|
|
|
|
Changelog for gnome-keyring-lang-40.0-2.1.noarch.rpm :
* Sat Apr 17 2021 Dominique Leuenberger - Update to version 40.0: + Update libcap-ng capability handling. + UPdated translations. * Wed Apr 29 2020 Michael Gorse - Enable FIPS patches on Leap (jsc#SLE-11880). * Sat Mar 28 2020 bjorn.lieAATTgmail.com- Update to version 3.36.0: + Updated translations. * Sat Mar 28 2020 Dominique Leuenberger - Update to version 3.35.90: + Use shorter strings for prompt titles. + pam: Provide more insight from pam_gnome_keyring about unlocking. + Don\'t use GTimeVal/g_get_current_time(). + Don\'t use g_type_class_add_private(). + Build fixes. * Sat Mar 28 2020 Dominique Leuenberger - Update to version 3.35.1: + dbus: Implement secret portal backend. + Updated translations. * Tue Mar 24 2020 Cor Blom - According to the warning in the spec file baselibs.conf should be updated when the scriptlet for pam-config is changed. This was not done when the change was made to open the keyring also with sddm (see boo#1167321). * Sat Jan 25 2020 Dominique Leuenberger - No longer recommend -lang: supplements are in use * Mon Sep 30 2019 Bjørn Lie - Update to version 3.34.0: + dbus-environment: Race fix in Setenv request to gnome-session. + egg: Request that secure memory not be dumped to disk. + Build and test fixes. + Updated translations.- Refresh gnome-keyring-pam-auth-prompt-password.patch with quilt. * Sat Mar 02 2019 Bjørn Lie - Update to version 3.31.91: + pam: fix daemon control file detection. + Updated translations. * Thu Feb 21 2019 bjorn.lieAATTgmail.com- Update to version 3.31.90: + pam: lookup XDG_RUNTIME_DIR using get_any_env. + Reinstate pkcs11 module for specific programs. + Build fixes. + Updated translations.- Rebase patches via refresh_patches service. * Thu Oct 11 2018 Luiz Angelo Daros de Luca - Allow pam to open keyring when using sddm * Mon May 07 2018 bjorn.lieAATTgmail.com- Update to version 3.28.2: + Fix glitches in ssh-agent (bgo#795699). + Updated translations. * Mon Apr 23 2018 hpjAATTsuse.com- Update gnome-keyring-bsc932232-use-libgcrypt-allocators.patch to allow using more memory than the maximum lockable amount (bsc#1085983). * Mon Mar 26 2018 luc14n0AATTlinuxmail.org- Update to version 3.28.0.2: + Fix glitches in ssh-agent (bgo#794361, bgo#794368, bgo#794369, bgo#794500, bgo#794631). * Tue Mar 20 2018 dimstarAATTopensuse.org- Unconditionally enable translation-update-upstream: on Tumbleweed, this results in a NOP and for Leap in SLE paid translations being used (boo#1086036). * Tue Mar 13 2018 dimstarAATTopensuse.org- Update to version 3.28.0.1: + Fix linking with \"-z defs\" (bgo#794274). * Mon Mar 12 2018 dimstarAATTopensuse.org- Update to version 3.28.0: + Fix TAP test driver. * Mon Mar 05 2018 dimstarAATTopensuse.org- Update to version 3.27.92: + Wrap stock ssh-agent from OpenSSH (bgo#775981). + Stop installing p11-kit configuration file for the PKCS#11 module (bgo#791401). + Updated translations.- Add openssh BuildRequires: needed for ssh-agent wrapper. * Wed Feb 28 2018 dimstarAATTopensuse.org- Modernize spec-file by calling spec-cleaner * Fri Jan 12 2018 luc14n0AATTlinuxmail.org- Update to version 3.27.4: + Add support for SHA2 extension for RSA signatures in ssh-agent (bgo#790910). + Build fixes (bgo#792278, bgo#787387). + Updated translations.- Rebase gnome-keyring-pam-auth-prompt-password.patch.- Adopt the use of %make_build macro rather than raw make command, following the best practices.- Drop intltool BuildRequires: after upstream porting to Gettext, this is no longer needed.- Point fdupes to the data directory instead of the build root, which is a practice that must be avoided. * Fri Nov 10 2017 luc14n0AATTlinuxmail.org- Update to version 3.27.2: + Add support for ECDSA in ssh-agent (bgo#641082). + Wipe passwords stored by the PAM module (bgo#781486). + Fix: - Shared key derivation between libsecret and gnome-keyring (bgo#778357). - Erroneous handling of partial writes in write_sync_close (bgo#778269). + Set CKF_LOGIN_REQUIRED flag in ssh-module. + Build and testing fixes (bgo#774312, bgo#781785). + Updated translations.- Update Url to https://wiki.gnome.org/Projects/GnomeKeyring: current GNOME Keyring\'s project web page.- Add conditional use to translation-update-upstream: SLE-only requirement.- Drop gnome-keyring-secret-size.patch: fixed upstream.- Drop pristine macros for choosing number of jobs in %build section and adopting %{?_smp_mflags} instead.- Drop %glib2_gsettings_schema_ *, %desktop_database_ * post/postun scriptlets and %glib2_gsettings_schema_requires macro: the functionality is covered by file triggers now.- Drop %clean section since its use is deprecated now.- Separate SLE-only patches from the others. Now they start at the number 1000. * Thu Jul 20 2017 mgorseAATTsuse.com- Drop unneeded part of gnome-keyring-bsc932232-use-non-fips-md5.patch, to match what we have in SLE. * Mon Jul 17 2017 dimstarAATTopensuse.org- Add gnome-keyring-secret-size.patch: Ensure that generated secret occupies the same number of bytes as prime. Eliminates random errors while libsecret tries to talk to gnome-keyring (bgo#778357, bsc#1043861). * Tue Jul 04 2017 zaitorAATTopensuse.org- Update to version 3.20.1: + Fix boolean logic error in ssh-agent. + Pass the correct argc to gkr_pam_client_run_operation (bgo#766222). + Look for both dlopen and dlsym when configuring (bgo#766221). + Fix .so link in gnome-keyring-3 man page (bgo#767095). + Die if the XDG session we were started under goes away (bgo#768943). + Shorten unlock keyring dialog title (bgo#770170). + Updated translations.- Drop gnome-keyring-896818-reduce-head-msg-length.patch: Fixed upstream. * Wed Jun 21 2017 hpjAATTsuse.com- Add gnome-keyring-bsc1039461-pam-man-page.patch (bsc#1039461, bgo#784051), which adds a man page for the PAM module. In order for a new Makefile.in to be generated from the patched Makefile.am, automake was added to BuildRequires, and autoreconf will now be run prior to configure. * Thu Oct 06 2016 hpjAATTsuse.com- Update gnome-keyring-bsc932232-use-non-fips-md5.patch to fix issue that was reintroduced (bsc#966229, bsc#966225, bsc#994988). * Sat Aug 20 2016 fezhangAATTsuse.com- Merge bnc#903966-SEGV-in-gnome-keyring-daemon-caused-by-calling-free-on-static-string.patch into gnome-keyring-896818-reduce-head-msg-length.patch: bsc#903966 is just a regression caused by bsc#896818 anyway (bsc#896818, bsc#903966, bgo#770170). * Wed May 04 2016 hpjAATTsuse.com- Rebase gnome-keyring-bsc932232-use-non-fips-md5.patch for version 3.20.0 (bsc#932232, bsc#966229, bsc#966225).- Drop gnome-keyring-bsc961271-secmem-mismatch.patch (fixed upstream). * Fri Mar 25 2016 zaitorAATTopensuse.org- Update to version 3.20.0: + Updated translations. * Thu Mar 03 2016 hpjAATTsuse.com- Update gnome-keyring-bsc932232-use-non-fips-md5.patch (bsc#966229, bsc#966225). Fixes inability to decrypt private ssh keys and corruption in stored keyrings. Fix by Michal Koutny . * Wed Feb 17 2016 zaitorAATTopensuse.org- Update to version 3.19.90: + Accept empty passwords for --unlock (bgo#762095). + srcdir != builddir fixes. + Updated translations. * Tue Jan 19 2016 dimstarAATTopensuse.org- Update to version 3.19.4: + Fix up startup and initialization (bgo#756324). + Fix DBus \"Type\" property of org.freedesktop.Secret.Item (bgo#759399). + Build fixes (bgo#753698). + Updated translations. * Tue Jan 19 2016 dimstarAATTopensuse.org- boo#962480: Add mdm as valid display manager to unlock gkr. * Tue Jan 12 2016 hpjAATTsuse.com- Add gnome-keyring-bsc961271-secmem-mismatch.patch (bsc#961271). This fixes a crash caused by mixed calls to egg_secure_free() and gcry_free(). * Thu Nov 26 2015 hpjAATTsuse.com- Add gnome-keyring-bsc932232-use-libgcrypt-allocators.patch and gnome-keyring-bsc932232-use-non-fips-md5.patch (bsc#932232). * Sat Oct 31 2015 zaitorAATTopensuse.org- Update to version 3.18.3: + Fix regression looking up secrets in non-default keyring (bgo#756865). + Fix manpage typos (bgo#756812). + Updated translations.- Drop gnome-keyring-dbus-handle-alias-paths-in-lookup_collection.patch: Fixed upstream. * Mon Oct 26 2015 zaitorAATTopensuse.org- Add gnome-keyring-dbus-handle-alias-paths-in-lookup_collection.patch: Fix firefox passwordmanager coupled with non-default keyring, also silence a bit of logspam (bgo#756865). * Tue Oct 20 2015 zaitorAATTopensuse.org- Update to version 3.18.2: + Fix regression in ported GDBus prompting (bgo#756032). + Other minor fixes. * Sat Oct 17 2015 zaitorAATTopensuse.org- Update to version 3.18.1: + Fix regression initializing gnome-keyring-daemon (bgo#756059). + Fix regression racing for DBus name during startup (bgo#756006). + Build and testing fixes (bgo#755873). + Updated translations. * Tue Sep 29 2015 zaitorAATTopensuse.org- Update to version 3.18.0: + Fix test crash (bgo#731802). * Sat Sep 05 2015 zaitorAATTopensuse.org- Update to version 3.17.91: + More fixes for GDBus migration (bgo#622905). + Fix a memory leak (bgo#752919). * Wed Aug 12 2015 zaitorAATTopensuse.org- Remove postun handling from baselibs.conf. If one uninstalls gnome-keyring-pam-32bit it has the effect that gnome-keyring-pam gets unregistered (boo#941736). * Tue Aug 04 2015 zaitorAATTopensuse.org- Update to version 3.17.4: + Remove temporary files on failure (bgo#746334). + Migrate DBus code to GVariant and GDBus (bgo#622905). + Remove the GnuPG agent (bgo#750514). + Updated translations.