over-tls and starttls for X.509 certificates and
CRLs.
* dirmngr: OpenPGP LDAP keyservers may now also be configured using
the same syntax as used for X.509 and CRL LDAP servers. This
avoids the former cumbersome quoting rules and adds a flexible set
of flags to control the connection.
* dirmngr: The "ldaps" scheme of an OpenPGP keyserver URL is now
interpreted as ldap-with-starttls on port 389. To use the
non-standardized ldap-over-tls the new LDAP configuration method
of the new attribute "gpgNtds" needs to be used.
* dirmngr: Return the fingerprint as search result also for LDAP
OpenPGP keyservers. This requires the modernized LDAP schema.
* dirmngr: An OpenPGP LDAP search by a mailbox now ignores revoked
keys.
* gpgconf: Make runtime changes with non-default homedir work.
* gpgconf: Do not translate an empty string to the PO file's meta
data.
* gpgconf: Fix argv overflow if --homedir is used.
* gpgconf: Return a new pseudo option "compliance_de_vs".
* gpgtar: Fix file size computation under Windows.
* Full Unicode support for the Windows command line.
* Fix problem with Windows Job objects and auto start of our
daemons.
* i18n: In German always use "Passwort" instead of "Passphrase" in
prompts.
Revision 1.66 / (download) - annotate - [select for diffs], Tue Jan 12 11:49:56 2021 UTC (3 years, 3 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2021Q3-base,
pkgsrc-2021Q3,
pkgsrc-2021Q2-base,
pkgsrc-2021Q2,
pkgsrc-2021Q1-base,
pkgsrc-2021Q1
Changes since 1.65: +5 -5
lines
Diff to previous 1.65 (colored) to selected 1.21 (colored)
gnupg2: updated to 2.2.27
Noteworthy changes in version 2.2.27 (2021-01-11)
-------------------------------------------------
* gpg: Fix regression in 2.2.24 for gnupg_remove function under
Windows.
* gpgconf: Fix case with neither local nor global gpg.conf.
* gpgconf: Fix description of two new options.
* Build Windows installer without timestamps. Note that the
Authenticode signatures still carry a timestamp.
Release-info: https://dev.gnupg.org/T5234
See-also: gnupg-announce/2021q1/000452.html
Noteworthy changes in version 2.2.26 (2020-12-21)
-------------------------------------------------
* gpg: New AKL method "ntds".
* gpg: Fix --trusted-key with fingerprint arg.
* scd: Fix writing of ECC keys to an OpenPGP card.
* scd: Make an USB error fix specific to SPR532 readers.
* dirmngr: With new LDAP keyservers store the new attributes. Never
store the useless pgpSignerID. Fix a long standing bug storing
some keys on an ldap server.
* dirmngr: Support the new Active Direcory LDAP schema for
keyservers.
* dirmngr: Allow LDAP OpenPGP searches via fingerprint.
* dirmngr: Do not block other threads during keyserver LDAP calls.
* Support global configuration files.
* Fix the iconv fallback handling to UTF-8.
Release-info: https://dev.gnupg.org/T5153
See-also: gnupg-announce/2020q4/000451.html
Revision 1.65 / (download) - annotate - [select for diffs], Thu Dec 3 12:10:20 2020 UTC (3 years, 4 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2020Q4-base,
pkgsrc-2020Q4
Changes since 1.64: +5 -5
lines
Diff to previous 1.64 (colored) to selected 1.21 (colored)
gnupg2: updated to 2.2.25 Noteworthy changes in version 2.2.25 * scd: Fix regression in 2.2.24 requiring gpg --card-status before signing or decrypting. * gpgsm: Using Libksba 1.5.0 signatures with a rarely used combination of attributes can now be verified.
Revision 1.64 / (download) - annotate - [select for diffs], Wed Nov 18 13:06:44 2020 UTC (3 years, 5 months ago) by adam
Branch: MAIN
Changes since 1.63: +5 -5
lines
Diff to previous 1.63 (colored) to selected 1.21 (colored)
gnupg2: updated to 2.2.24
Noteworthy changes in version 2.2.24
------------------------------------
* Allow Unicode file names on Windows almost everywhere. Note that
it is still not possible to use Unicode strings on the command
line. This change also fixes a regression in 2.2.22 related to
non-ascii file names.
* Fix localized time printing on Windows.
* gpg: New command --quick-revoke-sig.
* gpg: Do not use weak digest algos if selected by recipient
preference during sign+encrypt.
* gpg: Switch to AES256 for symmetric encryption in de-vs mode.
* gpg: Silence weak digest warnings with --quiet.
* gpg: Print new status line CANCELED_BY_USER for a cancel during
symmetric encryption.
* gpg: Fix the encrypt+sign hash algo preference selection for
ECDSA. This is in particular needed for keys created from
existing smartcard based keys.
* agent: Fix secret key import of GnuPG 2.3 generated Ed25519 keys.
* agent: Keep some permissions of private-keys-v1.d.
* dirmngr: Align sks-keyservers.netCA.pem use between ntbtls and
gnutls builds.
* dirmngr: Fix the pool keyserver case for a single host in the
pool.
* scd: Fix the use case of verify_chv2 by CHECKPIN.
* scd: Various improvements to the ccid-driver.
* scd: Minor fixes for Yubikey
* gpgconf: New option --show-versions.
* w32: Install gpg-check-pattern and example profiles. Install
Windows subsystem variant of gpgconf (gpgconf-w32).
* i18n: Complete overhaul and completion of the Italian translation.
Thanks to Denis Renzi.
* Require Libgcrypt 1.8 because 1.7 has long reached end-of-life.
Revision 1.63 / (download) - annotate - [select for diffs], Sat Sep 5 10:25:52 2020 UTC (3 years, 7 months ago) by js
Branch: MAIN
CVS Tags: pkgsrc-2020Q3-base,
pkgsrc-2020Q3
Changes since 1.62: +5 -5
lines
Diff to previous 1.62 (colored) to selected 1.21 (colored)
Update security/gnupg2 to 2.2.23
Fixes a criticial vulnerability: https://dev.gnupg.org/T5050
Noteworthy changes in version 2.2.22
====================================
* gpg: Change the default key algorithm to rsa3072.
* gpg: Add regular expression support for Trust Signatures on all
platforms. [#4843]
* gpg: Fix regression in 2.2.21 with non-default --passphrase-repeat
option. [#4991]
* gpg: Ignore --personal-digest-prefs for ECDSA keys. [#5021]
* gpgsm: Make rsaPSS a de-vs compliant scheme.
* gpgsm: Show also the SHA256 fingerprint in key listings.
* gpgsm: Do not require a default keyring for --gpgconf-list. [#4867]
* gpg-agent: Default to extended key format and record the creation
time of keys. Add new option --disable-extended-key-format.
* gpg-agent: Support the WAYLAND_DISPLAY envvar. [#5016]
* gpg-agent: Allow using --gpgconf-list even if HOME does not
exist. [#4866]
* gpg-agent: Make the Pinentry work even if the envvar TERM is set
to the empty string. [#4137]
* scdaemon: Add a workaround for Gnuk tokens <= 2.15 which wrongly
incremented the error counter when using the "verify" command of
"gpg --edit-key" with only the signature key being present.
* dirmngr: Better handle systems with disabled IPv6. [#4977]
* gpgpslit: Install tool. It was not installed in the past to avoid
conflicts with the version installed by GnuPG 1.4. [#5023]
* gpgtar: Handle Unicode file names on Windows correctly (requires
libgpg-error 1.39). [#4083]
* gpgtar: Make --files-from and --null work as documented. [#5027]
* Build the Windows installer with the new Ntbtls 0.2.0 so that TLS
connections succeed for servers demanding GCM.
Release-info: https://dev.gnupg.org/T5030
Noteworthy changes in version 2.2.23
====================================
* gpg: Fix AEAD preference list overflow. [#5050]
* gpg: Fix a possible segv in the key cleaning code.
* gpgsm: Fix a minor RFC2253 parser bug. [#5037]
* scdaemon: Fix a PIN verify failure on certain OpenPGP card
implementations. Regression in 2.2.22. [#5039]
* po: Fix bug in the Hungarian translation. Updates for the Czech,
Polish, and Ukrainian translations.
Release-info: https://dev.gnupg.org/T5045
Revision 1.62 / (download) - annotate - [select for diffs], Tue Aug 18 09:39:23 2020 UTC (3 years, 8 months ago) by schmonz
Branch: MAIN
Changes since 1.61: +2 -1
lines
Diff to previous 1.61 (colored) to selected 1.21 (colored)
Provide a definition of IN_EXCL_UNLINK for Linux < 2.6.36, and link with -lrt. Fixes build on CentOS 6. Still builds on CentOS 7, Debian 9 and 10, Devuan 3.
