SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for gpg2-debuginfo-2.0.24-8.1.x86_64.rpm :

* Fri Apr 28 2017 alarrosaAATTsuse.com- Added 0001-Do-not-install-cacert-and-other-root-certificates.patch to backport a patch from gnupg 2.1.14 to not install cacert and other root certificates which are not needed with Let\'s Encrypt (boo#1036736).
* Mon Jun 27 2016 jsegitzAATTnovell.com- Added gnupg-init-trustdb.patch to get commit 23191d7851eae2217ecdac6484349849a24fd94a: Need to init the trustdb for import. (bsc#986783)
* Thu Nov 19 2015 vcizekAATTsuse.com- fix CVE-2015-1606 (bsc#918089)
* Invalid memory read using a garbled keyring
* 0001-gpg-Prevent-an-invalid-memory-read-using-a-garbled-k.patch- fix CVE-2015-1607 (bsc#918090)
* memcpy with overlapping ranges
* 0001-Use-inline-functions-to-convert-buffer-data-to-scala.patch
* Thu Nov 19 2015 tiwaiAATTsuse.de- Fix regression of \"gpg --recv\" due to keyserver import filter (bsc#955753,boo#952347): 0001-gpg-Make-screening-of-keyserver-result-work-with-mul.patch 0002-gpg-Add-kbnode_t-for-easier-backporting.patch 0003-gpg-Fix-regression-due-to-the-keyserver-import-filte.patch
* Tue Jun 24 2014 andreas.stiegerAATTgmx.de- update to 2.0.24 Contains a security fix to stop a possible DoS using garbled compressed data packets which can be used to put gpg into an infinite loop. [bnc#884130] [CVE-2014-4617]
* gpg: Avoid DoS due to garbled compressed data packets.- further:
* gpg: Screen keyserver responses to avoid importing unwanted keys from rogue servers.
* gpg: The validity of user ids is now shown by default. To revert this add \"list-options no-show-uid-validity\" to gpg.conf
* gpg: Print more specific reason codes with the INV_RECP status.
* gpg: Allow loading of a cert only key to an OpenPGP card.
* gpg-agent: Make ssh support for ECDSA keys work with Libgcrypt 1.6.
* Tue Jun 03 2014 andreas.stiegerAATTgmx.de- update to 2.0.23:
* gpg: Reject signatures made using the MD5 hash algorithm unless the new option --allow-weak-digest-algos or --pgp2 are given.
* gpg: Do not create a trustdb file if --trust-model=always is used.
* gpg: Only the major version number is by default included in the armored output.
* gpg: Print a warning if the Gnome-Keyring-Daemon intercepts the communication with the gpg-agent.
* gpg: The format of the fallback key listing (\"gpg KEYFILE\") is now more aligned to the regular key listing (\"gpg -k\").
* gpg: The option--show-session-key prints its output now before the decryption of the bulk message starts.
* gpg: New %U expando for the photo viewer.
* gpgsm: Improved handling of re-issued CA certificates.
* scdaemon: Various fixes for pinpad equipped card readers.
* Minor bug fixes.- Packaging changes:
* add gpgtar utility
* update and use use source URL for tarball signing key
* removed gnupg-2.0.9-RSA_ES.patch, applied upstream
* updated for context changes: gnupg-add_legacy_FIPS_mode_option.patch gnupg-2.0.18-files-are-digests.patch gnupg-dont-fail-with-seahorse-agent.patch
* Tue Apr 29 2014 vcizekAATTsuse.com- add patch by Stephan Mueller which adds an option to enable legacy ciphers in FIPS mode
* added gnupg-add_legacy_FIPS_mode_option.patch (part of bnc#856312)- added BuildRequires: makeinfo (to build info pages from the patched gnupg.texi)
* Fri Feb 14 2014 vcizekAATTsuse.com- install scdaemon to /usr/bin (bnc#863645)
* Sat Oct 05 2013 andreas.stiegerAATTgmx.de- update to 2.0.22 [bnc#844175]
* Fixed possible infinite recursion in the compressed packet parser. [CVE-2013-4402]
* Improved support for some card readers.
* Prepared building with the forthcoming Libgcrypt 1.6.
