Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2025-05-12 16:45:29 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.30101 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "gpg2" Mon May 12 16:45:29 2025 rev:183 rq:1275913 version:2.5.6 Changes: -------- --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes 2025-03-10 17:57:34.391131451 +0100 +++ /work/SRC/openSUSE:Factory/.gpg2.new.30101/gpg2.changes 2025-05-12 16:48:26.011548174 +0200 @@ -1,0 +2,39 @@ +Thu May 8 16:39:41 UTC 2025 - Lucas Mulling <[email protected]> + +- Update to 2.5.6: + * gpg: Add a flag to the filter expressions for left anchored + substring match. [rGc12b7d047e] + * gpg: New list option "show-trustsig" to avoid resorting to colon + mode for this info. [rG41d6ae8f41] + * gpg: New command --quick-tsign-key to create a trust signature. + [rGd90b290f97] + * gpg: New keygen parameter "User-Id". [rGcfd597c603] + * gpg: New list options "show-trustsig". [rGrG41d6ae8f41] + * gpg: Fix double free of internal data in no-sig-cache mode [T7547] + * gpg: Signatures from revoked or expired keys do not anymore show + up as missing keys. Fixes regression in 2.5.5. [T7583] + * gpgsm: Extend --learn-card by an optional s/n argument. [T7379] + * gpgsm: Skip expired certificates when selection a certificate by + subject. [rG4cf83273e8] + * card: New command "ll" as alias for "list --cards". [rGd6ee7adebe] + * scd:p15: Accept P15 cards with a zero-length label. [rGdb25aa9887] + * keyboxd: Use case-insensitive search for mail addresses. [T7576] + * dirmngr: Fix a problem in libdns related to an address change from + 127.0.0.1. [T4021] + * gpgconf: Fix reload and kill of keyboxd. [T7569] + * Fix logic for certain recsel conditions. [rG8968e84903] + * Add Solaris support to get_signal_name. [T7638] + * Fix build error of the test shell on AIX. [T7632] +- Release-info: https://dev.gnupg.org/T7586 +- Rebase patch gnupg-nobetasuffix.patch +- Remove patch gnupg-CVE-2025-30258-fix.patch + +------------------------------------------------------------------- +Mon Mar 24 13:25:29 UTC 2025 - Pedro Monreal <[email protected]> + +- Fix a regression introduced in CVE-2025-30258 [bsc#1239875] + * Upstream task: dev.gnupg.org/T7547 + * gpg: Fix double free of internal data. + * Add gnupg-CVE-2025-30258-fix.patch + +------------------------------------------------------------------- @@ -4 +43 @@ -- Update to 2.5.5: [bsc#1236931, bsc#1239119] +- Update to 2.5.5: [bsc#1236931, bsc#1239119, CVE-2025-30258] Old: ---- gnupg-2.5.5.tar.bz2 gnupg-2.5.5.tar.bz2.sig New: ---- gnupg-2.5.6.tar.bz2 gnupg-2.5.6.tar.bz2.sig ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ gpg2.spec ++++++ --- /var/tmp/diff_new_pack.DnP0df/_old 2025-05-12 16:48:28.139637426 +0200 +++ /var/tmp/diff_new_pack.DnP0df/_new 2025-05-12 16:48:28.143637593 +0200 @@ -18,7 +18,7 @@ Name: gpg2 -Version: 2.5.5 +Version: 2.5.6 Release: 0 Summary: File encryption, decryption, signature creation and verification utility License: GPL-3.0-or-later ++++++ gnupg-2.5.5.tar.bz2 -> gnupg-2.5.6.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/gpg2/gnupg-2.5.5.tar.bz2 /work/SRC/openSUSE:Factory/.gpg2.new.30101/gnupg-2.5.6.tar.bz2 differ: char 11, line 1 ++++++ gnupg-nobetasuffix.patch ++++++ --- /var/tmp/diff_new_pack.DnP0df/_old 2025-05-12 16:48:28.239641619 +0200 +++ /var/tmp/diff_new_pack.DnP0df/_new 2025-05-12 16:48:28.247641955 +0200 @@ -1,17 +1,17 @@ -Index: gnupg-2.5.1/autogen.sh +Index: gnupg-2.5.6/autogen.sh =================================================================== ---- gnupg-2.5.1.orig/autogen.sh -+++ gnupg-2.5.1/autogen.sh -@@ -244,7 +244,7 @@ if [ "$myhost" = "find-version" ]; then - fi +--- gnupg-2.5.6.orig/autogen.sh ++++ gnupg-2.5.6/autogen.sh +@@ -259,7 +259,7 @@ if [ "$myhost" = "find-version" ]; then + matchexcl="--exclude $package-*beta*" beta=no - if [ -e .git ]; then + if false; then ingit=yes - tmp=$(git describe --match "${matchstr1}" --long 2>/dev/null) + tmp=$(git describe --match "${matchstr1}" $matchexcl --long 2>/dev/null) if [ -n "$tmp" ]; then -@@ -270,8 +270,8 @@ if [ "$myhost" = "find-version" ]; then +@@ -285,8 +285,8 @@ if [ "$myhost" = "find-version" ]; then rvd=$((0x$(echo ${rev} | dd bs=1 count=4 2>/dev/null))) else ingit=no
