commit gpg2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2024-08-13 13:22:21 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.7232 (New) Package is "gpg2" Tue Aug 13 13:22:21 2024 rev:175 rq:1193388 version:2.4.5 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2024-03-09 20:55:11.255693695 +0100 +++ /work/SRC/openSUSE:Factory/.gpg2.new.7232/gpg2.changes 2024-08-13 13:22:32.204478260 +0200 @@ -1,0 +2,6 @@ +Mon Aug 12 04:30:42 UTC 2024 - Andreas Stieger + +- Remove explicit runtime library dependency, pick ease of + maintenance in Tumbleweed over mixed project use runtime bugs. + +--- Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.DWcDgK/_old 2024-08-13 13:22:32.908507594 +0200 +++ /var/tmp/diff_new_pack.DWcDgK/_new 2024-08-13 13:22:32.908507594 +0200 @@ -2,6 +2,7 @@ # spec file for package gpg2 # # Copyright (c) 2024 SUSE LLC +# Copyright (c) 2024 Andreas Stieger # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -64,11 +65,6 @@ BuildRequires: pkgconfig(libusb-1.0) BuildRequires: pkgconfig(sqlite3) >= 3.27 BuildRequires: pkgconfig(zlib) -# runtime dependency to support devel repository users - boo#955982 -Requires: libassuan0 >= 2.5.0 -Requires: libgcrypt20 >= 1.9.1 -Requires: libgpg-error >= 1.46 -Requires: libksba >= 1.6.3 Requires: pinentry Recommends: dirmngr = %{version} Provides: gnupg = %{version}
commit gpg2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2024-03-09 20:54:13 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.1770 (New) Package is "gpg2" Sat Mar 9 20:54:13 2024 rev:174 rq:1156460 version:2.4.5 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2024-01-26 22:46:25.858391032 +0100 +++ /work/SRC/openSUSE:Factory/.gpg2.new.1770/gpg2.changes 2024-03-09 20:55:11.255693695 +0100 @@ -1,0 +2,27 @@ +Fri Mar 8 13:14:00 UTC 2024 - Pedro Monreal + +- Update to 2.4.5: + * gpg,gpgv: New option --assert-pubkey-algo. [T6946] + * gpg: Emit status lines for errors in the compression layer. [T6977] + * gpg: Fix invocation with --trusted-keys and --no-options. [T7025] + * gpgsm: Allow for a longer salt in PKCS#12 files. [T6757] + * gpgtar: Make --status-fd=2 work on Windows. [T6961] + * scd: Support for the ACR-122U NFC reader. [rG1682ca9f01] + * scd: Suport D-TRUST ECC cards. [T7000,T7001] + * scd: Allow auto detaching of kernel drivers; can be disabled with +the new compatibility-flag ccid-no-auto-detach. [rGa1ea3b13e0] + * scd: Allow setting a PIN length of 6 also with a reset code for +openpgp cards. [T6843] + * agent: Allow GET_PASSPHRASE in restricted mode. [rGadf4db6e20] + * dirmngr: Trust system's root CAs for checking CRL issuers. [T6963] + * dirmngr: Fix regression in 2.4.4 in fetching keys via hkps. [T6997] + * gpg-wks-client: Make option --mirror work properly w/o specifying +domains. [rG37cc255e49] + * g13,gpg-wks-client: Allow command style options as in "g13 mount +foo". [rGa09157ccb2] + * Allow tilde expansion for the foo-program options. [T7017] + * Make the getswdb.sh tool usable outside the GnuPG tree. + * Release-info: https://dev.gnupg.org/T6960 + * Update the required versions for the dependencies. + +--- Old: gnupg-2.4.4.tar.bz2 gnupg-2.4.4.tar.bz2.sig New: gnupg-2.4.5.tar.bz2 gnupg-2.4.5.