* Protect against rogue keyservers sending secret keys.- remove gpg2-CVE-2013-4351.patch, committed upstream
* Mon Sep 16 2013 vcizekAATTsuse.com- fix CVE-2013-4351 (bnc#840510)
* Mon Aug 19 2013 andreas.stiegerAATTgmx.de- update to 2.0.21
* gpg-agent: By default the users are now asked via the Pinentry whether they trust an X.509 root key. To prohibit interactive marking of such keys, the new option --no-allow-mark-trusted may be used.
* gpg-agent: The command KEYINFO has options to add info from sshcontrol.
* The included ssh agent does now support ECDSA keys.- now requires libgpg-error 1.11- update gnupg-2.0.9-langinfo.patch for upstream whitespace changes- drop gnupg-broken-curl-test.patch, no longer required
* Mon Jun 17 2013 cooloAATTsuse.com- revert usage of gpg-offline to avoid cycles
* Mon Jun 17 2013 cooloAATTsuse.com- add gnupg-2.0.20-automake113.diff to fix build with automake 1.13
* Tue May 14 2013 vcizekAATTsuse.com- set safe umask before creating a plaintext file (bnc#780943) added gpg2-set_umask_before_open_outfile.patch- select proper ciphers when running in FIPS mode (bnc#808958) added gnupg-detect_FIPS_mode.patch
* Fri May 10 2013 andreas.stiegerAATTgmx.de- update to 2.0.20
* Decryption using smartcards keys > 3072 bit does now work.
* New meta option ignore-invalid-option to allow using the same option file by other GnuPG versions.
* gpg: The hash algorithm is now printed for sig records in key listings.
* gpg: Skip invalid keyblock packets during import to avoid a DoS.
* gpg: Correctly handle ports from DNS SRV records.
* keyserver: Improve use of SRV records
* gpg-agent: Avoid tty corruption when killing pinentry.
* scdaemon: Improve detection of card insertion and removal.
* scdaemon: Rename option --disable-keypad to --disable-pinpad.
* scdaemon: Better support for CCID readers. Now, the internal CCID driver supports readers without the auto configuration feature.
* scdaemon: Add pinpad input for PC/SC, if your reader has pinpad and it supports variable length PIN input, and you specify - -enable-pinpad-varlen option.
* scdaemon: New option --enable-pinpad-varlen.
* scdaemon: Install into libexecdir to avoid accidental execution from the command line.
* Assorted bug fixes.- refresh gnupg-2.0.9-RSA_ES.patch- verify gpg signature of source tarball
* Wed Mar 27 2013 mmeisterAATTsuse.com- Added url as source. Please see http://en.opensuse.org/SourceUrls
* Fri Jan 11 2013 lazy.kentAATTopensuse.org- BuildRequires: libbz2-devel (support BZIP2 compression algorithm) (bnc#798175).
* Wed Apr 18 2012 vcizekAATTsuse.com- Mention some of the changes in Greg\'s version update
* Tue Mar 27 2012 gregkhAATTopensuse.org- update to upstream 2.0.19
* GPG now accepts a space separated fingerprint as a user ID. This allows to copy and paste the fingerprint from the key listing.
* GPG now uses the longest key ID available. Removed support for the original HKP keyserver which is not anymore used by any site.
* Rebuild the trustdb after changing the option --min-cert-level.
* Ukrainian translation.
* Honor option --cert-digest-algo when creating a cert.
* Emit a DECRYPTION_INFO status line.
* Improved detection of JPEG files.
* Tue Dec 06 2011 vcizekAATTsuse.com- fixed licence to GPL-3.0+ (bnc#734878)
* Wed Nov 30 2011 cooloAATTsuse.com- add automake as buildrequire to avoid implicit dependency
* Sat Oct 01 2011 crrodriguezAATTopensuse.org- Test suite hangs in qemu-arm, workaround.
* Wed Aug 31 2011 puzelAATTsuse.com- link with -pie
* Fri Aug 19 2011 crrodriguezAATTopensuse.org- libcurl.m4 tests were broken, resulting in the usage of a \"fake\" internal libcurl.
* Sat Aug 06 2011 andreas.stiegerAATTgmx.de- update to upstream 2.0.18
* Bug fix for newer versions of Libgcrypt.