Revision 1.61 / (download) - annotate - [select for diffs], Fri Jul 24 10:47:45 2020 UTC (3 years, 8 months ago) by adam
Branch: MAIN
Changes since 1.60: +5 -5
lines
Diff to previous 1.60 (colored) to selected 1.21 (colored)
gnupg2: updated to 2.2.21 Noteworthy changes in version 2.2.21 * gpg: Improve symmetric decryption speed by about 25%. * gpg: Support decryption of AEAD encrypted data packets. * gpg: Add option --no-include-key-block. * gpg: Allow for extra padding in ECDH. * gpg: Only a single pinentry is shown for symmetric encryption if the pinentry supports this. * gpg: Print a note if no keys are given to --delete-key. * gpg,gpgsm: The ridiculous passphrase quality bar is not anymore shown. * gpgsm: Certificates without a CRL distribution point are now considered valid without looking up a CRL. The new option --enable-issuer-based-crl-check can be used to revert to the former behaviour. * gpgsm: Support rsaPSS signature verification. * gpgsm: Unless CRL checking is disabled lookup a missing issuer certificate using the certificate's authorityInfoAccess. * gpgsm: Print the certificate's serial number also in decimal notation. * gpgsm: Fix possible NULL-deref in messages of --gen-key. * scd: Support the CardOS 5 based D-Trust Card 3.1. * dirmngr: Allow http URLs with "LOOKUP --url". * wkd: Take name of sendmail from configure. Fixes an OpenBSD specific bug.
Revision 1.60 / (download) - annotate - [select for diffs], Sat Mar 21 07:24:30 2020 UTC (4 years, 1 month ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2020Q2-base,
pkgsrc-2020Q2,
pkgsrc-2020Q1-base,
pkgsrc-2020Q1
Changes since 1.59: +5 -5
lines
Diff to previous 1.59 (colored) to selected 1.21 (colored)
gnupg2: updated to 2.2.20 Noteworthy changes in version 2.2.20: * Protect the error counter against overflow to guarantee that the tools can't be tricked into returning success after an error. * gpg: Make really sure that --verify-files always returns an error. * gpg: Fix key listing --with-secret if a pattern is given. * gpg: Fix detection of certain keys used as default-key. * gpg: Fix default-key selection when a card is available. * gpg: Fix key expiration and key usage for keys created with a creation date of zero. * gpgsm: Fix import of some CR,LF terminated certificates. * gpg: New options --include-key-block and --auto-key-import to allow encrypted replies after an initial signed message. * gpg: Allow the use of a fingerprint with --trusted-key. * gpg: New property "fpr" for use by --export-filter. * scdaemon: Disable the pinpad if a KDF DO is used. * dirmngr: Improve finding OCSP certificates. * Avoid build problems with LTO or gcc-10.
Revision 1.59 / (download) - annotate - [select for diffs], Mon Dec 9 18:44:52 2019 UTC (4 years, 4 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2019Q4-base,
pkgsrc-2019Q4
Changes since 1.58: +5 -5
lines
Diff to previous 1.58 (colored) to selected 1.21 (colored)
gnupg2: updated to 2.2.19 Noteworthy changes in version 2.2.19: * gpg: Fix double free when decrypting for hidden recipients. Regression in 2.2.18. * gpg: Use auto-key-locate for encryption even for mail addressed given with angle brackets. * gpgsm: Add special case for certain expired intermediate certificates.
Revision 1.58 / (download) - annotate - [select for diffs], Wed Nov 27 12:17:08 2019 UTC (4 years, 4 months ago) by ryoon
Branch: MAIN
Changes since 1.57: +5 -5
lines
Diff to previous 1.57 (colored) to selected 1.21 (colored)
Update to 2.2.18
Changelog:
Noteworthy changes in version 2.2.18 (2019-11-25)
-------------------------------------------------
* gpg: Changed the way keys are detected on a smartcards; this
allows the use of non-OpenPGP cards. In the case of a not very
likely regression the new option --use-only-openpgp-card is
available. [#4681]
* gpg: The commands --full-gen-key and --quick-gen-key now allow
direct key generation from supported cards. [#4681]
* gpg: Prepare against chosen-prefix SHA-1 collisions in key
signatures. This change removes all SHA-1 based key signature
newer than 2019-01-19 from the web-of-trust. Note that this
includes all key signature created with dsa1024 keys. The new
option --allow-weak-key-signatues can be used to override the new
and safer behaviour. [#4755,CVE-2019-14855]
* gpg: Improve performance for import of large keyblocks. [#4592]
* gpg: Implement a keybox compression run. [#4644]
* gpg: Show warnings from dirmngr about redirect and certificate
problems (details require --verbose as usual).
* gpg: Allow to pass the empty string for the passphrase if the
'--passphase=' syntax is used. [#4633]
* gpg: Fix printing of the KDF object attributes.
* gpg: Avoid surprises with --locate-external-key and certain
--auto-key-locate settings. [#4662]
* gpg: Improve selection of best matching key. [#4713]
* gpg: Delete key binding signature when deletring a subkey.
[#4665,#4457]
* gpg: Fix a potential loss of key sigantures during import with
self-sigs-only active. [#4628]
* gpg: Silence "marked as ultimately trusted" diagnostics if
option --quiet is used. [#4634]
* gpg: Silence some diagnostics during in key listsing even with
option --verbose. [#4627]
* gpg, gpgsm: Change parsing of agent's pkdecrypt results. [#4652]
* gpgsm: Support AES-256 keys.
* gpgsm: Fix a bug in triggering a keybox compression run if
--faked-system-time is used.
* dirmngr: System CA certificates are no longer used for the SKS
pool if GNUTLS instead of NTBTLS is used as TLS library. [#4594]
* dirmngr: On Windows detect usability of IPv4 and IPv6 interfaces
to avoid long timeouts. [#4165]
* scd: Fix BWI value for APDU level transfers to make Gemalto Ezio
Shield and Trustica Cryptoucan work. [#4654,#4566]
* wkd: gpg-wks-client --install-key now installs the required policy
file.
Revision 1.57 / (download) - annotate - [select for diffs], Wed Jul 10 09:28:24 2019 UTC (4 years, 9 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2019Q3-base,
pkgsrc-2019Q3
Changes since 1.56: +5 -5
lines
Diff to previous 1.56 (colored) to selected 1.21 (colored)
gnupg2: updated to 2.2.17
Noteworthy changes in version 2.2.17:
* gpg: Ignore all key-signatures received from keyservers. This
change is required to mitigate a DoS due to keys flooded with
faked key-signatures. The old behaviour can be achieved by adding
keyserver-options no-self-sigs-only,no-import-clean
to your gpg.conf.
* gpg: If an imported keyblocks is too large to be stored in the
keybox (pubring.kbx) do not error out but fallback to an import
using the options "self-sigs-only,import-clean".
* gpg: New command --locate-external-key which can be used to
refresh keys from the Web Key Directory or via other methods
configured with --auto-key-locate.
* gpg: New import option "self-sigs-only".
* gpg: In --auto-key-retrieve prefer WKD over keyservers.
* dirmngr: Support the "openpgpkey" subdomain feature from
draft-koch-openpgp-webkey-service-07.
* dirmngr: Add an exception for the "openpgpkey" subdomain to the
CSRF protection.
* dirmngr: Fix endless loop due to http errors 503 and 504.
* dirmngr: Fix TLS bug during redirection of HKP requests.
* gpgconf: Fix a race condition when killing components.
Revision 1.56 / (download) - annotate - [select for diffs], Sun Jun 2 09:29:09 2019 UTC (4 years, 10 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2019Q2-base,
pkgsrc-2019Q2
Changes since 1.55: +5 -5
lines
Diff to previous 1.55 (colored) to selected 1.21 (colored)
gnupg2: updated to 2.2.16 Noteworthy changes in version 2.2.16: * gpg,gpgsm: Fix deadlock on Windows due to a keybox sharing violation. * gpg: Allow deletion of subkeys with --delete-key. This finally makes the bang-suffix work as expected for that command. * gpg: Replace SHA-1 by SHA-256 in self-signatures when updating them with --quick-set-expire or --quick-set-primary-uid. * gpg: Improve the photo image viewer selection. * gpg: Fix decryption with --use-embedded-filename. * gpg: Remove hints on using the --keyserver option. * gpg: Fix export of certain secret keys with comments. * gpg: Reject too long user-ids in --quick-gen-key. * gpg: Fix a double free in the best key selection code. * gpg: Fix the key generation dialog for switching back from EdDSA to ECDSA. * gpg: Use AES-192 with SHA-384 to comply with RFC-6637. * gpg: Use only the addrspec from the Signer's UID subpacket to mitigate a problem with another implementation. * gpg: Skip invalid packets during a keyring listing and sync diagnostics with the output. * gpgsm: Avoid confusing diagnostic when signing with the default key. * agent: Do not delete any secret key in --dry-run mode. * agent: Fix failures on 64 bit big-endian boxes related to URIs in a keyfile. * agent: Stop scdaemon after a reload with disable-scdaemon newly configured. * dirmngr: Improve caching algorithm for WKD domains. * dirmngr: Support other hash algorithms than SHA-1 for OCSP. * gpgconf: Make --homedir work for --launch. * gpgconf: Before --launch check for a valid config file. * wkd: Do not import more than 5 keys from one WKD address. * wkd: Accept keys which are stored in armored format in the directory. * The installer for Windows now comes with signed binaries.