- Remove %bcond_with gpgagent and all related macros, it has been dropped upstream.- Drop pkgconfig(dbus-1) BuildRequires: No longer needed as upstream has migrated it away. * Wed Apr 08 2015 zaitorAATTopensuse.org- Update to version 3.16.0: + Fix build issues highlighted by GCC 5.x. + Updated translations. * Thu Mar 19 2015 dimstarAATTopensuse.org- Disable gpgagent integration, as gnupg 2.1 introduced code to explicitly sabotage gnome-keyring. * Wed Mar 18 2015 dimstarAATTopensuse.org- Update to version 3.15.92: + pam: Make sure to never block SIGCHLD (bgo#745673). + Revert \"ssh-agent: Fix leak in seach_keys_like_attributes()\". + Updated translations. * Wed Feb 25 2015 dimstarAATTopensuse.org- Update to version 3.15.90: + Fix leaks (bgo#7385080). + Refactoring. + Build fixes (bgo#740190). + Updated translations.- Remove libgcr-3-1 and libgck-1-0 references from baselibs.conf: these libs have been split off back in 2011. * Sun Nov 09 2014 Led - fix bashism in postun script * Fri Nov 07 2014 rlmuAATTsuse.com- Add bnc#903966-SEGV-in-gnome-keyring-daemon-caused-by-calling-free-on-static-string.patch Fixed SEGV in gnome-keyring-daemon caused by calling free() on static string (bnc#903966). * Tue Sep 23 2014 dimstarAATTopensuse.org- Update to version 3.14.0: + Remove residual GTK+ usage. + Build fixes. + Updated translations. * Mon Sep 22 2014 dliangAATTsuse.com- Add gnome-keyring-896818-reduce-head-msg-length.patch: Make the head message shorter. The patch makes sense but no need to be upstream (bnc#896818). * Tue Sep 09 2014 dimstarAATTopensuse.org- Update to version 3.13.91: + Initialize correctly with empty passwords during login (bgo#736085). + Don\'t use geteuid() to get UID for user in PAM module (bgo#733418). + Fix for libgcrypt 1.6+. + Build fixes. * Sat May 17 2014 zaitorAATTopensuse.org- Update to version 3.12.2: + Build fixes. * Sun Mar 23 2014 zaitorAATTopensuse.org- Update to version 3.12.0: + Build and testing fixes. * Mon Mar 17 2014 dimstarAATTopensuse.org- Update to version 3.11.92: + Use $XDG_RUNTIME_DIR to create keyring socket directory (bgo#725801). + Stop exporting the $GNOME_KEYRING_CONTROL env variable (bgo#725801). + Stop exposing a GNOME_KEYRING_PID variable (bgo#725801). + Pass XDG_RUNTIME_DIR to new gnome-keyring-daemon process (bgo#726196). + Fix issue with changed password not unlocking keyring (bgo#726196). + Add new --unlock option to prompt for login password (bgo#710187). + When in foreground mode, close stdout when done initializing. + Exit gnome-keyring-daemon when the DBus connection closes (bgo#708765). + Don\'t initialize in an idle handler, this is racy. + Don\'t log debug messages to syslog (bgo#711537). + Documentation fixes (bgo#711581). + License fixes (bgo#721549). + Modernize autotools setup and other build fixes. + Parallel testing and add new tests. + Updated translations.- Drop gnome-keyring-check-session.patch: no longer required; the start of the daemon is controlled by pam (OnlyIf=).- Rebase gnome-keyring-pam-auth-prompt-password.patch. * Sat Feb 08 2014 jdelvareAATTsuse.com- Enhance gnome-keyring-check-session.patch: Add \"gnome-classic\" to the list of handled desktop session types (bnc#862775). * Thu Oct 17 2013 dimstarAATTopensuse.org- Update to version 3.10.1: + Build fix on OpenBSD (bgo#706405). + Add manual page. + Minor error message fixes. + Updated translations.- Add gtk-doc BuildRequires: needed to build the man page. * Sat Sep 28 2013 meissnerAATTsuse.com- If libp11-kit0-XXbit and gnome-keyring are installed, also suggest gnome-keyring-XXbit ... as /etc/pkcs11/modules is for both 32bit and 64bit modules (fixes a Wine 32bit issue during gnutls init). * Mon Sep 23 2013 dimstarAATTopensuse.org- Update to version 3.10.0: + Minor logic fix (bgo#708483). * Wed Sep 11 2013 dimstarAATTopensuse.org- Add dbus(org.freedesktop.secrets) and dbus(org.gnome.keyring) provides (part of bnc#828387). * Mon Aug 26 2013 dimstarAATTopensuse.org- Update to version 3.9.90: + Fix running gnome-keyring-daemon under test harness. + Test fixes (bgo#702367). * Mon Aug 19 2013 dimstarAATTopensuse.org- Introduce %bcond_without gpgagent: allow to disable gpg agent during build to easily test issues like bnc#829844. * Mon May 13 2013 dimstarAATTopensuse.org- Provide gnome-keyring-32bit (which contains pkcs#11 modules). (bnc#819246). * Wed May 01 2013 dimstarAATTopensuse.org- Update to version 3.9.1: + Fix implementation of LockService dbus method (bgo#690466). + Build fixes. + Updated translations.- Drop pkgconfig(libtasn1) BuildRequires: no longer needed. * Tue Apr 16 2013 dimstarAATTopensuse.org- Update to version 3.8.1: + Updated trasnlations. * Mon Mar 25 2013 dimstarAATTopensuse.org- Update to version 3.8.0: + Updated translations. * Mon Mar 18 2013 dimstarAATTopensuse.org- Update to version 3.7.92: + Update introspection data of Collection.SearchItems() (bgo#695115). + Update the Item.Created and Item.Modified properties correctly (bgo#695052). + Build fixes. + Updated translations. * Mon Mar 04 2013 dimstarAATTopensuse.org- Update to version 3.7.91: + Remove the roots-store module replaced by p11-kit 0.16+ trust module. + Only return one object path list from Collection.SearchItems() (bgo#695115). + Fix order of items returned from SearchItems() (bgo#693884). + Build fixes.- No longer pass --with-ca-certificates to configure: it\'s been obsoleted in favor of the p11-kit trust module. * Sat Mar 02 2013 dimstarAATTopensuse.org- Update to version 3.7.5: + Set correct type for Collection\'s \"Locked\" property. + Don\'t warn if the GNOME session manager is not available. + Fix crasher in armor code. + Build fixes. + Upadted translations. * Sat Mar 02 2013 dimstarAATTopensuse.org- Update to version 3.7.2: + Bring over DER parsing fixes from GCR library. + Fix corner case where long DER length overflows. + Fix crash when parsing invalid DER files. + Handle empty secrets correctly. + Only print debug message if no pkcs11 socket. + Other minor fixes. + More complete test coverage. * Sat Mar 02 2013 dimstarAATTopensuse.org- Update to version 3.7.1: + Remove dependency on GTK+. + Build fixes.- Drop pkgconfig(gtk+-3.0) BuildRequires: no longer needed. * Sat Mar 02 2013 dimstarAATTopensuse.org- Update to version 3.6.3: + Don\'t reverse the order of items returned from SearchItems(). + Updated translations. * Tue Nov 13 2012 dimstarAATTopensuse.org- Update to version 3.6.2: + Accept XDG_DATA_HOME environment variable during initialization + Handle empty secrets correctly. * Tue Oct 16 2012 dimstarAATTopensuse.org- Update to version 3.6.1: + Fix regressions with keyring master password changing + Load schema for secret items correctly, prevents storing multiple times for items stored via libsecret + Setup translations properly when daemon starts + Fix memory leak in PKCS#11 module + Updated translations. * Sat Sep 29 2012 dimstarAATTopensuse.org- Drop set_permission and verify_permissions scripts: gnome-keyring-daemon is not installed with special permissions and does not need special handling (bnc#781891).- Drop permissions PreReq: we don\'t need to handle any special permissions on files. * Tue Sep 25 2012 dimstarAATTopensuse.org- Update to version 3.6.0: + Updated translations. * Tue Sep 18 2012 dimstarAATTopensuse.org- Update to version 3.5.92: + Updated translations. * Mon Sep 03 2012 dimstarAATTopensuse.org- Update to version 3.5.91: + Updated translations. * Wed Aug 22 2012 dimstarAATTopensuse.org- Update to version 3.5.90: + Use the XDG directories for storing keys + Better handling of the --replace argument to gnome-keyring-daemon + Fix ability to store keyring files without using hardlinks + Make the GPG agent password caching options work correctly + Updated translations.- Drop gnome-keyring-bnc775235-passphrase-cache.patch: fixed upstream. * Wed Aug 22 2012 dimstarAATTopensuse.org- Update to version 3.5.5: + Initialize PKCS#11 correctly in gnome-keyring tool. + Rename the p11-kit module file. + Use setsid() to become a process leader when daemonizing. + Build fixes.- Changes from version 3.5.4: + Support the xdg:schema attribute on secret items. + Update to newer glib dependency and remove redundant code. + Encode passwords correctly for gpg2 in the gpg-agent. + Fix types of the DBus Created and Modified properties. + Expose the \'session\' and \'login\' keyrings as aliases. + Emit Secret Service signals when collections/items change. + Fix some spurious warnings. + Testing fixes. * Wed Aug 22 2012 dimstarAATTopensuse.org- Update to version 3.5.3: + Return correct introspect data for Secret Service + Fix the gnome2-store for gcr importer, and test + Debug and logging fixes + Build fixes + Updated translations.