* Support the SSH confirm flag and show SSH fingerprints in ssh related pinentries.
* Improved dirmngr/gpgsm interaction for OCSP.
* Allow generation of card keys up to 4096 bit.- refresh patch gnupg-2.0.10-tmpdir.diff -> gnupg-2.0.18-tmpdir.diff- refresh patch gnupg-files-are-digests.patch -> gnupg-2.0.18-files-are-digests.patch
* Tue Mar 15 2011 puzelAATTnovell.com- update to gnupg-2.0.17
* Allow more hash algorithms with the OpenPGP v2 card.
* The gpg-agent now tests for a new gpg-agent.conf on a HUP.
* Fixed output of \"gpgconf --check-options\".
* Fixed a bug where Scdaemon sends a signal to Gpg-agent running in non-daemon mode.
* Fixed TTY management for pinentries and session variable update problem.- drop gnupg-CVE-2010-2547.patch (in upstream)
* Fri Jan 07 2011 sbrabecAATTsuse.cz- Removed obsolete BuildRequires of opensc-devel.
* Sun Oct 31 2010 jengelhAATTmedozas.de- Use %_smp_mflags
* Wed Jul 28 2010 puzelAATTnovell.com- gnupg-CVE-2010-2547.patch (bnc#625947)- renumber patches
* Mon Jul 19 2010 puzelAATTnovell.com- update to gnupg-2.0.16
* If the agent\'s --use-standard-socket option is active, all tools try to start and daemonize the agent on the fly. In the past this was only supported on W32; on non-W32 systems the new configure option --use-standard-socket may now be used to use this feature by default.
* The gpg-agent commands KILLAGENT and RELOADAGENT are now available on all platforms.
* Minor bug fixes.- drop gnupg-2.0.14-s2kcount.patch (builds fine without it now)
* Mon Jun 07 2010 adrianAATTsuse.de- add special provides to make sure that obs signd gets correct gpg version
* Fri Apr 09 2010 chrisAATTcomputersalat.de- fix deps o libassuan-devel >= 2.0.0 o pth / libpth-devel >= 1.3.7- added BuildReq libcurl-devel >= 7.10- removed BuildReq openldap2 is already solved by openldap2-devel- removed unrecognized configure options - -enable-external-hkp, --enable-shared, --enable-static-rnd
* Wed Apr 07 2010 puzelAATTnovell.com- add gnupg-dont-fail-with-seahorse-agent.patch (bnc#589994)
* Wed Mar 31 2010 puzelAATTnovell.com- update to gnupg-2.0.15
* New command --passwd for GPG.
* Fixes a regression in 2.0.14 which prevented unprotection of new or changed gpg-agent passphrases.
* Make use of libassuan 2.0 which is available as a DSO.
* Mon Mar 22 2010 puzelAATTnovell.com- fix files-are-digests patch (bnc#469229)
* Wed Feb 17 2010 dimstarAATTopensuse.org- Update to version 2.0.14: + The default for --include-cert is now to include all certificates in the chain except for the root certificate. + Numerical values may now be used as an alternative to the debug-level keywords. + The GPGSM --audit-log feature is now more complete. + GPG now supports DNS lookups for SRV, PKA and CERT on W32. + New GPGSM option --ignore-cert-extension. + New and changed passphrases are now created with an iteration count requiring about 100ms of CPU work.- Add gnupg-2.0.14-s2kcount.patch: use fixed s2k-count number otherwise the gpg2 would want to consult gpg-agent which is not yet installed in the mock chroot (Patch shamelessly stolen from Fedora).
* Thu Jan 28 2010 puzelAATTnovell.com- fix build for older distributions
* Wed Jan 27 2010 puzelAATTnovell.com- port files-are-digests patch from gpg1 (bnc#469229)
* Tue Dec 15 2009 jengelhAATTmedozas.de- enable parallel building- SPARC needs large PIE model
* Sun Dec 06 2009 cooloAATTnovell.com- change -lang require to recommended
* Fri Nov 13 2009 puzelAATTnovell.com- update to gnupg-2.0.13
* GPG now generates 2048 bit RSA keys by default. The default hash algorithm preferences has changed to prefer SHA-256 over SHA-1. 2048 bit DSA keys are now generated to use a 256 bit hash algorithm
* The envvars XMODIFIERS, GTK_IM_MODULE and QT_IM_MODULE are now passed to the Pinentry to make SCIM work.