Revision 1.55 / (download) - annotate - [select for diffs], Mon Apr 1 08:30:04 2019 UTC (5 years ago) by adam
Branch: MAIN
Changes since 1.54: +5 -6
lines
Diff to previous 1.54 (colored) to selected 1.21 (colored)
gnupg2: updated to 2.2.15 Noteworthy changes in version 2.2.15: * sm: Fix --logger-fd and --status-fd on Windows for non-standard file descriptors. * sm: Allow decryption even if expired keys are configured. * agent: Change command KEYINFO to print ssh fingerprints with other hash algos. * dirmngr: Fix build problems on Solaris due to the use of reserved symbol names. * wkd: New commands --print-wkd-hash and --print-wkd-url for gpg-wks-client.
Revision 1.54 / (download) - annotate - [select for diffs], Wed Mar 27 09:42:15 2019 UTC (5 years ago) by jperkin
Branch: MAIN
CVS Tags: pkgsrc-2019Q1-base,
pkgsrc-2019Q1
Changes since 1.53: +2 -1
lines
Diff to previous 1.53 (colored) to selected 1.21 (colored)
gnupg2: Fix build.
Revision 1.53 / (download) - annotate - [select for diffs], Wed Mar 20 06:39:52 2019 UTC (5 years, 1 month ago) by adam
Branch: MAIN
Changes since 1.52: +5 -5
lines
Diff to previous 1.52 (colored) to selected 1.21 (colored)
gnupg2: updated to 2.2.14 Noteworthy changes in version 2.2.14: * gpg: Allow import of PGP desktop exported secret keys. Also avoid importing secret keys if the secret keyblock is not valid. * gpg: Do not error out on version 5 keys in the local keyring. * gpg: Make invalid primary key algo obvious in key listings. * sm: Do not mark a certificate in a key listing as de-vs compliant if its use for a signature will not be possible. * sm: Fix certificate creation with key on card. * sm: Create rsa3072 bit certificates by default. * sm: Print Yubikey attestation extensions with --dump-cert. * agent: Fix cancellation handling for scdaemon. * agent: Support --mode=ssh option for CLEAR_PASSPHRASE. * scd: Fix flushing of the CA-FPR DOs in app-openpgp. * scd: Avoid a conflict error with the "undefined" app. * dirmngr: Add CSRF protection exception for protonmail. * dirmngr: Fix build problems with gcc 9 in libdns. * gpgconf: New option --show-socket for use wity --launch. * gpgtar: Make option -C work for archive creation.
Revision 1.52 / (download) - annotate - [select for diffs], Wed Feb 13 16:06:44 2019 UTC (5 years, 2 months ago) by adam
Branch: MAIN
Changes since 1.51: +5 -5
lines
Diff to previous 1.51 (colored) to selected 1.21 (colored)
gnupg2: updated to 2.2.13 Noteworthy changes in version 2.2.13: * gpg: Implement key lookup via keygrip (using the & prefix). * gpg: Allow generating Ed25519 key from existing key. * gpg: Emit an ERROR status line if no key was found with -k. * gpg: Stop early when trying to create a primary Elgamal key. * gpgsm: Print the card's key algorithms along with their keygrips in interactive key generation. * agent: Clear bogus pinentry cache in the error case. * scd: Support "acknowledge button" feature. * scd: Fix for USB INTERRUPT transfer. * wks: Do no use compression for the the encrypted challenge and response
Revision 1.51 / (download) - annotate - [select for diffs], Thu Dec 20 19:33:27 2018 UTC (5 years, 4 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2018Q4-base,
pkgsrc-2018Q4
Changes since 1.50: +5 -5
lines
Diff to previous 1.50 (colored) to selected 1.21 (colored)
gnupg2: updated to 2.2.12
Noteworthy changes in version 2.2.12:
* tools: New commands --install-key and --remove-key for
gpg-wks-client. This allows to prepare a Web Key Directory on a
local file system for later upload to a web server.
* gpg: New --list-option "show-only-fpr-mbox". This makes the use
of the new gpg-wks-client --install-key command easier on Windows.
* gpg: Improve processing speed when --skip-verify is used.
* gpg: Fix a bug where a LF was accidentally written to the console.
* gpg: --card-status now shwos whether a card has the new KDF
feature enabled.
* agent: New runtime option --s2k-calibration=MSEC. New configure
option --with-agent-s2k-calibration=MSEC.
* dirmngr: Try another keyserver from the pool on receiving a 502,
503, or 504 error.
* dirmngr: Avoid possible CSRF attacks via http redirects. A HTTP
query will not anymore follow a 3xx redirect unless the Location
header gives the same host. If the host is different only the
host and port is taken from the Location header and the original
path and query parts are kept.
* dirmngr: New command FLUSHCRL to flush all CRLS from disk and
memory.
* New simplified Chinese translation (zh_CN).
Revision 1.50 / (download) - annotate - [select for diffs], Wed Nov 7 11:59:08 2018 UTC (5 years, 5 months ago) by adam
Branch: MAIN
Changes since 1.49: +5 -5
lines
Diff to previous 1.49 (colored) to selected 1.21 (colored)
gnupg2: updated to 2.2.11 Noteworthy changes in version 2.2.11: * gpgsm: Fix CRL loading when intermediate certicates are not yet trusted. * gpgsm: Fix an error message about the digest algo. * gpg: Fix a wrong warning due to new sign usage check introduced with 2.2.9. * gpg: Print the "data source" even for an unsuccessful keyserver query. * gpg: Do not store the TOFU trust model in the trustdb. This allows to enable or disable a TOFO model without triggering a trustdb rebuild. * scd: Fix cases of "Bad PIN" after using "forcesig". * agent: Fix possible hang in the ssh handler. * dirmngr: Tack the unmodified mail address to a WKD request. See commit a2bd4a64e5b057f291a60a9499f881dd47745e2f for details. * dirmngr: Tweak diagnostic about missing LDAP server file. * dirmngr: In verbose mode print the OCSP responder id. * dirmngr: Fix parsing of the LDAP port. * wks: Add option --directory/-C to the server. Always build the server on Unix systems. * wks: Add option --with-colons to the client. Support sites which use the policy file instead of the submission-address file. * Fix EBADF when gpg et al. are called by broken CGI scripts. * Fix some minor memory leaks and bugs.
Revision 1.49 / (download) - annotate - [select for diffs], Wed Sep 5 15:41:12 2018 UTC (5 years, 7 months ago) by ryoon
Branch: MAIN
CVS Tags: pkgsrc-2018Q3-base,
pkgsrc-2018Q3
Changes since 1.48: +5 -5
lines
Diff to previous 1.48 (colored) to selected 1.21 (colored)
Update to 2.2.10 Changelog: Noteworthy changes in version 2.2.10 (2018-08-30) ------------------------------------------------- gpg: Refresh expired keys originating from the WKD. [#2917] gpg: Use a 256 KiB limit for a WKD imported key. gpg: New option --known-notation. [#4060] scd: Add support for the Trustica Cryptoucan reader. agent: Speed up starting during on-demand launching. [#3490] dirmngr: Validate SRV records in WKD queries.
Revision 1.48 / (download) - annotate - [select for diffs], Mon Jul 16 01:00:22 2018 UTC (5 years, 9 months ago) by ryoon
Branch: MAIN
Changes since 1.47: +5 -5
lines
Diff to previous 1.47 (colored) to selected 1.21 (colored)
Update to 2.2.9
Changelog:
Noteworthy changes in version 2.2.9 (2018-07-12)
------------------------------------------------
* dirmngr: Fix recursive resolver mode and other bugs in the libdns
code. [#3374,#3803,#3610]
* dirmngr: When using libgpg-error 1.32 or later a GnuPG build with
NTBTLS support (e.g. the standard Windows installer) does not
anymore block for dozens of seconds before returning data.