- Drop xz BuildRequires as it now comes for free in the build system. * Wed Aug 22 2012 sreevesAATTsuse.com- Add gnome-keyring-bnc775235-passphrase-cache.patch: + Fix gnome-keyring:Passwords cached indefinitely (bnc#775235, CVE-2012-3466). * Tue Apr 17 2012 vuntzAATTopensuse.org- Update to version 3.4.1: + Set \'text/plain\' content type on secrets returned from daemon + Use correct XDG_RUNTIME_DIR when started from PAM + License fix + More tests + Build fixes + Updated translations. * Mon Mar 26 2012 vuntzAATTopensuse.org- Update to version 3.4.0: + Updated translations. * Tue Mar 20 2012 vuntzAATTopensuse.org- Update to version 3.3.92: + Use runtime dir instead of /tmp for sockets. + Fix copyright headers. + Build fixes. + Updated translations. * Mon Mar 12 2012 vuntzAATTopensuse.org- Pass --with-ca-certificates=%{_sysconfdir}/ssl/ca-bundle.pem instead of --with-root-certs=%{_sysconfdir}/ssl/certs to configure: it\'s better to use the single ca certificates file than the directory with all certificates, as it\'s what upstream prefers. * Fri Mar 09 2012 dimstarAATTopensuse.org- Update to version 3.3.91: + Fix regression in changing a keyring master password + Set better button labels for the prompts + Fix assertion when cancelling a unlock prompt + Use a single CA certificates file by default + Updated translations. * Sun Feb 05 2012 dimstarAATTopensuse.org- Update to version 3.3.5: + Fix introspection data for SearchItems() + Fix regression when an invalid password used to unlock keyring + Updated translations. * Mon Jan 16 2012 vuntzAATTopensuse.org- Update to version 3.3.4: + Build fixes + Updated translations. * Wed Dec 21 2011 vuntzAATTopensuse.org- Update to version 3.3.3.1: + No message in gnome-keyring-pkcs11.so module, when no daemon running + Build fixes + Updated translations.- Drop gnome-keyring-fix-build.patch: fixed upstream. * Mon Dec 19 2011 vuntzAATTopensuse.org- Update to version 3.3.3: + Distribute correct desktop autostart files + Use GcrPrompt and GcrSystemPrompt for prompting + Do not crash when reading a truncated keyring file + Add test tool for dumping the keyring format + Update for GckBuilder changes in libgck + Fix for deprecations in glib 2.31.x + Fix ReadAlias() returning null when \'login\' keyring exists + Build fixes, bug fixes- Add xz BuildRequires because we can\'t build a package for a xz-compressed tarball without explicitly specifying that... See bnc#697467 for more details.- Add gnome-keyring-fix-build.patch: add some libraries during linkage, to fix build; taken from git.- Change libgck Requires in libgck-modules-gnome-keyring to gck: this is a new Provides in libgck to help us for this Requires, so we don\'t have a Requires on a shared library package, whose name can change. Note that we don\'t version the Requires: there\'s no reason for this. * Mon Nov 28 2011 dimstarAATTopensuse.org- Fix libgck Requires in libgck-modules-gnome-keyring: as libgck got split out, we can\'t assume any longer that the version will always be the same as the one of the main package. For now at least we assume that we can maintain the library name. * Mon Nov 21 2011 dimstarAATTopensuse.org- Update to version 3.3.2: + Do not make label selectionnable in prompt dialog + Fix deadlock in the \'unsafe storage\' prompt + Better locking for the old gnome2-store + Build fixes + Updated translations.- Drop gnome-keyring-remove-xfce-lxde-autostart.patch: fixed upstream. * Tue Nov 08 2011 dimstarAATTopensuse.org- Update to version 3.3.1.1: + Build correctly against glib 2.31- Changes from version 3.3.1: + Return most recent secret first when searching + Split the Gcr and Gck libraries out of gnome-keyring + Build fixes + Updated translations.- Rebase gnome-keyring-remove-xfce-lxde-autostart.patch.- Remove BuildRequires that have moved to the new gcr source package: shared-mime-info, pkgconfig(p11-kit-1).- Add pkgconfig(gck-1) and pkgconfig(gcr-3) BuildRequires: newly depend on the split out library,- Drop libgcr-3-1, libgcr-devel, libgck-1-0 and libgck-devel subpackages: upstream split the libraries out.- Rename libgck-modules to libgck-modules-gnome-keyring: since libgck is split away from gnome-keyring, we cannot use a generic package name like this anymore. Add appropriate Obsoletes, but no Provides as there could be another libgck-modules package appearing in the future.- Stop calling %mime_database_post(un) in %post/%postun and stop passing --disable-update-mime to configure: the mime definition moved to the gcr source package.- Add missing calls to %desktop_database_post(un) in %post/%postun.- Use grep -F instead of deprecated fgrep in %post of pam subpackage. * Tue Nov 08 2011 vuntzAATTopensuse.org- Add pam-config calls in %post/%postun for gnome-keyring-pam in baselibs.conf: when pam-32bit is installed, pam-config checks if the 32bit version of the module is installed before enabling it, and if we install from scratch, this is not necessarily true when gnome-keyring-pam is installed. Fix bnc#728586. * Sun Oct 23 2011 gberAATTopensuse.org- Fixed gnome-keyring-remove-xfce-lxde-autostart.patch which was ineffective since it modified the .in rather than the .in.in files * Mon Oct 17 2011 vuntzAATTopensuse.org- Update to version 3.2.1: + Fix debugging output, and erroneous warnings + Updated translations. * Mon Oct 03 2011 vuntzAATTopensuse.org- Add explicit shared-mime-info BuildRequires since we use the %mime_database_ * macros. * Mon Sep 26 2011 vuntzAATTopensuse.org- Update to version 3.2.0: + Don\'t install setuid when filesystem capabilities not available + Updated translations.- Update summary to not talk about password manager: this is really the keyring, which is more than just a password manager. * Tue Sep 20 2011 gberAATTopensuse.org- Do not start the gnome-keyring daemon for LXDE or Xfce via XDG autostart, that only works with gnome-session. * Sun Sep 18 2011 vuntzAATTopensuse.org- Update to version 3.1.92: + Add back the file format \"documentation\". + Make .desktop file match prompt process so icon and title are shown. + Fix packaging issues installing the pkcs11 module. + Return correct error code in gpg-agent for unimplemented stuff. + Fixes for parsing/viewing various (sometimes slightly invalid) PKCS#12 files. + Allow daemon to access secrets of internal PKCS#11 modules, so that we can do things like hash NTLM and Kerberos secrets in the future. + Build and documentation fixes. + Updated translations. * Fri Sep 09 2011 vuntzAATTopensuse.org- Update pam module and pam module configuration for the new gdm (>= 3.1.90), which uses both gdm and gdm-password pam services: + Update gnome-keyring-check-session.patch: check if the service is called gdm-password too. + Change pam-config call in %post to add gdm-password in - -gnome_keyring-only_if option.- gnome-keyring-check-session.patch: also remove support for the smeegol session, since Smeegol is dead. * Mon Sep 05 2011 vuntzAATTopensuse.org- Update to version 3.1.91: + gcr-viewer will now display errors when failing to load a file. + gcr-viewer can now prompt for passwords to unlock files. + Add support for getting the current data block being parsed in GcrParser. + Add debug output to various points in the GCR and GCK libraries. + When replacing another gnome-keyring-daemon, wait a moment before initializing. + Fix GCR library initialization bugs loading PKCS#11 modules. + Fine tuning of GcrParser when parsing PKCS#12 files. + Build and packaging fixes. + Updated translations. * Thu Sep 01 2011 vuntzAATTopensuse.org- Update to version 3.1.90: + Install better xdg-mime files for identifying crypto related file types + New gcr-viewer for viewing certificates and keys, hooked up to file types + Display tweaks for the certificate and key widgets + Don\'t initialize PKCS#11 modules automatically in gcr library unless needed. + Cleanup the libgck API since we\'re bumping the major version. + ABI fixes for the GCR library for changes in the 3.1.x release cycle + New automatic checks for symbols that have changed in the ABI + Add async PKCS#11 initialization functions to libgck + Display Certificate otherName subject-alt-name for xmppAddr and DNS SRV + Documentation, testing, translation and build fixes.- Pass --disable-update-mime to configure and add %mime_database_post/%mime_database_postun to %post/%postun scriptlets for the new gcr-crypto-types.xml MIME file.- Rename libgcr-3-0 to libgcr-3-1 after library version change.