* The GPGSM command --gen-key features a --batch mode and implements all features of gpgsm-gencert.sh in standard mode.
* New option --re-import for GPGSM\'s IMPORT server command.
* Enhanced writing of existing keys to OpenPGP v2 cards.
* Add hack to the internal CCID driver to allow the use of some Omnikey based card readers with 2048 bit keys.
* GPG now repeatly asks the user to insert the requested OpenPGP card. This can be disabled with --limit-card-insert-tries=1.
* Minor bug fixes.- drop gnupg-2.0.4-default-tty.diff
* Thu Jun 18 2009 puzelAATTnovell.com- update to gnupg-2.0.12
* GPGSM now always lists ephemeral certificates if specified by fingerprint or keygrip.
* New command \"KEYINFO\" for GPG_AGENT. GPGSM now also returns information about smartcards.
* Made sure not to leak file descriptors if running gpg-agent with a command. Restore the signal mask to solve a problem in Mono.
* Changed order of the confirmation questions for root certificates and store negative answers in trustlist.txt.
* Better synchronization of concurrent smartcard sessions.
* Support 2048 bit OpenPGP cards.
* Support Telesec Netkey 3 cards.
* The gpg-protect-tool now uses gpg-agent via libassuan.
* Changed code to avoid a possible Mac OS X system freeze.- drop gpg2-fix-rtsignals.patch (fixed upstream)- drop gnupg-1.9.22-ccid-driver-fix.diff (unused)
* Thu Jun 11 2009 puzelAATTsuse.cz- change BuildRequires: (pth-devel -> libpth-devel)
* Mon Jun 01 2009 puzelAATTsuse.cz- BuildRequires: pth-devel
* Wed Mar 18 2009 puzelAATTsuse.cz- add gpg2-fix-rtsignals.patch (bnc#481463)
* Thu Mar 05 2009 puzelAATTsuse.cz- update to 2.0.11
* Fixed a problem in SCDAEMON which caused unexpected card resets.
* SCDAEMON is now aware of the Geldkarte.
* The SCDAEMON option --allow-admin is now used by default.
* GPGCONF now restarts SCdaemon if necessary.
* The default cipher algorithm in GPGSM is now again 3DES. This is due to interoperability problems with Outlook 2003 which still can\'t cope with AES.- dropped gnupg-2.0.10-fix-convert.patch (upstream)- dropped gnupg-2.0.10-fix-missing-option.patch (upstream)- disabled gnupg-1.9.22-ccid-driver-fix.diff (does not apply and it is not clear what it is good for)
* Mon Mar 02 2009 puzelAATTsuse.cz- gnupg-2.0.10-fix-missing-option.patch (bnc#477362)
* Mon Jan 19 2009 puzelAATTsuse.cz- add gnupg-2.0.10-fix-convert.patch - fix broken \'make check\' on ppc, s390 and s390x
* Tue Jan 13 2009 puzelAATTsuse.cz- update to 2.0.10
* New keyserver helper gpg2keys_kdns as generic DNS CERT lookup.
* New mechanisms \"local\" and \"nodefault\" for --auto-key-locate. Fixed a few problems with this option.
* New command --locate-keys.
* New options --with-sig-list and --with-sig-check.
* The option \"-sat\" is no longer an alias for --clearsign.
* The option --fixed-list-mode is now implicitly used and obsolete.
* New control statement %ask-passphrase for the unattended key generation.
* The algorithm to compute the SIG_ID status has been changed.
* [gpgsm] Now uses AES by default.
* [gpgsm] Made --output option work with --export-secret-key-p12.
* [gpg-agent] Terminate process if the own listening socket is not anymore served by ourself.
* [gpg-connect-agent] Accept commands given as command line arguments.
* The gpg-preset-passphrase mechanism works again. An arbitrary string may now be used for a custom cache ID.
* Admin PINs are cached again (bug in 2.0.9).