* gpg: Fix bug in --show-keys which actually imported revocation
certificates. [#4017]
* gpg: Ignore too long user-ID and comment packets. [#4022]
* gpg: Fix crash due to bad German translation. Improved printf
format compile time check.
* gpg: Handle missing ISSUER sub packet gracefully in the presence of
the new ISSUER_FPR. [#4046]
* gpg: Allow decryption using several passphrases in most cases.
[#3795,#4050]
* gpg: Command --show-keys now enables the list options
show-unusable-uids, show-unusable-subkeys, show-notations and
show-policy-urls by default.
* gpg: Command --show-keys now prints revocation certificates. [#4018]
* gpg: Add revocation reason to the "rev" and "rvs" records of the
option --with-colons. [#1173]
* gpg: Export option export-clean does now remove certain expired
subkeys; export-minimal removes all expired subkeys. [#3622]
* gpg: New "usage" property for the drop-subkey filters. [#4019]
Release-info: https://dev.gnupg.org/T4036
See-also: gnupg-announce/2018q3/000427.html
Revision 1.47 / (download) - annotate - [select for diffs], Sat Jun 9 18:08:34 2018 UTC (5 years, 10 months ago) by leot
Branch: MAIN
CVS Tags: pkgsrc-2018Q2-base,
pkgsrc-2018Q2
Changes since 1.46: +5 -5
lines
Diff to previous 1.46 (colored) to selected 1.21 (colored)
gnupg2: Update security/gnupg to 2.2.8
Changes:
Noteworthy changes in version 2.2.8 (2018-06-08)
------------------------------------------------
* gpg: Decryption of messages not using the MDC mode will now lead
to a hard failure even if a legacy cipher algorithm was used. The
option --ignore-mdc-error can be used to turn this failure into a
warning. Take care: Never use that option unconditionally or
without a prior warning.
* gpg: The MDC encryption mode is now always used regardless of the
cipher algorithm or any preferences. For testing --rfc2440 can be
used to create a message without an MDC.
* gpg: Sanitize the diagnostic output of the original file name in
verbose mode. [#4012, CVE-2018-12020]
* gpg: Detect suspicious multiple plaintext packets in a more
reliable way. [#4000]
* gpg: Fix the duplicate key signature detection code. [#3994]
* gpg: The options --no-mdc-warn, --force-mdc, --no-force-mdc,
--disable-mdc and --no-disable-mdc have no more effect.
* agent: Add DBUS_SESSION_BUS_ADDRESS and a few other envvars to the
list of startup environment variables. [#3947]
Revision 1.46 / (download) - annotate - [select for diffs], Fri May 4 06:08:40 2018 UTC (5 years, 11 months ago) by adam
Branch: MAIN
Changes since 1.45: +5 -5
lines
Diff to previous 1.45 (colored) to selected 1.21 (colored)
gnupg2: updated to 2.2.7 changes in version 2.2.7: * gpg: New option --no-symkey-cache to disable the passphrase cache for symmetrical en- and decryption. * gpg: The ERRSIG status now prints the fingerprint if that is part of the signature. * gpg: Relax emitting of FAILURE status lines * gpg: Add a status flag to "sig" lines printed with --list-sigs. * gpg: Fix "Too many open files" when using --multifile. * ssh: Return an error for unknown ssh-agent flags. * dirmngr: Fix a regression since 2.1.16 which caused corrupted CRL caches under Windows. * dirmngr: Fix a CNAME problem with pools and TLS. Also use a fixed mapping of keys.gnupg.net to sks-keyservers.net. * dirmngr: Try resurrecting dead hosts earlier (from 3 to 1.5 hours). * dirmngr: Fallback to CRL if no default OCSP responder is configured. * dirmngr: Implement CRL fetching via https. Here a redirection to http is explictly allowed. * dirmngr: Make LDAP searching and CRL fetching work under Windows. This stopped working with 2.1. * agent,dirmngr: New sub-command "getenv" for "getinfo" to ease debugging.
Revision 1.45 / (download) - annotate - [select for diffs], Thu Apr 12 07:02:03 2018 UTC (6 years ago) by adam
Branch: MAIN
Changes since 1.44: +5 -5
lines
Diff to previous 1.44 (colored) to selected 1.21 (colored)
gnupg2: updated to 2.2.6 Noteworthy changes in version 2.2.6: * gpg,gpgsm: New option --request-origin to pretend requests coming from a browser or a remote site. * gpg: Fix race condition on trustdb.gpg updates due to too early released lock. * gpg: Emit FAILURE status lines in almost all cases. * gpg: Implement --dry-run for --passwd to make checking a key's passphrase straightforward. * gpg: Make sure to only accept a certification capable key for key signatures. * gpg: Better user interaction in --card-edit for the factory-reset sub-command. * gpg: Improve changing key attributes in --card-edit by adding an explicit "key-attr" sub-command. * gpg: Print the keygrips in the --card-status. * scd: Support KDF DO setup. * scd: Fix some issues with PC/SC on Windows. * scd: Fix suspend/resume handling in the CCID driver. * agent: Evict cached passphrases also via a timer. * agent: Use separate passphrase caches depending on the request origin. * ssh: Support signature flags. * dirmngr: Handle failures related to missing IPv6 support gracefully. * Fix corner cases related to specified home directory with drive letter on Windows. * Allow the use of UNC directory names as homedir.
Revision 1.44 / (download) - annotate - [select for diffs], Mon Feb 26 09:05:45 2018 UTC (6 years, 1 month ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2018Q1-base,
pkgsrc-2018Q1
Changes since 1.43: +5 -5
lines
Diff to previous 1.43 (colored) to selected 1.21 (colored)
gnupg2: updated to 2.2.5 version 2.2.5: * gpg: Allow the use of the "cv25519" and "ed25519" short names in addition to the canonical curve names in --batch --gen-key. * gpg: Make sure to print all secret keys with option --list-only and --decrypt. * gpg: Fix the use of future-default with --quick-add-key for signing keys. * gpg: Select a secret key by checking availability under gpg-agent. * gpg: Fix reversed prompt texts for --only-sign-text-ids. * gpg,gpgsm: Fix detection of bogus keybox blobs on 32 bit systems. * gpgsm: Fix regression since 2.1 in --export-secret-key-raw which got $d mod (q-1)$ wrong. Note that most tools automatically fixup that parameter anyway. * ssh: Fix a regression in getting the client'd PID on *BSD and macOS. * scd: Support the KDF Data Object of the OpenPGP card 3.3. * scd: Fix a regression in the internal CCID driver for certain card readers. * scd: Fix a problem on NetBSD killing scdaemon on gpg-agent shutdown. * dirmngr: Improve returned error description on failure of DNS resolving. * wks: Implement command --install-key for gpg-wks-server. * Add option STATIC=1 to the Speedo build system to allow a build with statically linked versions of the core GnuPG libraries. Also use --enable-wks-tools by default by Speedo builds for Unix.
Revision 1.43 / (download) - annotate - [select for diffs], Thu Dec 21 09:45:41 2017 UTC (6 years, 3 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2017Q4-base,
pkgsrc-2017Q4
Changes since 1.42: +5 -5
lines
Diff to previous 1.42 (colored) to selected 1.21 (colored)
gnupg2: updated to 2.2.4
Noteworthy changes in version 2.2.4:
* gpg: Change default preferences to prefer SHA512.
* gpg: Print a warning when more than 150 MiB are encrypted using a
cipher with 64 bit block size.
* gpg: Print a warning if the MDC feature has not been used for a
message.
* gpg: Fix regular expression of domain addresses in trust
signatures.
* agent: New option --auto-expand-secmem to help with high numbers
of concurrent connections. Requires libgcrypt 1.8.2 for having
an effect.
* dirmngr: Cache responses of WKD queries.
* gpgconf: Add option --status-fd.
* wks: Add commands --check and --remove-key to gpg-wks-server.
* Increase the backlog parameter of the daemons to 64 and add
option --listen-backlog.
* New configure option --enable-run-gnupg-user-socket to first try a
socket directory which is not removed by systemd at session end.
Revision 1.42 / (download) - annotate - [select for diffs], Fri Nov 24 12:33:10 2017 UTC (6 years, 4 months ago) by adam
Branch: MAIN
Changes since 1.41: +5 -5
lines
Diff to previous 1.41 (colored) to selected 1.21 (colored)
gnupg2: updated to 2.2.3 changes in version 2.2.3: * gpgsm: Fix initial keybox creation on Windows. * dirmngr: Fix crash in case of a CRL loading error. * Fix the name of the Windows registry key. * gpgtar: Fix wrong behaviour of --set-filename. * gpg: Silence AKL retrieval messages. * agent: Use clock or clock_gettime for calibration. * agent: Improve robustness of the shutdown pending state.