- Remove gtk-doc BuildRequires and call to libtoolize and autoreconf: there is no patch needing that. * Tue Jul 26 2011 gberAATTopensuse.org- Add LightDM support for the pam module: + Update gnome-keyring-check-session.patch: add support for LightDM. + Change pam-config call in %post to add lightdm in - -gnome_keyring-only_if option. * Mon Jul 25 2011 vuntzAATTopensuse.org- Update to version 3.1.4: + New GcrListSelector class for selecting multiple keys. + Add icons for key and key pair. + Gcr now has support for loading of GnuPG keys from gpg, including photos. + New gcr dependency on p11-kit for loading PKCS#11 modules. + Remove support for GTK+ 2.x. + Implement calculation of fingerprints in gcr for keys. + Fix problems in daemon if IPC lock or FS capabilities are not available. + Bug fixes and build fixes. + Code cleanup and refactoring.- Drop gnome-keyring-keep-only-ipc_lock.patch and gnome-keyring-accept-no-ipc_lock.patch: fixed upstream.- Add pkgconfig(p11-kit-1) BuildRequires, for new dependency.- Add libselinux-devel BuildRequires, to build SELinux support.- Remove --with-gtk=3.0 from configure, as GTK+ 2.x support was removed.- Rename libgck0 to libgck-1-0, following soname change.- Rename libgcr-3-1 back to libgcr-3-0, following soversion revert.- Call %icon_theme_cache_post/%icon_theme_cache_postun in libgcr-3-0 scriptlets, since the package now comes with icons. * Thu May 26 2011 vuntzAATTopensuse.org- Update baselibs.conf with package names after 3.0 update. * Tue May 17 2011 dimstarAATTopensuse.org- Update to version 3.1.1: + Add \'Export Certificate\' option to right click of certificate widget. + Use file system linux capabilities for memory locking. + Set correct daemon SELinux context when started from PAM module + Fix assertions in parser. + Add GcrCollection interface to represent collections of objects + Add GcrGnupgCollection to libgcr. + Implement functionality in renderers to populate GtkTreeModel + Add a GcrSelector widget. + Cleanup unregistering from session. + Build fixes. + Updated translations.- Drop gnome-keyring-fix-parallel-build.patch and gnome-keyring-file-capabilities.patch: fixed upstream.- Rename libgcr-3-0 subpackage to libgcr-3-1 following soversion change. * Thu May 05 2011 vuntzAATTopensuse.org- Handle specific permissions for %{_bindir}/gnome-keyring-daemon: + Add permissions PreReq. + Add %set_permissions %{_bindir}/gnome-keyring-daemon to %post. + Add a %verifyscript scriptlet calling %verify_permissions.- Do not package %{_bindir}/gnome-keyring-daemon with filesystem capabilities: the security team will add what is needed via %set_permissions after a review of the code.- Drop rpmlintrc file as we don\'t need it anymore, since we have no setuid binary nor capabilities.- Add gnome-keyring-keep-only-ipc_lock.patch: when filesystem capabilities are used, make sure that we do have ipc_lock and keep only this one.- Add gnome-keyring-accept-no-ipc_lock.patch: accept to run without ipc_lock capability, just print a warning instead of aborting.- This is part of bnc#682244. * Mon May 02 2011 fcrozatAATTnovell.com- Add gnome-keyring-file-capabilities.patch: Use libcap-ng for file capabilities (from git, see rh#668831).- Use libcap-ng-devel BuildRequires instead of libcap-devel- Add gtk-doc BuildRequires, only needed because of the new patch.- gnome-keyring-daemon is now using cap_ipc_lock=ep instead of setuid. * Wed Apr 27 2011 fcrozatAATTnovell.com- Update to version 3.0.1: + Fix clicking buttons in \'unsafe storage\' dialog on GTK+3. + Build with GTK+3 by default. + More tests and test fine tuning: --enable-tests=yes/no/full. + Expand path in gnome-keyring-prompt.desktop properly. + Implement debug tracing in parts of gcr library. + Complete documentation in gcr and gck libraries. + Fix assertions in gcr library during parsing of a stream. + Build fixes.- Add gnome-keyring-fix-parallel-build.patch to fix parallel build (from git).- Remove libmock-test-module.so in %install, as this is only useful for tests. * Mon Apr 25 2011 vuntzAATTopensuse.org- Add the rpmlintrc that was added as workaround until bnc#682244 is fixed (security review) as a source. * Mon Apr 04 2011 fcrozatAATTnovell.com- Update to version 3.0.0: + Updated translations. * Tue Mar 22 2011 fcrozatAATTnovell.com- Update to version 2.91.93: + Use full interface.Property form for CreateCollection and CreateItem in the DBus API. + Add deprecated functions for libgcr symbols lost since 2.32.x + Don\'t crash when the GPG agent is asked for a passhprase without a key id.- Changes from version 2.91.92: + Don\'t leak login name from PAM when logging error. + Also start daemon in XFCE + Fix inability to save password for other keyrings. + Build and test fixes. + Support removal of aliases via the secret service API + Fix race condition when multiple applications create the default keyring at the same time. + Add a desktop file for gnome-keyring-prompt, so the icon shows up properly in gnome-shell. + Implement HKDF for transport encryption security.- Changes from version 2.91.91: + Fix the certificate details expander when used with GTK+3 + Calculate the minimum/natural size of the certificate widget better. + Fix gnome-keyring-prompt for GTK+3 release. + Fix problems with the URIs used for trust lookup and storage. + Pass around a content-type for secrets in the DBus Secret Service API. + If DBus couldn\'t be initialized when starting up the daemon, try again at a later point. + Build and testing fixes. + Remove support for the pkcs11-options file, and wait for a proper configuration file setup being worked on in p11-kit. + Add support for --version argument to gnome-keyring-daemon and gnome-keyring. + Create necessary directory when storing trust assertion objects.- Changes from version 2.91.4: + gck library loads PKCS#11 modules from /usr/lib/pkcs11 + PKCS#11 config file in /etc/xdg/pkcs11.conf[.defaults] + Many ASN.1 encoding fixes. + Refactor how tests work. + Install standalone PKCS#11 modules to a consistent location. + Memory leaks and other bug fixes. + Allow enumeration of objects in specific PKCS#11 slots as well as modules. + Add GcrCertificateChain for building certificate chains. + Implementation of the initial PKCS#11 Trust Assertions spec. + Add GcrPkcs11Certificate for looking up certificates in PKCS#11 modules by issuer. + Expose gcr functionality for setting which PKCS#11 modules to use. + Find the root certificates by default. + Move to a single header model for libgcr. + Don\'t load *.la files when looking for PKCS#11 modules. + Fixes for GTK+3.0 + New xdg-store PKCS#11 module with support for storing trust assertions. + Rename old user-store to gnome2-store since it stores its data in old formats in the old .gnome2 location.- Replace gnome-keyring-autostart-in-xfce.patch with desktop-file-install calls. Add desktop-file-utils BuildRequires for this.- Add support for source service checkout, with %BUILD_FROM_VCS: + Add gnome-common and gtk-doc BuildRequires. + Add call to ./autogen.sh. + Enforce gtk-doc html generation by passing --enable-gtk-doc to configure. * Wed Dec 29 2010 gberAATTopensuse.org- Update gnome-keyring-check-session.patch to add support for Xfce sessions.- Add gnome-keyring-autostart-in-xfce.patch to autostart gnome-keyring in XFCE sessions. * Fri Dec 17 2010 vuntzAATTopensuse.org- Update to version 2.91.3: + Shutdown module timer when holding proper mutex. + Linux capabilities to overcome limits on locked memory. + Update HACKING with coding style + Build fixes.- Changes from version 2.91.2: + Add timeout if PAM startup doesn\'t complete shortly. + Fix login keyring password when it doesn\'t match unix login. + Replace gp11-0 with gck in pkgconfig file + Fix broken dispose of GcrCertificateWidget + Remove gp11 library.- Changes from version 2.91.1: + Fix build problem in gpg-agent. + Properly distribute pkgconfig file for gck library. + Better certificate widget in gcr library. + Add extra debug guard around printing of prompt io. + Rework how the gcr parser and importer work together. + More GTK+ 3.0 fixes.- Changes from version 2.91.0: + String and punctuation fixes. + Add libgck library to soon replace libgp11 + Migrate everything in gnome-keyring to libgp11 + Fix invalid memory access in PKCS#11 rpc-layer + Fix race condition in tests- Move to pkgconfig()-style BuildRequires: + Old ones: dbus-1-devel, gtk2-devel, libtasn1-devel. + New ones: dbus-1, glib-2.0, gtk+-3.0, libtasn1.- Add libcap-devel BuildRequires.- Rename libgcr0 to libgcr-3_0 after library name change.- Remove explicit glib2-devel, gtk2-devel, libgp11-devel, libtasn1-devel Requires in libgcr-devel package: they will be automatically added the pkgconfig() way.- Add libgck0, libgck-devel and libgck-modules subpackages, and remove libgp11-0, libgp11-devel, libgp11-modules. Packaging-wise, it\'s mostly like a renaming. Note that we have libgck-modules with a Obsoletes tag for libgp11-modules since they share the same files.- Pass --with-gtk=3.0 instead of --with-gtk=2.0 to configure.