* Support for version 2 OpenPGP cards.- specfile changes:
* require libadns
* explicit versions for some BuildRequires
* BuildRequires libgpg-error
* changed license to GPL v3
* /etc/gnupg/gnupg.conf is now (noreplace)
* documentation is installed with install
* Wed Jun 11 2008 puzelAATTsuse.cz- fix [bnc#305725] - UTF-8 problems
* non latin characters displayed incorrectly by pinentry-
*
* Wed May 21 2008 puzelAATTsuse.cz- added missing gpgconf.conf (bnc#391347)
* Fri Mar 28 2008 pcernyAATTsuse.cz- update to 2.0.9
* fixes CVE-2008-1530 (bnc#374254)
* removing gnupg-2.0.8-from-upstream.diff (included in release)
* removing gnupg-2.0.4-oldkey.diff (accepted by upstream)
* removing gnupg-2.0.8-warningfixes.diff (also appears in upstream)- patch gnupg-2.0.9-RSA_ES.patch
* adding back support for deprecated RSA_E, RSA_S algorithms (bnc#342979)
* Wed Mar 26 2008 cooloAATTsuse.de- require the split out lang package
* Sun Mar 23 2008 cooloAATTsuse.de- splitting out a third of the package by using a lang subpack
* Tue Feb 12 2008 bkAATTsuse.de- install gpg-zip and gpgsplit again and use -pie for randomisation
* Wed Feb 06 2008 bkAATTsuse.de- add selected upstream fixes and fix gcc and rpmlint warnings
* Tue Jan 08 2008 sassmannAATTsuse.de- update to GnuPG-2.0.8- adapted patches to apply properly
* gnupg-1.9.18-tmpdir.diff
* gnupg-2.0.4-install_tools.diff- gnupg-2.0.5.fixes-from-svn-20070812.diff commented out, included in upstream 2.0.8- use optflags during build
* Wed Sep 12 2007 ltinklAATTsuse.cz- fix #304749 - gpg2 unable to use old secret key
* Mon Sep 10 2007 ltinklAATTsuse.cz- fix gpg2 crash on accessing key (#307666)- fix gpg doesn\'t work on the console (#302323)
* Fri Aug 10 2007 bkAATTsuse.de- update to GnuPG-2.0.5 - requries libassuan-1.0.2!
* Switched license to GPLv3.
* Fixed bug when using the --p12-charset without --armor.
* The command --gen-key may now be used instead of the gpgsm-gencert.sh script.
* Changed key generation to reveal less information about the machine. Bug fixes for gpg2\'s card key generation.- enable make check to test against build issues in the crypto engine- cleanup disabled nld patch for linking with -lgpg-error-nld- use %find_lang to label the locale files properly with %lang- add opensc-devel to BuildRequrires to enanble smartcard support- del Makefile.in patches where we patch Makefile.am and run automake- cleanup the standrd GNU INSTALL and the empty VERSION from %doc
* Thu Jul 26 2007 sbrabecAATTsuse.cz- Build with libassuan-devel.