Revision 1.41 / (download) - annotate - [select for diffs], Thu Nov 9 08:02:30 2017 UTC (6 years, 5 months ago) by adam
Branch: MAIN
Changes since 1.40: +5 -5
lines
Diff to previous 1.40 (colored) to selected 1.21 (colored)
gnupg2: updated to 2.2.2
changes in version 2.2.2:
* gpg: Avoid duplicate key imports by concurrently running gpg
processes.
* gpg: Fix creating on-disk subkey with on-card primary key.
* gpg: Fix validity retrieval for multiple keyrings.
* gpg: Fix --dry-run and import option show-only for secret keys.
* gpg: Print "sec" or "sbb" for secret keys with import option
import-show.
* gpg: Make import less verbose.
* gpg: Add alias "Key-Grip" for parameter "Keygrip" and new
parameter "Subkey-Grip" to unattended key generation.
* gpg: Improve "factory-reset" command for OpenPGP cards.
* gpg: Ease switching Gnuk tokens into ECC mode by using the magic
keysize value 25519.
* gpgsm: Fix --with-colon listing in crt records for fields > 12.
* gpgsm: Do not expect X.509 keyids to be unique.
* agent: Fix stucked Pinentry when using --max-passphrase-days.
* agent: New option --s2k-count.
* dirmngr: Do not follow https-to-http redirects.
* dirmngr: Reduce default LDAP timeout from 100 to 15 seconds.
* gpgconf: Ignore non-installed components for commands
--apply-profile and --apply-defaults.
* Add configure option --enable-werror.
Revision 1.40 / (download) - annotate - [select for diffs], Sat Sep 30 12:38:01 2017 UTC (6 years, 6 months ago) by adam
Branch: MAIN
Changes since 1.39: +5 -5
lines
Diff to previous 1.39 (colored) to selected 1.21 (colored)
gnupg2: update to 2.2.1 version 2.2.1: * gpg: Fix formatting of the user id in batch mode key generation if only "name-email" is given. * gpgv: Fix annoying "not suitable for" warnings. * wks: Convey only the newest user id to the provider. This is the case if different names are used with the same addr-spec. * wks: Create a complying user id for provider policy mailbox-only. * wks: Add workaround for posteo.de. * scd: Fix the use of large ECC keys with an OpenPGP card. * dirmngr: Use system provided root certificates if no specific HKP certificates are configured. If build with GNUTLS, this was already the case.
Revision 1.39 / (download) - annotate - [select for diffs], Tue Aug 29 12:07:04 2017 UTC (6 years, 7 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2017Q3-base,
pkgsrc-2017Q3
Changes since 1.38: +5 -6
lines
Diff to previous 1.38 (colored) to selected 1.21 (colored)
Updated gnupg2 to 2.2.0.
Noteworthy changes in version 2.2.0 (2017-08-28)
------------------------------------------------
This is the new long term stable branch. This branch will only see
bug fixes and no new features.
* gpg: Reverted change in 2.1.23 so that --no-auto-key-retrieve is
again the default.
* Fixed a few minor bugs.
Revision 1.38 / (download) - annotate - [select for diffs], Wed Apr 13 18:01:55 2016 UTC (8 years ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2017Q2-base,
pkgsrc-2017Q2,
pkgsrc-2017Q1-base,
pkgsrc-2017Q1,
pkgsrc-2016Q4-base,
pkgsrc-2016Q4,
pkgsrc-2016Q3-base,
pkgsrc-2016Q3,
pkgsrc-2016Q2-base,
pkgsrc-2016Q2
Changes since 1.37: +5 -6
lines
Diff to previous 1.37 (colored) to selected 1.21 (colored)
Update gnupg2 to 2.0.30. Noteworthy changes in version 2.0.30 (2016-03-31) ------------------------------------------------- * gpg: Avoid too early timeout during key generation with 2.1 cards. * agent: Fixed printing of ssh fingerprints for 384 bit ECDSA keys. * agent: Fixed an alignment bug related to the passphrase confirmation. * scdaemon: Fixed a "conflicting usage" bug. * scdaemon: Fixed usb card reader removal problem on Windows 8 and later. * Fixed a problem on AIX due to peculiarity with RLIMIT_NOFILE. * Updated the Japanese and Dutch translations. * Fixed a few other bugs.
Revision 1.37 / (download) - annotate - [select for diffs], Wed Nov 4 01:17:45 2015 UTC (8 years, 5 months ago) by agc
Branch: MAIN
CVS Tags: pkgsrc-2016Q1-base,
pkgsrc-2016Q1,
pkgsrc-2015Q4-base,
pkgsrc-2015Q4
Changes since 1.36: +2 -1
lines
Diff to previous 1.36 (colored) to selected 1.21 (colored)
Add SHA512 digests for distfiles for security category Problems found locating distfiles: Package f-prot-antivirus6-fs-bin: missing distfile fp-NetBSD.x86.32-fs-6.2.3.tar.gz Package f-prot-antivirus6-ws-bin: missing distfile fp-NetBSD.x86.32-ws-6.2.3.tar.gz Package libidea: missing distfile libidea-0.8.2b.tar.gz Package openssh: missing distfile openssh-7.1p1-hpn-20150822.diff.bz2 Package uvscan: missing distfile vlp4510e.tar.Z Otherwise, existing SHA1 digests verified and found to be the same on the machine holding the existing distfiles (morden). All existing SHA1 digests retained for now as an audit trail.
Revision 1.36 / (download) - annotate - [select for diffs], Wed Sep 9 18:15:34 2015 UTC (8 years, 7 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2015Q3-base,
pkgsrc-2015Q3
Changes since 1.35: +5 -8
lines
Diff to previous 1.35 (colored) to selected 1.21 (colored)
Update security/gnupg2 to 2.0.29. While here, clean up patches. They looked pretty cargo-culty to me and were not commented. File a bug report for one of the remaining ones and link to it from comment. Changes in 2.0.29: Noteworthy changes in version 2.0.29 (2015-09-08) ------------------------------------------------- * gpg: Print a PGP-2 fingerprint again instead of a row of "0". * gpg: Fixed a race condition from multiple several "gpg --verify". * gpg: Print FAILURE status lines to help GPGME. * gpgsm: Fixed a regression in CSR generation. * scdaemon: Fixed problems with some pinpads. * Fixed a few other bugs.
Revision 1.35 / (download) - annotate - [select for diffs], Wed Jun 3 21:00:39 2015 UTC (8 years, 10 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2015Q2-base,
pkgsrc-2015Q2
Changes since 1.34: +4 -4
lines
Diff to previous 1.34 (colored) to selected 1.21 (colored)
Update to 2.0.28: Noteworthy changes in version 2.0.28 (2015-06-02) ------------------------------------------------- * agent: Added support for an external password manager. * gpg: New command --list-gcrypt-config. * gpg: Issue NEWSIG status lines during signature verification. * gpgsm: The default hash algo for a CSR is now SHA-256 and the default encryption algo is AES-128. * scdaemon: Allow PC/SC reader selection by partial name match. * gpgtar: Fix extracting files with a size of a multiple of 512. * Fixed several other bugs. * Libgcrypt 1.5 is now required.
Revision 1.34 / (download) - annotate - [select for diffs], Sat Feb 21 09:08:53 2015 UTC (9 years, 1 month ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2015Q1-base,
pkgsrc-2015Q1
Changes since 1.33: +4 -4
lines
Diff to previous 1.33 (colored) to selected 1.21 (colored)
Update to 2.0.27: Noteworthy changes in version 2.0.27 (2015-02-18) ------------------------------------------------- * gpg: Detect faulty use of --verify on detached signatures. * gpg: New import option "keep-ownertrust". * gpg: Uses SHA-256 for all signature types also on RSA keys. * gpg: Added support for algo names when generating keys using the --command-fd method. * gpg: Unless --allow-weak-digest-algos is used the insecure MD5 based fingerprints are shown as all zeroe * gpg: Fixed DoS based on bogus and overlong key packets. * gpg: Better error reporting for keyserver problems. * Fixed several bugs related to bogus keyrings and improved some other code.
Revision 1.33 / (download) - annotate - [select for diffs], Thu Jan 15 20:59:59 2015 UTC (9 years, 3 months ago) by wiz
Branch: MAIN
Changes since 1.32: +2 -1
lines
Diff to previous 1.32 (colored) to selected 1.21 (colored)
Fix executable name in gpgkey2ssh tool. From ISIHARA Takanori in PR 49576. Bump PKGREVISION.