- Stop passing --libexecdir=%{_libexecdir}/gnome-keyring-1 to configure: this is really not needed. * Wed Dec 15 2010 vuntzAATTopensuse.org- Own /usr/share/GConf and /usr/share/GConf/gsettings to fix build. * Tue Nov 23 2010 ajAATTsuse.de- Change lang package Requires to Recommends since it is not mandatory at runtime. * Thu Oct 28 2010 vuntzAATTopensuse.org- Update to version 2.32.1: + Don\'t offer to save password for symmetric encryption in gpg-agent. + Don\'t try to cache password when symmetric encryption in gpg-agent. + Check that daemon is initialized before changing password from pam. + Fix login keyring password doesn\'t match login. + Link correctly to gio. + Add extra debug guard around printing of prompt io. + Fix invalid memory access in rpc-layer. * Wed Oct 20 2010 vuntzAATTopensuse.org- Update gnome-keyring-check-session.patch to also use the gnome-keyring PAM module for the gnome3 and smeegol sessions: we want the keyring to be unlocked on login there. * Mon Sep 27 2010 vuntzAATTopensuse.org- Update to version 2.32.0: + Make builds silent by default. * Sun Sep 12 2010 vuntzAATTopensuse.org- Update to version 2.31.92: + Require glib 2.25 or later. + Require automake 1.7 or later. + Fix assertion in secure memory code. + Don\'t go into endless loop when GPG Agent client disconnects. + Fix double free in gp11 library. + Fix crash during keyring unlock operation. + Expand prompt details when a non-default unlock option is chosen. + Migrate to gsettings. + Use gsettings for GPG agent unlock options. + Fix library header installation directory for libgcr. + Fix some errors parsing certificates. + Rework how unlock options are loaded and handled. + Fix saving of auto-unlock passwords. + Support building with GTK+ 3.0 + No warning message when SSH unlock prompt is cancelled. + Build fix finding PAM headers. + Build fix of PAM module for Hurd.- Drop gnome-keyring-fix-pam-module-build.patch: fixed upstream.- Pass --with-gtk=2.0 to configure to make sure we build against GTK+ 2.- Handle GSettings schemas, by using the %glib2_gsettings_schema_ * macros. * Mon Aug 30 2010 vuntzAATTopensuse.org- Update to version 2.31.91: + Fix problem with keyring names that contain foreign charaters. + Build fixes and warning fixes. + Better GPG Agent prompt strings. + More internal documentation. + Remove gconf as part of migration to gsettings. + Add --replace option to daemon. + Fix race condition in tests. + Use new DER decoding and encoding routines. + Only try to authenticate once if PKCS#11 slot has protected auth path. + Better handling of when PKCS#11 token is write protected.- Add gnome-keyring-fix-pam-module-build.patch to fix build of PAM module.- Pass --enable-pam to configure to make the build fail early if we lose the pam module.- Pass --with-root-certs=%{_sysconfdir}/ssl/certs to configure.- Remove all of the gconf packaging: + Remove gconf2-devel BuildRequires. + Remove use of %gconf macros and corresponding %pre/%preun/%posttrans. + Do not pass --disable-schemas-install to configure. * Thu Jul 22 2010 vuntzAATTopensuse.org- Remove gnome-common BuildRequires and call to gnome-autogen.sh.- Call %suse_update_desktop_file on gnome-keyring-gpg.desktop. * Thu Jul 08 2010 dimstarAATTopensuse.org- Update to version 2.31.4: + New GPG Agent built into gnome-keyring-daemon + Start building (but not using) new DER parser and writer. + Fix building of desktop and service files. + Fix problems displaying prompts with certain characters in strings. + Fix deadlock on secure memory usage. + Refactor the way prompting works for PKCS#11 components. + Refactor the way testing works and files are named. + Implement coverage testing. + Cleanup whitespace issues and rename certain modules. + Tests can now involve prompts and responses. + Fix possible threading race condition in gp11. + Fix broken startup when used with gdm and password-less login. + Fix checking of uninitialized value in prompting code.- Drop gnome-keyring-fixes-from-git.patch: fixed upstream. * Thu Jun 03 2010 vuntzAATTopensuse.org- Add gnome-keyring-fixes-from-git.patch to fix various issues related to gnome-keyring not working fine (with autologin, for example).- Add gnome-common BuildRequires and call to gnome-autogen.sh needed for the patch. * Thu Apr 29 2010 dimstarAATTopensuse.org- Update to version 2.30.1: + Build fixes for errors and distribution problems. + Fixes for building on recent GTK versions. + Remove accidental storage of user\'s login password in login keyring. + Fix assertion when exiting. + Updated translations. * Tue Mar 30 2010 vuntzAATTopensuse.org- Update to version 2.30.0: + More robust error display and handling. + Don\'t assert on va_list. + Don\'t save session keyring to disk. + Allow unlocking even when always unlock is not available. + Hide the automatically unlock check when login not usable. + Fix various issues storing and using auto unlock passwords. + Updated translations. * Wed Mar 10 2010 dimstarAATTopensuse.org- Update to version 2.29.92: + Fix various problems with not storing secret value properly. + Return no results when a search includes a bad collection identifier. + Don\'t raise error if ssh client disconnects early. + Allow running in a test environment. + Fix error when setting default keyring to NULL. + Autostart gnome-keyring-daemon in LXDE as well. + Rework the startup again, to use a singleton crontrolled via dbus, to help when no process was started by pam. + Display password and confirm prompts when creating keyring. + Allow specifying CKA_ID when creating collection. + Give translatable label to created login keyring. + When no default keyring set, use login keyring. + Fix problem initializing socket path in rpc module. + Fix endless loop in reading data. + Potential fix or sporadic crash. + Solaris build fixes. + Updated translations. Drop upstream included gnome-keyring-LXDE-autostart.patch. * Thu Feb 11 2010 vuntzAATTopensuse.org- Update to version 2.29.90: + Quit daemon when the dbus session is disconnected. + Don\'t print out warnings on SSH v1 keys. + Remove erroneous egg-dbus dependency. + Allow saving password for encryption keys. + Fix problems storing secrets in keyrings. + Expose idle and timeout lock options for keyrings in the prompt dialog. Fix remaining issues to get this to work. + Display a different message when unlocking the login keyring. + Fix problem with phantom \'xxx_1\' keyrings appearing. + Load and use the default keyring properly. + Support accessing template style pkcs11 attributes. + Fix endless loop when looking for encryption key password in login keyring. + GNU Hurd build fixes. + Solaris build fixes. + Translation fixes.- Drop eggdbus-devel BuildRequires.- Tweak gnome-keyring-check-session.patch to not start the keyring if we\'re in a supported display manager, but DESKTOP_SESSION is not set. * Sun Feb 07 2010 andreaAATTopensuse.org- Add gnome-keyring-LXDE-autostart.patch to allow to autostart keyring on LXDE session. * Wed Jan 27 2010 andreaAATTopensuse.org- Update gnome-keyring-check-session.patch to also support LXDE (and lxdm). * Mon Jan 11 2010 captain.magnusAATTopensuse.org- Update to version 2.29.5: + Implement lookup collection passwords in login keyring. + Various prompting fixes. + Store PKCS#11 objects after any attribute change. + Add \'Type\' property to Secret Service API DBus item interface + Various warning, and uninitialized memory fixes. * Tue Dec 22 2009 vuntzAATTopensuse.org- Update to version 2.29.4: + Refactor how the daemon starts up. + Allow init with already present environment variables, using - -start. + Install autostart files for each component of the daemon. + New DBus Secret Service API for accessing passwords and secrets. + Old protocol for accessing secrets is no longer present. + libgnome-keyring is now its own module, and no longer bundled with gnome-keyring. + Use normal GtkEntry when prompting for passwords. + Requires GTK+ 2.18 + Implement new more flexible control protocol for pam and startup. + Complete more of the gp11 PKCS#11 wrapper library. + Implement AES key wrapping and unwrapping in PKCS#11 components. + Implement DH key generation and derivation in PKCS#11 components. + Integrate testing of PKCS#11 components via p11-tests. + Implement PKCS#11 component for storing \'keyring\' style secrets. + Don\'t complain if we can\'t set session environment variables. + When running a debug build, warnings are fatal. + Refactor testing. + Encrypted channel for password with prompting dialog.- Pass --disable-schemas-install to configure.- Add eggdbus-devel BuildRequires.- Remove libgnome-keyring0 and gnome-keyring-devel subpackages (moved to libgnome-keyring source package).- Split the remaining of gnome-keyring-devel in libgcr-devel and libgp11-devel.