* Thu Jun 21 2007 roAATTsuse.de- install compat symlinks for gpg2 and gpgv2- install gpg-zip and gpgsplit- added openldap2 to buildrequires (for gpgkeys_ldap)- added fPIE/pie to CFLAGS/LDFLAGS for gpgsplit
* Wed May 23 2007 dmuellerAATTsuse.de- add libusb-devel build requires
* Wed May 16 2007 ltinklAATTsuse.cz- remove gpg from Require\'s (#273491)
* Fri May 11 2007 ltinklAATTsuse.cz- updated to 2.0.4 stable snapshot
* Wed Apr 04 2007 ltinklAATTsuse.cz- update to 2.0.3- fixed #251605 - VUL-0: signing issues within GNUPG- removed outdated patches
* Thu Mar 29 2007 roAATTsuse.de- added zlib-devel to buildreq
* Wed Feb 14 2007 ltinklAATTsuse.cz- fix file conflicts with gpg (#242133)
* Mon Jan 29 2007 roAATTsuse.de- fix build (exclude possible debuginfo directory)
* Mon Jan 29 2007 ltinklAATTsuse.cz- fix #221212 - gpg2 is not updated and do not contain documentation- fix #233525 - gpg1/2: bug in vasprintf() implementation
* Thu Nov 30 2006 anickaAATTsuse.cz- fix overflow in openfile.c (CVE-2006-6169, #224108)
* Mon Sep 11 2006 pnemecAATTsuse.cz- updated gnupg to new version 1.9.22 Enhanced pkcs#12 support Support for the CardMan 4040 PCMCIA Collected bug fixes- updated pth library to 2.0.7- changed using pinetry-qt to pinentry- removed -cfb.diff -signature.patch -cap_large_uid.patch patches they are no longer needed- change patch -warnings-fix.diff -ccid-driver-fix.diff
* Thu Aug 17 2006 pnemecAATTsuse.de- remove unused package in build requires
* Wed Aug 09 2006 pnemecAATTsuse.cz- fix spec file to build with new gettext 0.15
* Mon Aug 07 2006 pnemecAATTsuse.cz- fixed security fix with large uid CVE-2006-3746 [#195569]
* Thu Feb 23 2006 pnemecAATTsuse.cz- fixed signature security problem CVE-2006-0455 (bugzilla#150742)
* Thu Feb 02 2006 pnemecAATTsuse.cz- fixed install info in spec file
* Thu Jan 26 2006 sbrabecAATTsuse.cz- Added missing %install_info.
* Wed Jan 25 2006 mlsAATTsuse.de- converted neededforbuild to BuildRequires
* Fri Aug 05 2005 postadalAATTsuse.cz- updated to version to 1.9.18- removed obsoleted gcc patch- added patch tmpdir.diff for using $TMPDIR by gpg-agent [#bug95732]
* Tue Jul 12 2005 postadalAATTsuse.cz- updated to version to 1.9.17- updated pth to version 2.0.4- removed obsoleted patch agent-cache-fix.diff- fixed ccid-driver.c- fixed gcc4- explicitly enabled gpg building in configure
* Thu Mar 24 2005 postadalAATTsuse.cz- fixed caching passphrase in gpg-agent [#71975]
* Tue Mar 22 2005 postadalAATTsuse.cz- fixed on 64bit archs [#72440]
* Wed Feb 23 2005 postadalAATTsuse.cz- security fix for cfb-cipher issue [#65862]
* Wed Jan 12 2005 postadalAATTsuse.cz- update to version 1.9.14- removed obsoleted patch automake-fixes.diff
* Tue Sep 28 2004 adrianAATTsuse.de- link against libpth staticaly to make S/MIME support in kmail usable. Hopefully we can convert this to a native thread implementation later. (#46260)
* Sat Jul 31 2004 adrianAATTsuse.de- update to version 1.9.10
* Tue Jul 20 2004 adrianAATTsuse.de- remove openct and opensc packages from nfb (we will need thread support, when enabling card reader support, but it isn\'t anyway implemented yet in gpg2)
* Mon Jul 12 2004 adrianAATTsuse.de- use GnuPG 2 sources version 1.9.9- opensc support misses some functions atm, support disabled for now- threading is disabled, since we do not have a pth package for now- prepare for nld
* Thu Feb 26 2004 postadalAATTsuse.cz- adapted some functions to the libgcrypt version 1.1.91 [#34987]- added libgpg-error to needforbuild flag
* Wed Feb 18 2004 kukukAATTsuse.de- Don\'t build against libpth.
* Tue Feb 10 2004 postadalAATTsuse.cz- fixed code that broke strict aliasing
* Fri Dec 05 2003 garloffAATTsuse.de- disable core dumpe in child after forking. [#33499]
* Mon Aug 11 2003 adrianAATTsuse.de- cleanup #neededforbuild and requires
* Mon Aug 04 2003 roAATTsuse.de- added openct to neededforbuild
* Fri Jul 18 2003 mcAATTsuse.de- build against opensc
* Thu Jun 19 2003 schwabAATTsuse.de- Add %install_info.
* Mon Mar 17 2003 adrianAATTsuse.de- add signal handler to check if the parent is still alive and exit if not- use pinentry-qt by default (/usr/bin/pinentry do not exist)
* Tue Feb 11 2003 mcAATTsuse.de- initial release
  
ICM