Revision 1.32 / (download) - annotate - [select for diffs], Sat Aug 16 12:14:28 2014 UTC (9 years, 8 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2014Q4-base,
pkgsrc-2014Q4,
pkgsrc-2014Q3-base,
pkgsrc-2014Q3
Changes since 1.31: +4 -4
lines
Diff to previous 1.31 (colored) to selected 1.21 (colored)
Update to 2.0.26: Noteworthy changes in version 2.0.26 (2014-08-12) ------------------------------------------------- * gpg: Fix a regression in 2.0.24 if a subkey id is given to --recv-keys et al. * gpg: Cap attribute packets at 16MB. * gpgsm: Auto-create the ".gnupg" home directory in the same way gpg does. * scdaemon: Allow for certificates > 1024 when using PC/SC.
Revision 1.31 / (download) - annotate - [select for diffs], Tue Jul 22 11:30:00 2014 UTC (9 years, 9 months ago) by wiz
Branch: MAIN
Changes since 1.30: +4 -4
lines
Diff to previous 1.30 (colored) to selected 1.21 (colored)
Update to 2.0.25. Rename gpgsm option to gnupg2-gpgsm. Noteworthy changes in version 2.0.25 (2014-06-30) ------------------------------------------------- * gpg: Fix a regression in 2.0.24 if more than one keyid is given to --recv-keys et al. * gpg: Cap RSA and Elgamal keysize at 4096 bit also for unattended key generation. * gpgsm: Fix a DISPLAY related problem with --export-secret-key-p12. * scdaemon: Support reader Gemalto IDBridge CT30.
Revision 1.30 / (download) - annotate - [select for diffs], Tue Jun 24 21:53:14 2014 UTC (9 years, 9 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2014Q2-base,
pkgsrc-2014Q2
Changes since 1.29: +4 -4
lines
Diff to previous 1.29 (colored) to selected 1.21 (colored)
Update to 2.0.24, security fix:
Noteworthy changes in version 2.0.24 (2014-06-24)
-------------------------------------------------
* gpg: Avoid DoS due to garbled compressed data packets.
* gpg: Screen keyserver responses to avoid importing unwanted keys
from rogue servers.
* gpg: The validity of user ids is now shown by default. To revert
this add "list-options no-show-uid-validity" to gpg.conf.
* gpg: Print more specific reason codes with the INV_RECP status.
* gpg: Allow loading of a cert only key to an OpenPGP card.
* gpg-agent: Make ssh support for ECDSA keys work with Libgcrypt 1.6.
Noteworthy changes in version 2.0.23 (2014-06-03)
-------------------------------------------------
* gpg: Reject signatures made using the MD5 hash algorithm unless the
new option --allow-weak-digest-algos or --pgp2 are given.
* gpg: Do not create a trustdb file if --trust-model=always is used.
* gpg: Only the major version number is by default included in the
armored output.
* gpg: Print a warning if the Gnome-Keyring-Daemon intercepts the
communication with the gpg-agent.
* gpg: The format of the fallback key listing ("gpg KEYFILE") is now more
aligned to the regular key listing ("gpg -k").
* gpg: The option--show-session-key prints its output now before the
decryption of the bulk message starts.
* gpg: New %U expando for the photo viewer.
* gpgsm: Improved handling of re-issued CA certificates.
* scdaemon: Various fixes for pinpad equipped card readers.
* Minor bug fixes.
Revision 1.28.2.1 / (download) - annotate - [select for diffs], Sat Oct 5 16:11:10 2013 UTC (10 years, 6 months ago) by spz
Branch: pkgsrc-2013Q3
Changes since 1.28: +4 -4
lines
Diff to previous 1.28 (colored) next main 1.29 (colored) to selected 1.21 (colored)
Pullup ticket #4239 - requested by wiz
security/gnupg2: security update
Revisions pulled up:
- security/gnupg2/Makefile 1.48
- security/gnupg2/distinfo 1.29
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: wiz
Date: Sat Oct 5 13:20:03 UTC 2013
Modified Files:
pkgsrc/security/gnupg2: Makefile distinfo
Log Message:
Update to 2.0.22:
Noteworthy changes in version 2.0.22 (2013-10-04)
-------------------------------------------------
* Fixed possible infinite recursion in the compressed packet
parser. [CVE-2013-4402]
* Improved support for some card readers.
* Prepared building with the forthcoming Libgcrypt 1.6.
* Protect against rogue keyservers sending secret keys.
To generate a diff of this commit:
cvs rdiff -u -r1.47 -r1.48 pkgsrc/security/gnupg2/Makefile
cvs rdiff -u -r1.28 -r1.29 pkgsrc/security/gnupg2/distinfo
Revision 1.29 / (download) - annotate - [select for diffs], Sat Oct 5 13:20:03 2013 UTC (10 years, 6 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2014Q1-base,
pkgsrc-2014Q1,
pkgsrc-2013Q4-base,
pkgsrc-2013Q4
Changes since 1.28: +4 -4
lines
Diff to previous 1.28 (colored) to selected 1.21 (colored)
Update to 2.0.22: Noteworthy changes in version 2.0.22 (2013-10-04) ------------------------------------------------- * Fixed possible infinite recursion in the compressed packet parser. [CVE-2013-4402] * Improved support for some card readers. * Prepared building with the forthcoming Libgcrypt 1.6. * Protect against rogue keyservers sending secret keys.
Revision 1.28 / (download) - annotate - [select for diffs], Mon Sep 2 16:52:04 2013 UTC (10 years, 7 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2013Q3-base
Branch point for: pkgsrc-2013Q3
Changes since 1.27: +4 -5
lines
Diff to previous 1.27 (colored) to selected 1.21 (colored)
Update to 2.0.21: Noteworthy changes in version 2.0.21 (2013-08-19) ------------------------------------------------- * gpg-agent: By default the users are now asked via the Pinentry whether they trust an X.509 root key. To prohibit interactive marking of such keys, the new option --no-allow-mark-trusted may be used. * gpg-agent: The command KEYINFO has options to add info from sshcontrol. * The included ssh agent does now support ECDSA keys. * The new option --enable-putty-support allows gpg-agent to act on Windows as a Pageant replacement with full smartcard support. * Support installation as portable application under Windows.
Revision 1.27 / (download) - annotate - [select for diffs], Wed May 29 22:53:36 2013 UTC (10 years, 10 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2013Q2-base,
pkgsrc-2013Q2
Changes since 1.26: +4 -4
lines
Diff to previous 1.26 (colored) to selected 1.21 (colored)
Update to 2.0.20: Noteworthy changes in version 2.0.20 (2013-05-10) ------------------------------------------------- * Decryption using smartcards keys > 3072 bit does now work. * New meta option ignore-invalid-option to allow using the same option file by other GnuPG versions. * gpg: The hash algorithm is now printed for sig records in key listings. * gpg: Skip invalid keyblock packets during import to avoid a DoS. * gpg: Correctly handle ports from DNS SRV records. * keyserver: Improve use of SRV records * gpg-agent: Avoid tty corruption when killing pinentry. * scdaemon: Improve detection of card insertion and removal. * scdaemon: Rename option --disable-keypad to --disable-pinpad. * scdaemon: Better support for CCID readers. Now, the internal CCID driver supports readers without the auto configuration feature. * scdaemon: Add pinpad input for PC/SC, if your reader has pinpad and it supports variable length PIN input, and you specify --enable-pinpad-varlen option. * scdaemon: New option --enable-pinpad-varlen. * scdaemon: Install into libexecdir to avoid accidental execution from the command line. * Support building using w64-mingw32. * Assorted bug fixes.