- Update baselibs.conf to reflect the packages shipping libraries (libgcr0 and libgp11-0). * Thu Dec 17 2009 jengelhAATTmedozas.de- Add baselibs.conf as a source * Thu Dec 17 2009 vuntzAATTopensuse.org- Fix build on openSUSE <= 11.2. * Tue Dec 15 2009 vuntzAATTopensuse.org- Update to version 2.28.2: + Add license to reference documentation. + Sent output of g_printerr to syslog. + No error when can\'t unlock login keyring. + Fix assertion when comparing attributes. + Fix freeing of unallocated memory in test. + Don\'t barf on certificates with unsupported algorithm. + Fix some memory leaks. * Fri Dec 04 2009 vuntzAATTopensuse.org- Split the libraries in their own packages, to avoid useless dependencies for packages depending on libgnome-keyring0 but that don\'t want the whole gnome-keyring (which pulls gtk2). This means we now have libgnome-keyring0, libgcr0, libgp11-0 and libgp11-modules subpackages. (Thanks to Debian: summaries and descriptions are inspired by the Debian ones.)- Remove .la files.- Do not self-obsolete for gnome-keyring-doc and pam_keyring.- Move the pam-confire PreReq to the pam subpackage. * Fri Nov 13 2009 vuntzAATTopensuse.org- Update to version 2.28.1: + Fix support for SSH RSA1 keys. + Fix a delay when the daemon quits. + Use default D-Bus timeout when finding daemon. + Make custom pkcs11 constants unsigned longs. + Use unsigned long for module handle counter. + Fix assertion when releasing secure memory block.- Drop gnome-keyring-no-logout-delay.patch: fixed upstream.- Drop gnome-keyring-fix-ssh1-agent.patch: fixed upstream.- Update gnome-keyring-check-session.patch to apply without fuzz. * Thu Oct 08 2009 vuntzAATTopensuse.org- Add gnome-keyring-fix-ssh1-agent.patch to make the ssh agent support rsa1 keys again. Fix bnc#540515. * Tue Oct 06 2009 vuntzAATTopensuse.org- Update gnome-keyring-pam-auth-prompt-password.patch to not prompt for password if use_authtok option is used. * Fri Oct 02 2009 vuntzAATTopensuse.org- Add gnome-keyring-no-logout-delay.patch to fix delay during logout. * Tue Sep 22 2009 dimstarAATTopensuse.org- Update to version 2.28.0: + Fix build problems with -as-needed.- Remove export SUSE_ASNEEDED. * Mon Sep 14 2009 vuntzAATTopensuse.org- Update to version 2.27.92: + Some uses of glib memory routines to explicitly allocate memory. + Fix erroneous assertion hit by gtk-doc and tests. + Revert change which bumped libtasn1 required to 1.0. + Fix logic for only_if option in PAM module. + Handle unix signals on one thread. + Better daemon startup and forking logic. + Optional use of automake silent rules when available. + No warning when a disk doesn\'t have a UDI identifier.- Drop gnome-keyring-pam-fix-only_if.patch: fixed upstream.- Add SUSE_ASNEEDED=0 to fix build. * Sun Aug 30 2009 vuntzAATTnovell.com- Add gnome-keyring-pam-fix-only_if.patch to fix logic in pam module when using only_if. * Mon Aug 10 2009 vuntzAATTnovell.com- Update to version 2.27.90: + Build fixes on Solaris and FreeBSD. + Take length of ASN.1 elements into account, when parsing. * Wed Jul 29 2009 vuntzAATTnovell.com- Drop gnome-keyring-auto-start-if-compatibility.patch now that pam-config has been updated to support only_if in the pam config.- Change pam-config call in post to use \"--gnome_keyring-auto_start - -gnome_keyring-only_if=gdm\" instead of \"--gnome_keyring-auto_start_if=gdm\"\"- PreReq pam-config at least 0.72 for those changes. * Tue Jul 28 2009 lmedinasAATTgmail.com- Update to version 2.27.5: + Add support for lifetime constrained SSH identities. + Use GtkBuilder files where glade files were used. + Write private key files with tighter file permissions. + Use gio instead of libhal for monitoring volumes. + Updated translations.- Remove hal-devel from BuildRequires not needed anymore. * Sun Jul 19 2009 vuntzAATTnovell.com- Update to version 2.27.4: + Insurance in parsing keyring format for future changes. + Add \'use_authtok\' option to pam module. + Test utility fix. + Add \'only_if=\' option to pam module. + Make \'Password:\' prompt translatable in pam module. + Use libgcrypt to generate iv/salt where needed. + Remove old cu-test style unit tests. + Code refactoring and cleanup, removed \'common\' component. + Auto generated ChangeLog. + Cleanup unit tests, and make them run with \'make check\'- Changes from version 2.26.3: + Build fixes. + Fix problem with RSA key sizes that are not a multiple of 8. This affected use of SSH keys in particular. + Fix crash related to secure memory.- Drop gnome-keyring-pam-auto-start-if.patch: fixed upstream.- Drop gnome-keyring-pam-translate.patch: fixed upstream.- Remove AutoReqProv: it\'s default now.- Add gnome-keyring-auto-start-if-compatibility.patch since pam-config does not know yet about only_if. It will be removed once pam-config will be updated. * Sun Apr 12 2009 mbomanAATTsuse.de- Update to version 2.26.1: + Fix many problems with the new secure memory allocator + DBus now automatically starts the gnome-keyring service properly + When auto activating the gnome-keyring DBus service, check for an already running daemon + Don\'t print critical warnings when registering with DBus fails + Bump glib dependency + Add DBus method for getting the gnome-keyring environment variables + Fix crash when prompting to unlock the keyring + Initialize daemon with LOGNAME and USERNAME environment variables + Build fixes- Merge -doc into -devel as it only contains gtk-doc- Move gtk-doc from main to -devel * Sat Mar 21 2009 mbomanAATTsuse.de- Modify baselibs.conf so that if pam-32bit is installed on x86_64, gnome-keyring-pam-32bit and gnome-keyring-32bit is installed as well. * Thu Mar 19 2009 mbomanAATTsuse.de- Fix an issue where Requires on libtasn1-devel and gtk2-devel was added to -pam instead of -devel * Sat Mar 14 2009 mbomanAATTsuse.de- Update to version 2.26.0: + Implement support for running gnome-keyring-daemon under valgrind + Checks for asn1Parser tool when configuring + Only automatically expose PKCS#11 public key objects for private keys + Have the SSH agent only log into the token when we have a private key that we want to access + Disable input method in password- Add libtasn1-devel and gtk2-devel to Requires for devel package * Fri Mar 06 2009 vuntzAATTnovell.com- Update to version 2.25.92: + Fix problems when multiple processes tried to initialize the gnome-keyring-daemon at the same time, often resulting in a user session that hung on login. + Add compatibility support for loading SSH unlock passwords from previous versions of gnome-keyring. + Fix compiler warnings on 32-bit systems. + Fix uninitialized variable usage. These resulted in crashes. + Initialize PKCS#11 tokens before importing certificates or keys to them. Remove previous auto-initialize idea. + Add basic support for PKCS#11 SO logins. + Fix focus issues in the import certificate/key dialog. + When looking for PKCS#11 objects, skip tokens that have not been initialized. + Exit properly when an error occurs on importing a certificate or key. + Hash objects when storing them in PKCS#11 user-store and validate the hashes when loading them. + Build fix on Solaris + If login keyring doesn\'t exist when changing a PAM password, don\'t create it automatically. + Close stdin/stdout when not running the daemon in foreground. This fixes a regression in scripts starting gnome-keyring-daemon.- Remove -fno-strict-aliasing from CFLAGS.- Use makeinstall (install-pam is no longer useful)- Make sure fdupes is called last (since we might changes some files before). * Sun Feb 22 2009 vuntzAATTnovell.com- Better document the cleanup of /etc/pam.d/gdm * Thu Feb 19 2009 vuntzAATTnovell.com- Add gnome-keyring-pam-auth-prompt-password.patch: we make the pam module prompt for a password during auth when none was set.- Use pam-config instead of hack in post/postun of the pam package. We have to manually remove the pam_gnome_keyring.so from /etc/pam.d/gdm in post, though.- Should fix bnc#466732.