Revision 1.25.6.1 / (download) - annotate - [select for diffs], Fri Jan 18 16:43:23 2013 UTC (11 years, 3 months ago) by tron
Branch: pkgsrc-2012Q4
Changes since 1.25: +2 -1
lines
Diff to previous 1.25 (colored) next main 1.26 (colored) to selected 1.21 (colored)
Pullup ticket #4029 - requested by drochner
security/gnupg2: security patch
Revisions pulled up:
- security/gnupg2/Makefile 1.42
- security/gnupg2/distinfo 1.26
- security/gnupg2/patches/patch-CVE-2012-6085 1.1
---
Module Name: pkgsrc
Committed By: drochner
Date: Tue Jan 15 11:21:50 UTC 2013
Modified Files:
pkgsrc/security/gnupg2: Makefile distinfo
Added Files:
pkgsrc/security/gnupg2/patches: patch-CVE-2012-6085
Log Message:
add patch from upstream to fix possible keyring corruption
on import of corrupted keys (CVE-2012-6085), bump PKGREV
from "Bug Hunting" per PR pkg/47442
Revision 1.26 / (download) - annotate - [select for diffs], Tue Jan 15 11:21:50 2013 UTC (11 years, 3 months ago) by drochner
Branch: MAIN
CVS Tags: pkgsrc-2013Q1-base,
pkgsrc-2013Q1
Changes since 1.25: +2 -1
lines
Diff to previous 1.25 (colored) to selected 1.21 (colored)
add patch from upstream to fix possible keyring corruption on import of corrupted keys (CVE-2012-6085), bump PKGREV from "Bug Hunting" per PR pkg/47442
Revision 1.25 / (download) - annotate - [select for diffs], Tue Apr 17 18:35:33 2012 UTC (12 years ago) by drochner
Branch: MAIN
CVS Tags: pkgsrc-2012Q4-base,
pkgsrc-2012Q3-base,
pkgsrc-2012Q3,
pkgsrc-2012Q2-base,
pkgsrc-2012Q2
Branch point for: pkgsrc-2012Q4
Changes since 1.24: +4 -6
lines
Diff to previous 1.24 (colored) to selected 1.21 (colored)
update to 2.0.19 changes: -cmd line UI improvements -Ukrainian translation
Revision 1.24 / (download) - annotate - [select for diffs], Mon Sep 12 17:38:33 2011 UTC (12 years, 7 months ago) by drochner
Branch: MAIN
CVS Tags: pkgsrc-2012Q1-base,
pkgsrc-2012Q1,
pkgsrc-2011Q4-base,
pkgsrc-2011Q4,
pkgsrc-2011Q3-base,
pkgsrc-2011Q3
Changes since 1.23: +2 -1
lines
Diff to previous 1.23 (colored) to selected 1.21 (colored)
fix configure check for libcurl, from John Marshall on the gnupg-devel mailing list bump PKGREV
Revision 1.23 / (download) - annotate - [select for diffs], Thu Aug 11 10:46:10 2011 UTC (12 years, 8 months ago) by adam
Branch: MAIN
Changes since 1.22: +4 -4
lines
Diff to previous 1.22 (colored) to selected 1.21 (colored)
Changes 2.0.18: * Bug fix for newer versions of Libgcrypt. * Support the SSH confirm flag and show SSH fingerprints in ssh related pinentries. * Improved dirmngr/gpgsm interaction for OCSP. * Allow generation of card keys up to 4096 bit.
Revision 1.22 / (download) - annotate - [select for diffs], Thu May 5 08:55:23 2011 UTC (12 years, 11 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2011Q2-base,
pkgsrc-2011Q2
Changes since 1.21: +2 -3
lines
Diff to previous 1.21 (colored)
Fix buildling with Clang
Revision 1.21 / (download) - annotate - [selected], Thu Jan 20 08:54:56 2011 UTC (13 years, 3 months ago) by adam
Branch: MAIN
CVS Tags: pkgsrc-2011Q1-base,
pkgsrc-2011Q1
Changes since 1.20: +8 -9
lines
Diff to previous 1.20 (colored)
Changes 2.0.17: * Allow more hash algorithms with the OpenPGP v2 card. * The gpg-agent now tests for a new gpg-agent.conf on a HUP. * Fixed output of "gpgconf --check-options". * Fixed a bug where Scdaemon sends a signal to Gpg-agent running in non-daemon mode. * Fixed TTY management for pinentries and session variable update problem.
Revision 1.20 / (download) - annotate - [select for diffs], Thu Sep 2 06:58:35 2010 UTC (13 years, 7 months ago) by obache
Branch: MAIN
CVS Tags: pkgsrc-2010Q4-base,
pkgsrc-2010Q4,
pkgsrc-2010Q3-base,
pkgsrc-2010Q3
Changes since 1.19: +3 -2
lines
Diff to previous 1.19 (colored) to selected 1.21 (colored)
Some fixes at update to 2.0.16. * not using autogen.sh anymore, so remove some tools from USE_TOOLS. * patch-ak does not effect anymore for above reason, add patch-ao for it. this patch is required to avoid conflict with security/gnupg. Bump PKGREVISION.
Revision 1.19 / (download) - annotate - [select for diffs], Wed Sep 1 16:46:41 2010 UTC (13 years, 7 months ago) by drochner
Branch: MAIN
Changes since 1.18: +4 -12
lines
Diff to previous 1.18 (colored) to selected 1.21 (colored)
update to 2.0.16 changes: -bugfixes -New command --passwd for GPG -Make use of libassuan 2.0 which is available as a DSO -The gpg-agent commands KILLAGENT and RELOADAGENT are now available on all platforms
Revision 1.17.4.1 / (download) - annotate - [select for diffs], Sun Aug 8 16:42:51 2010 UTC (13 years, 8 months ago) by spz
Branch: pkgsrc-2010Q2
Changes since 1.17: +2 -1
lines
Diff to previous 1.17 (colored) next main 1.18 (colored) to selected 1.21 (colored)
Pullup ticket 3199 - requested by gls
security patch
Revisions pulled up:
- pkgsrc/security/gnupg2/Makefile 1.30
- pkgsrc/security/gnupg2/distinfo 1.18
Files added:
pkgsrc/security/gnupg2/patches/patch-an
-------------------------------------------------------------------------
Module Name: pkgsrc
Committed By: drochner
Date: Tue Aug 3 19:14:42 UTC 2010
Modified Files:
pkgsrc/security/gnupg2: Makefile distinfo
Added Files:
pkgsrc/security/gnupg2/patches: patch-an
Log Message:
add patch from upstream to fix a possible use-after-free problem
(CVE-2010-2547), bump PKGREVISION
To generate a diff of this commit:
cvs rdiff -u -r1.29 -r1.30 pkgsrc/security/gnupg2/Makefile
cvs rdiff -u -r1.17 -r1.18 pkgsrc/security/gnupg2/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/security/gnupg2/patches/patch-an
Revision 1.18 / (download) - annotate - [select for diffs], Tue Aug 3 19:14:42 2010 UTC (13 years, 8 months ago) by drochner
Branch: MAIN
Changes since 1.17: +2 -1
lines
Diff to previous 1.17 (colored) to selected 1.21 (colored)
add patch from upstream to fix a possible use-after-free problem (CVE-2010-2547), bump PKGREVISION
Revision 1.17 / (download) - annotate - [select for diffs], Wed Feb 3 10:58:11 2010 UTC (14 years, 2 months ago) by drochner
Branch: MAIN
CVS Tags: pkgsrc-2010Q2-base,
pkgsrc-2010Q1-base,
pkgsrc-2010Q1
Branch point for: pkgsrc-2010Q2
Changes since 1.16: +2 -1
lines
Diff to previous 1.16 (colored) to selected 1.21 (colored)
add a patch from upstream CVS to fix a bug which could make keys unusable on passphrase changes bump PKGREVISION
Revision 1.16 / (download) - annotate - [select for diffs], Fri Jan 15 20:15:07 2010 UTC (14 years, 3 months ago) by drochner
Branch: MAIN
Changes since 1.15: +4 -7
lines
Diff to previous 1.15 (colored) to selected 1.21 (colored)
update to 2.0.14 changes: * The default for --include-cert is now to include all certificates in the chain except for the root certificate. * Numerical values may now be used as an alternative to the debug-level keywords. * The GPGSM --audit-log feature is now more complete. * GPG now supports DNS lookups for SRV, PKA and CERT on W32. * New GPGSM option --ignore-cert-extension. * New and changed passphrases are now created with an iteration count requiring about 100ms of CPU work.
Revision 1.15 / (download) - annotate - [select for diffs], Fri Dec 18 17:49:51 2009 UTC (14 years, 4 months ago) by drochner
Branch: MAIN
CVS Tags: pkgsrc-2009Q4-base,
pkgsrc-2009Q4
Changes since 1.14: +2 -1
lines
Diff to previous 1.14 (colored) to selected 1.21 (colored)
kill the "idea" option -- gnupg2 uses libgcrypt which used to have an "idea" option, but that was removed more than a year ago when it got updated from 1.2 to 1.4 The patch was was used on gnupg2 in the "idea" case was just a four-line memory initialization fix, there is no point in LICENSE restrictions due to this, so I've pulled it in as regular patch so that it doesn't get lost for the case someone fixes idea support in libgcrypt (which isn't hard).
Revision 1.14 / (download) - annotate - [select for diffs], Wed Dec 16 18:52:49 2009 UTC (14 years, 4 months ago) by drochner
Branch: MAIN
Changes since 1.13: +2 -1
lines
Diff to previous 1.13 (colored) to selected 1.21 (colored)
don't install the gpg-zip.1 manpage, avoids CONFLICT with gnupg1, noticed by OBATA Akio per mail to pkgsrc-users. This makes most sense to me since gnupg2 doesn't install a gpg-zip intentionally. Since possible clients of gpg-zip should have a dependency on gnupg1, we can't take over easily. Once we are sure that gnupg2 can fully replace gnupg1, we might consider to install eg symlinks gpg->gpg2 etc and make gnupg1 obsolete, but this needs careful testing.
Revision 1.13 / (download) - annotate - [select for diffs], Wed Dec 16 09:09:06 2009 UTC (14 years, 4 months ago) by wiz
Branch: MAIN
Changes since 1.12: +4 -1
lines
Diff to previous 1.12 (colored) to selected 1.21 (colored)
Add checksum for idea patch.
Revision 1.12 / (download) - annotate - [select for diffs], Tue Dec 15 20:10:41 2009 UTC (14 years, 4 months ago) by drochner
Branch: MAIN
Changes since 1.11: +9 -9
lines
Diff to previous 1.11 (colored) to selected 1.21 (colored)
update to 2.0.13 changes: many fixes and improvements reviewed by John R. Shannon pkgsrc notes: -since S/MIME support is the biggest difference in functionality over gnupg1, enable it per default -- my tests (with the s/mime plugin of claws-mail) worked -left the build against a private libassuan with GNU-pth support alone for now, just updated libassuan to 1.0.5. We might build pkgsrc/libassuan against pkgsrc/pth at some point, but this needs to be checked for side effects. (As this pkg doesn't export a library which might propagate the pth dependency, the possibility of pthread-pth conflicts should be limited. Other uses of libassuan need to be checked.)
Revision 1.11 / (download) - annotate - [select for diffs], Mon Apr 28 14:54:27 2008 UTC (15 years, 11 months ago) by shannonjr
Branch: MAIN
CVS Tags: pkgsrc-2009Q3-base,
pkgsrc-2009Q3,
pkgsrc-2009Q2-base,
pkgsrc-2009Q2,
pkgsrc-2009Q1-base,
pkgsrc-2009Q1,
pkgsrc-2008Q4-base,
pkgsrc-2008Q4,
pkgsrc-2008Q3-base,
pkgsrc-2008Q3,
pkgsrc-2008Q2-base,
pkgsrc-2008Q2,
cwrapper,
cube-native-xorg-base,
cube-native-xorg
Changes since 1.10: +9 -9
lines
Diff to previous 1.10 (colored) to selected 1.21 (colored)
Update to 2.0.9. Changes: * Enhanced gpg-connect-agent with a small scripting language. * New option --list-config for gpgconf. * Fixed a crash in gpgconf. * The envvars XAUTHORITY and PINENTRY_USER_DATA are now passed to the pinentry. * Fixed the auto creation of the key stub for smartcards. * Fixed a rare bug in decryption using the OpenPGP card. * Creating DSA2 keys is now possible. * New option --extra-digest-algo for gpgsm to allow verification of broken signatures. * Allow encryption with legacy Elgamal sign+encrypt keys with option --rfc2440.
Revision 1.10 / (download) - annotate - [select for diffs], Wed Nov 7 15:24:26 2007 UTC (16 years, 5 months ago) by shannonjr
Branch: MAIN
CVS Tags: pkgsrc-2008Q1-base,
pkgsrc-2008Q1,
pkgsrc-2007Q4-base,
pkgsrc-2007Q4
Changes since 1.9: +8 -11
lines
Diff to previous 1.9 (colored) to selected 1.21 (colored)
Update to 2.0.7. This is maintenance release with a few minor enhancements. Changes: * Fixed encryption problem if duplicate certificates are in the keybox. * Add new options min-passphrase-nonalpha, check-passphrase-pattern, enforce-passphrase-constraints and max-passphrase-days to gpg-agent. * Add command --check-components to gpgconf. Gpgconf now uses the installed versions of the programs and does not anymore search via PATH for them.
Revision 1.9 / (download) - annotate - [select for diffs], Wed Aug 29 23:19:07 2007 UTC (16 years, 7 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2007Q3-base,
pkgsrc-2007Q3
Changes since 1.8: +7 -4
lines
Diff to previous 1.8 (colored) to selected 1.21 (colored)
Update to 2.0.6. Add support for idea option. From Blair Sadewitz on tech-pkg. Noteworthy changes in version 2.0.6 (2007-08-16) ------------------------------------------------ * GPGSM does now grok --default-key. * GPGCONF is now aware of --default-key and --encrypt-to. * GPGSM does again correctly print the serial number as well the the various keyids. This was broken since 2.0.4. * New option --validation-model and support for the chain-model. * Improved Windows support.
Revision 1.8 / (download) - annotate - [select for diffs], Sat Aug 4 12:00:02 2007 UTC (16 years, 8 months ago) by shannonjr
Branch: MAIN
Changes since 1.7: +9 -12
lines
Diff to previous 1.7 (colored) to selected 1.21 (colored)
Update to Version 2.0.5. Changes: * Switched license to GPLv3. * Fixed bug when using the --p12-charset without --armor. * The command --gen-key may now be used instead of the gpgsm-gencert.sh script. * Changed key generation to reveal less information about the machine. Bug fixes for gpg2's card key generation.
Revision 1.7 / (download) - annotate - [select for diffs], Sat May 12 11:08:31 2007 UTC (16 years, 11 months ago) by shannonjr
Branch: MAIN
CVS Tags: pkgsrc-2007Q2-base,
pkgsrc-2007Q2
Changes since 1.6: +11 -11
lines
Diff to previous 1.6 (colored) to selected 1.21 (colored)
Update to Version 2.0.4. Changes are not described in release announcement.
Revision 1.6 / (download) - annotate - [select for diffs], Mon Feb 5 11:43:01 2007 UTC (17 years, 2 months ago) by shannonjr
Branch: MAIN
CVS Tags: pkgsrc-2007Q1-base,
pkgsrc-2007Q1
Changes since 1.5: +6 -6
lines
Diff to previous 1.5 (colored) to selected 1.21 (colored)
Update to Version 2.0.2. This is maintenance release to fix build problems found after the release of 2.0.1. There are also some minor enhancements.
Revision 1.5 / (download) - annotate - [select for diffs], Mon Dec 18 07:14:51 2006 UTC (17 years, 4 months ago) by smb
Branch: MAIN
CVS Tags: pkgsrc-2006Q4-base,
pkgsrc-2006Q4
Changes since 1.4: +2 -1
lines
Diff to previous 1.4 (colored) to selected 1.21 (colored)
Fix invocation of /usr/bin/install to take out $(SHELL)
Revision 1.4 / (download) - annotate - [select for diffs], Tue Dec 12 13:11:35 2006 UTC (17 years, 4 months ago) by shannonjr
Branch: MAIN
Changes since 1.3: +5 -5
lines
Diff to previous 1.3 (colored) to selected 1.21 (colored)
Update to 2.0.1. This is maintenance release to fix build problems found after the release of 2.0.0 and to fix a buffer overflow in gpg2
Revision 1.3 / (download) - annotate - [select for diffs], Sat Dec 9 13:39:28 2006 UTC (17 years, 4 months ago) by shannonjr
Branch: MAIN
Changes since 1.2: +2 -1
lines
Diff to previous 1.2 (colored) to selected 1.21 (colored)
Added patch fixing [CVE-2006-6235] remotely controllable function pointer.
Revision 1.2 / (download) - annotate - [select for diffs], Mon Nov 27 20:37:20 2006 UTC (17 years, 4 months ago) by shannonjr
Branch: MAIN
Changes since 1.1: +2 -1
lines
Diff to previous 1.1 (colored) to selected 1.21 (colored)
"While fixing a bug reported by Hugh Warrington, a buffer overflow has been identified in all released GnuPG versions. Exploiting this overflow seems to be possible. Apply the following patch to GnuPG." 2006-11-27 Werner Koch <wk@g10code.com> gnupg2 has been patched accordingly.
Revision 1.1.1.1 / (download) - annotate - [select for diffs] (vendor branch), Fri Nov 17 12:13:11 2006 UTC (17 years, 5 months ago) by shannonjr
Branch: TNF
CVS Tags: SHANNONJR_20061117
Changes since 1.1: +0 -0
lines
Diff to previous 1.1 (colored) to selected 1.21 (colored)
This package is the sucessor to gnupg-devel. GnuPG-2 provides several utilities that are used by mail clients, such as Kmail and Balsa, including OpenPGP and S/MIME support. GnuPG-2 has a different architecture than GnuPG-1 (e.g. 1.4.5) in that it splits up functionality into several modules. However, both versions may be installed alongside without any conflict. In fact, the gpg version from GnuPG-1 is able to make use of the gpg-agent as included in GnuPG-2 and allows for seamless passphrase caching. The advantage of GnuPG-1 is its smaller size and the lack of dependency on other modules at run and build time.
Revision 1.1 / (download) - annotate - [select for diffs], Fri Nov 17 12:13:11 2006 UTC (17 years, 5 months ago) by shannonjr
Branch: MAIN
Diff to selected 1.21 (colored)
Initial revision