- Add gnome-keyring-pam-translate.patch to translate the prompt strings in the pam module, using the pam translations. * Mon Feb 16 2009 sbrabecAATTsuse.cz- Added support for translation-update-upstream (FATE#301344). * Sat Feb 14 2009 mbomanAATTsuse.de- Update to version 2.25.91: + Complete certificate details display in the gcr library + Correctly escape prompt markup + Show correct MD5 hash in certificate display + Overhaul the secure memory allocator to have memory guards, and also be more sparing with secure memory + Add C++ header guards to public headers + Prompt to initialize new PKCS#11 tokens with a password + Fix output of RSA keys to be interoperable + Translation fixes + Fix problems importing certificates and keys + More code reorganization + Add support for netscape trust objects, so Root CA certificates can be trusted by NSS + Fixes to the PKCS#11 headers on 64-bit systems- Remove gnome-keyring-bgo570295-use-markup-correctly.patch. Fixed upstream * Tue Feb 03 2009 mbomanAATTsuse.de- Update to version 2.25.90: + Add certificate UI bit to gcr library. + Can now again clear the cached authentication from an SSH key. + Add some additional helper functions to gp11 library. + Fix some corner cases in signal handling. + Don\'t crash when trying to lock keyrings that don\'t have a password. + Fix problems running on 64-bit systems. + Build fixes- Tag/Rename/Upstream gnome-keyring-bgo570295-use-markup-correctly.patch * Sun Feb 01 2009 mbomanAATTsuse.de- Update to version 2.25.5: + Refactor out gcr library for crypto UI and related tasks. + Code refactoring. + Support automatically initializing a PKCS#11 token when not initialized. + Add modular user-store module for general storage of keys and certs. + Build fixes [Saleem Abdulrasool, Jeff Cai] + Add modular roots-store module for storage of trusted CA certs. + Add modular rpc-layer for communication between module and daemon. + Add modular ssh-agent as the main gnome-keyring-daemon agent. * Thu Jan 22 2009 vuntzAATTnovell.com- Clean up package a bit, especially the file list. * Mon Jan 12 2009 mbomanAATTsuse.de- Update to version 2.25.4.2: + The modular ssh agent uses keys from all available PKCS#11 slots. + Fix compiler warnings. + Fix broken release.- Remove gnome-keyring-svndiff-1440-1442.patch. New version * Wed Jan 07 2009 mbomanAATTsuse.de- Update to version 2.25.4.1: + Half way through refactoring of PKCS#11 support. + Add crypto support to gp11 library. + gp11 library is now by and large thread-safe. + Add modular ssh-store, roots and rpc-layer PKCS#11 components. + Beginnings of a PKCS#11 based ssh-agent. + Transactional storage of PKCS#11 objects. + Add auto-authenticate support in GP11 library, which greatlty simplifies figuring out when to provide passwords. + Fix initialization problems which prevented SSH agent from setting environment variables properly + Translation fixes- Add gnome-keyring-svndiff-1440-1442.patch to make it compile * Sat Dec 20 2008 mbomanAATTsuse.de- Update to version 2.25.2: + Fix PKCS#11 corner cases highlighted by p11-tests tool. + Solaris fixes + Don\'t use non-pageable memory for public keys. + Rework initialization of daemon, and the way that it integrates with the session. + Close open file descriptors before starting daemon from PAM module. + Don\'t try and unlock keyring from PAM if daemon isn\'t running + Don\'t leave keyring daemon running if PAM just started it for a password change + Add a keyboard accelerator to the \'Deny\' button + Use pkg-config to detect libtasn1 + Register environment variables with session properly. + Make DBUS a required dependency of gnome-keyring. + Remove usage of deprecated glib/gtk stuff.- Removed gnome-keyring-pam-stop-passwd.patch. Fixed upstream- Removed gnome-keyring-spurious-syslog.patch. Fixed upstream- Removed gnome-keyring-sync-XAUTHLOCALHOSTNAME.patch. Fixed upstream * Wed Dec 10 2008 olhAATTsuse.de- use Obsoletes: -XXbit only for ppc64 to help solver during distupgrade (bnc#437293) * Mon Dec 01 2008 vuntzAATTnovell.com- Add gnome-keyring-sync-XAUTHLOCALHOSTNAME.patch to synchronize XAUTHLOCALHOSTNAME and ICEAUTHORITY in the keyring daemon after login. Else, gnome-keyring-ask might not be able to access the display. Fix bnc#441789. * Mon Nov 24 2008 olhAATTsuse.de- obsolete old -XXbit packages (bnc#437293) * Wed Nov 19 2008 vuntzAATTnovell.com- Compile with --disable-acl-prompts. The prompt dialogs don\'t help the user in the end. Fix bnc#446010. * Sun Nov 09 2008 vuntzAATTnovell.com- Add some patches that will make pam-config integration possible. This is part of bnc#421603.- Add gnome-keyring-pam-stop-passwd.patch: if the keyring is started to update the keyring password on password change, then stop it too. Based on patch by Thorsten Kukuk.- Add gnome-keyring-pam-auto-start-if.patch: support an auto_start_if option for the pam module to specify for which service to auto-start the keyring. Based on patch by Thorsten Kukuk.- Update gnome-keyring-check-session.patch: the check for the GNOME session is only working for the gdm service. With the gnome-keyring-pam-auto-start-if.patch patch, we need to make sure that we only do it for gdm since someone might want to configure the keyring to start when logging in a console, eg.- gnome-keyring-spurious-syslog.patch: don\'t try to unlock the keyring if there\'s no daemon running. * Wed Oct 22 2008 mbomanAATTsuse.de- Update to version 2.24.1: + Fix crash on logout on Solaris. + Add missing \'server\' attribute to the NETWORK_PASSWORD schema * Sun Sep 21 2008 mbomanAATTsuse.de- Update to version 2.24.0: + Update documentation for functions in gp11 library + Ungrab the keyboard properly when a password prompt is minimized. + Report errors from keyboard grabbing. + Fix build problems with gcc 4.3. + PKCS#11 initialize compatibility fix for OpenSC. + Make all errors from prompt process go to syslog. + When prompting for a password on import, don\'t go into an endless + loop for blank passwords. + Fix problems with PK indexes overwriting one another. + Don\'t add additional extensions on storage files when the extension is already correct. + Load all objects when a PKCS#11 session is opened, regardless of whether a C_FindObjects is run or not. * Sat Sep 20 2008 vuntzAATTnovell.com- Rewrite gnome-keyring-check-session.patch to be more correct: ie, don\'t return too early from functions, and now check the DESKTOP_SESSION environment variable that will be set by GDM.- Change the gdm pam configuration to have auto_start for pam_gnome_keyring.so for session, and not auth. This is what upstream recommends and it\'s also required to have a proper behavior with the above patch.- This is part of bnc#427744. * Fri Sep 12 2008 ajAATTsuse.de- Add directory ownership for /usr/share/gtk-doc/html/gp11. * Tue Sep 09 2008 mbomanAATTnovell.com- Update to version 2.23.92: + Build fix for Solaris + Import the LANG environment variable into daemon enviroment so that dialogs display with correct translations. * Thu Sep 04 2008 mbomanAATTnovell.com- Update to version 2.23.91: + Use \'Change\' instead of \'Create\' when prompting the user for a password to change keyring password. + Fix RSA signing with X509 mechanism. + Tweaking of the asynchronous scheduling to prevent hangs. + Add some documentation for GP11 library. + Translation updates. + Build fixes. * Tue Aug 26 2008 mbomanAATTnovell.com- Update to version 2.23.90: + Use \'Create\' button instead of \'OK\' when prompting the user for a password to create a new keyring. + Fix more cases where \'Deny\' choice by a user resulted in more subsequent prompts. + Automatically create non-existant directories when storing files. + Fix problem prompting for the same password twice when parsing a PFX or PKCS#12 file. + Don\'t offer to store password during import operation. + Don\'t try to store certificates encrypted on the disk. + Add command line tool for importing of keys and certificates. + Fix problems with SSH agent not unlocking keys properly. + Build fixes. * Tue Aug 05 2008 captain.magnusAATTopensuse.org- Update to version 2.23.6: + If the user denies a prompt, then don\'t prompt the same prompt again for that connection to the daemon. + Bug fixes for loading of SSH keys. + Add gconf schema for noting the user\'s configured PKCS#11 modules. + Update and bug fixes for the new GP11 library. + Better reference counting of internal objects. + When a certificate is in the roots storage, assume it is a CA if no basic constraints are present. + Add ability of PKCS#11 module to accept a string on its reserved initialization argument, similar to NSS\'s libsoftkn3 module. + Translation fixes. + Build fixes. * Sat Aug 02 2008 captain.magnusAATTopensuse.org- Update to version 2.23.5: + Load all SSH keys in ~/.ssh named id_?sa *, not just id_rsa and id_dsa. Also load public portions of keys when needed ie: * .pub + Include new GP11 library, which is a GLib wrapper for PKCS#11 + Add ability to import keys/certificates to PKCS#11. + Better storage and creation of PKCS#11 objects. + Start using GTest for new unit testing. + Better indexing of keys and certificates. + Better buffer handling, and threading fixes. [Jon Burgress] + Fix warnings in logs caused by programs checking whether gnome-keyring is available. + Standardize on libgcrypt random number generator. + Add --disable-acl-prompts option to disable all ACL prompting [Colin Walters] + Build fixes. * Wed Jun 18 2008 mawAATTsuse.de- Update to version 2.22.2: + Streamline the importing of keys and make the proper prompts show up consistently; better fixes for this to come in 2.24.x + Don\'t show \'location\' field in most password prompts + Return serial number of certificates properly to requesting programs + Fix crash when receiving certain HAL events. * Thu May 01 2008 hpjAATTsuse.de- Remove gnome-keyring-0.4.6-casa-integration.patch. GNOME can now replicate the login password for use in the default keyring without Casa\'s help. * Thu Apr 10 2008 roAATTsuse.de- added baselibs.conf file to build xxbit packages for multilib support * Wed Apr 09 2008 mawAATTsuse.de- Update to version 2.22.1: + Add SSH agent protocol 1 support + Make \'ssh-add -D\' lock any SSH private keys that gnome-keyring is automatically loading + Reconnect to system DBus whenever the system bus restarts + Log to syslog even when running in the foreground + Add a configure option to disable building of the SSH agent + Build fixes. * Fri Mar 14 2008 mawAATTsuse.de- Update to version 2.22.0: + Minor build fix. * Tue Mar 04 2008 mawAATTsuse.de- Update to version 2.21.92: + Sync up user\'s session environment with the daemon, so that things like X authentication, DBUS, etc. work properly + Shutdown socket connections properly, so things don\'t hang, when wrong versions of daemon/library are used + Limit PKCS#12 parsing to a clearly defined subset of the format + Decrypt PKCS#12 with empty passwords properly + Updated translations. * Mon Feb 18 2008 mawAATTsuse.de- Update to version 2.21.91: + Don\'t prompt for a password from the PAM module since gnome-keyring is not an authenticator + Check that PKCS#11 socket connections come from same user + Don\'t lock the entire gnome-keyring-ask process in memory, just the password text; this works better when less non-pageable memory is available + Basic serializing of certificates and keys + Build fixes + Updated translations. * Tue Jan 29 2008 mawAATTsuse.de- Update to version 2.21.90: + Proper support for creating and destroying objects through PKCS#11 + Support for setting PKCS#11 attributes + Fix hanging of daemon under certain conditions + Add gconf setting for determining which components of the daemon (such as SSH) are run at startup + Better parsing of objects and prompting for passwords in PKCS#12 files + Calculate trust and purpose/usage of certificates + Mark certain key/certificate directories as special requiring certain special treatment (such as the CA root store, SSH keys etc...) + Add support for unencrypted keyrings which are used when the user specifies a blank password + Fix problem where most keyrings were being treated as insecure from the point of view of storing passwords for keys or certificates + Fix race condition that is causing deadlocks and freezes + Misc fixes. * Tue Jan 22 2008 hpjAATTsuse.de- Remove gnome-keyring-2.21.4-getenv-returns-null.patch, and fix gnome-keyring-check-session.patch instead. * Mon Jan 21 2008 hpjAATTsuse.de- Add gnome-keyring-2.21.4-getenv-returns-null.patch to fix GNOME bug #510902. * Sat Jan 12 2008 hpjAATTsuse.de- Install the D-Bus service file. Fixes Novell bug #353198. * Thu Dec 20 2007 mawAATTsuse.de- Fix build on x86_64. * Thu Dec 20 2007 mawAATTsuse.de- Update to version 2.21.4: + Build fixes for various platforms and against various libraries + Print few useless warning messages + Simpler API for accessing and storing passwords + PAM module now works with SELinux + Includes an SSH agent + Added basic x.509 certificate and key store + PKCS#11 module + ASN.1 support- Don\'t package license files. * Wed Oct 10 2007 sbrabecAATTsuse.cz- Replace old pam_keyring. * Mon Sep 17 2007 mauroAATTsuse.de- Updated to version 2.20. + Translation fixes (Claude Paroz) * Mon Sep 10 2007 criveraAATTsuse.de- Add a patch to fix Bug #186189. We only start gnome-keyring daemon if the WINDOWMANAGER environment variable is set to /usr/bin/gnome. * Mon Aug 27 2007 cgaisfordAATTnovell.com- Updated to 2.19.91 to incorporate needed fixes for Novell bugs: 298975, 299730, 299621, 304189- Builds with newer versions of DBus [Theppitak Karoonboonyanan]- In the PAM module we now support starting gnome-keyring-daemon when the user\'s session actually starts, rather than during password validation. This makes us more solid and sane with GDM and well behaved PAM using applications. [Chris Rivera]- In the PAM module check that the socket is owned by the same user, before sending the login password there.- Don\'t read from /dev/random when not needed. This makes startup faster in many cases, as it won\'t block for entropy.- Get around more optimizations that cancel out wiping of strings in memory before freeing.- Fix problem where keyrings are created in wrong directory [Nathaniel McCallum]- Incorporated security fixes from Novell- Fix crashers when the ask dialog sends back bad data.- Now builds on Solaris [Damien Carbery]- Configure PAM module directory better [Matthias Clasen]- Fix memory leaks * Tue Aug 07 2007 mawAATTsuse.de- Use %fdupes- Split off a -lang subpackage. * Thu Aug 02 2007 jprAATTsuse.de- Build with pam support in gnome-keyring-pam * Thu Aug 02 2007 mawAATTsuse.de- Update to version 2.19.6.1: + Sync with current gnome version numbers + Build fixes + Use libgcrypt instead of hand-rolled encryption algorithms + Code refactoring and cleanup + Error and warning messages are logged to syslog when running as a daemon + Use non-pageable memory for secrets and passwords + Use NULL consistently in the API to represent the default keyrong + Improved prompts + Handle unix signals properly + Keyrings supported on removeable drives + New API + API docs + Unit tests are run automagically when building + Misc. bug fixes * Wed Apr 11 2007 mawAATTsuse.de- Update to version 0.8.1, which- Fixes a crash when called with a NULL keyring- Has an updated translation for the gl locale. * Wed Apr 04 2007 mawAATTsuse.de- Update to version 0.8- b.g.o 407160 and 339137. * Fri Mar 09 2007 mawAATTsuse.de- Update to version 0.7.91- Changes in version 0.7.91 are: * Add method for library to discover daemon via DBus. Adds soft DBus dependency. * Fixes for building on kFreeBSD.- Changes in version 0.7.3 are: * Fix endless loop when creating a keyring and a file by that name already exists. * Fix crasher when deleting session keyring. * Fix crasher when doing find operation with NULL attribute string. * Sync files to disk after writing to keyring.- Changes in version 0.7.2 are: * Don\'t have multiple password dialogs presented for the same keyring- Changes in version 0.7.1 are: * Added GNOME_KEYRING_ITEM_APPLICATION_SECRET which allows an item to be for a single application only with strict access controls. * New function gnome_keyring_item_get_info_full(_sync) which allow retrieval of item meta data without the secret, thus not incurring an ACL prompt. * Translation updates * Tue Feb 27 2007 mawAATTsuse.de- Create a -doc subpackage (#248813). * Thu Dec 14 2006 sbrabecAATTsuse.cz- More spec file cleanups. * Wed Dec 13 2006 mawAATTsuse.de- Move to /usr- Do some specfile cleanup. * Thu Sep 14 2006 jhargadonAATTsuse.de- update to version 0.6.0- NetBSD fixes- Crash fix- Typo fix- Translations * Wed Aug 30 2006 jhargadonAATTsuse.de- update to version 0.5.2- Translation updates- Better title in docs- Fixed crashes- New function: gnome_keyring_item_grant_access_rights_sync * Thu Aug 24 2006 roAATTsuse.de- copy CASA headers to local source and remove CASA-devel from BuildRequires to avoid build-dep cycle (CASA needs gtk-sharp needs gnome-keyring needs CASA) * Fri Aug 11 2006 jhargadonAATTsuse.de- update to version 0.5.1- Support changing password of a keyring- Create ~/.gnome2 if needed- Save keyring when an ACL is added- Add password strength meter- Fix return value for some sync calls- Translation updates- Fix crash when asking for password- Fix --disable-nls * Sat May 13 2006 hpjAATTsuse.de- Add a patch to provide better CASA integration. CASAManager is allowed by default, and the default keyring\'s password is saved in CASA, making most of the annoying dialogs go away. Part of fix for Novell bug #174093. * Tue May 09 2006 joeshawAATTsuse.de- Add a patch to only display the \"unlock keyring\" dialog once per keyring, no matter how many different apps request it. (bnc #170587) Also fixes a crash in gnome-keyring-ask if you clicked \"Deny\". * Mon May 08 2006 joeshawAATTsuse.de- Add a patch to correctly escape for markup, and set the markup flag on the label. (bnc #172603) * Wed Jan 25 2006 mlsAATTsuse.de- converted neededforbuild to BuildRequires * Wed Nov 30 2005 gekkerAATTsuse.de- Update to version 0.4.6 * Thu Oct 13 2005 gekkerAATTsuse.de- Update to version 0.4.5 * Mon Sep 05 2005 mmjAATTsuse.de- Update to version 0.4.4 (GNOME 2.12) * Fri Jul 22 2005 gekkerAATTsuse.de- Update to version 0.4.3 * Wed Jun 01 2005 sbrabecAATTsuse.cz- Fixed devel requirements. * Wed Mar 09 2005 gekkerAATTsuse.de- Update to version 0.4.2 (GNOME 2.10). * Wed Jan 19 2005 claheyAATTsuse.de- Updated to version 0.4.1. * Tue Nov 23 2004 gekkerAATTsuse.de- Update version to 0.4.0 * Tue Nov 02 2004 roAATTsuse.de- locale rename: no -> nb * Tue Oct 12 2004 sbrabecAATTsuse.cz- Fixed libexecdir for bi-arch (#47050). * Mon Jun 28 2004 hhetterAATTsuse.de- reduce #neededforbuild * Mon Apr 26 2004 sbrabecAATTsuse.cz- New SuSE package, version 0.2.1 (GNOME 2.6).
|
|
|