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.iPlCso/_old 2024-03-09 20:55:12.003721076 +0100 +++ /var/tmp/diff_new_pack.iPlCso/_new 2024-03-09 20:55:12.003721076 +0100 @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.4.4 +Version:2.4.5 Release:0 Summary:File encryption, decryption, signature creation and verification utility License:GPL-3.0-or-later @@ -60,7 +60,7 @@ BuildRequires: pkgconfig BuildRequires: readline-devel BuildRequires: pkgconfig(bzip2) -BuildRequires: pkgconfig(gnutls) >= 3.0 +BuildRequires: pkgconfig(gnutls) >= 3.2 BuildRequires: pkgconfig(libusb-1.0) BuildRequires: pkgconfig(sqlite3) >= 3.27 BuildRequires: pkgconfig(zlib) @@ -68,7 +68,7 @@ Requires: libassuan0 >= 2.5.0 Requires: libgcrypt20 >= 1.9.1 Requires: libgpg-error >= 1.46 -Requires: libksba >= 1.3.4 +Requires: libksba >= 1.6.3 Requires: pinentry Recommends: dirmngr = %{version} Provides: gnupg = %{version} ++ gnupg-2.4.4.tar.bz2 -> gnupg-2.4.5.tar.bz2 ++ /work/SRC/openSUSE:Factory/gpg2/gnupg-2.4.4.tar.bz2 /work/SRC/openSUSE:Factory/.gpg2.new.1770/gnupg-2.4.5.tar.bz2 differ: char 11, line 1
commit gpg2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2024-01-26 22:46:20 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.1815 (New) Package is "gpg2" Fri Jan 26 22:46:20 2024 rev:173 rq:1141713 version:2.4.4 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2023-11-02 20:20:44.146214877 +0100 +++ /work/SRC/openSUSE:Factory/.gpg2.new.1815/gpg2.changes 2024-01-26 22:46:25.858391032 +0100 @@ -1,0 +2,52 @@ +Thu Jan 25 18:51:03 UTC 2024 - Pedro Monreal + +- Update to 2.4.4: [bsc#1219191] + * gpg: Do not keep an unprotected smartcard backup key on disk. +See https://gnupg.org/blog/20240125-smartcard-backup-key.html +for a security advisory. [T6944] + * gpg: Allow to specify seconds since Epoch beyond 2038 on 32-bit +platforms. [T6736] + * gpg: Fix expiration time when Creation-Date is specified. [T5252] + * gpg: Add support for Subkey-Expire-Date. [rG96b69c1866] + * gpg: Add option --with-v5-fingerprint. [T6705] + * gpg: Add sub-option ignore-attributes to --import-options. + * gpg: Add --list-filter properties sig_expires/sig_expires_d. + * gpg: Fix validity of re-imported keys. [T6399] + * gpg: Report BEGIN_ status before examining the input. [T6481] + * gpg: Don't try to compress a read-only keybox. [T6811] + * gpg: Choose key from inserted card over a non-inserted card. [T6831] + * gpg: Allow to create revocations even with non-compliant algos. [T6929] + * gpg: Fix regression in the Revoker keyword of the parameter file. [T6923] + * gpg: Improve error message for expired default keys. [T4704] + * gpgsm: Add --always-trust feature. [T6559] + * gpgsm: Support ECC certificates in de-vs mode. [T6802] + * gpgsm: Major rewrite of the PKCS#12 parser. [T6536] + * gpgsm: No not show the pkcs#12 passphrase in debug output. [T6654] + * keyboxd: Timeout on failure to get the database lock. [T6838] + * agent: Update the key stubs only if really modified. [T6829] + * scd: Add support for certain Starcos 3.2 cards. [rG5304c9b080] + * scd: Add support for CardOS 5.4 cards. [rG812f988059] + * scd: Add support for D-Trust 4.1/4.4 cards. [rG0b85a9ac09] + * scd: Add support for Smartcafe Expert 7.0 cards. [T6919] + * scd: Add a length check for a new PIN. [T6843] + * tpm: Fix keytotpm handling in the agent. [rG9909f622f6] + * tpm: Fixes for the TPM test suite. [T6052] + * dirmngr: New option --ignore-crl-extensions. [T6545] + * dirmngr: Support config value "none" to disable the default +keyserver. [T6708] + * dirmngr: Fix handling of the HTTP Content-Length. [rGa5e33618f4] + * gpgconf: Add commands --lock and --unlock. [rG93b5ba38dc] + * gpgconf: Add keyword socketdir to gpgconf.ctl. [rG239c1fdc28] + * gpgconf: Adjust the -X command for the new VERSION file format. [T6918] + * wkd: Use export-clean for gpg-wks-client's --mirror and --create +commands. [rG2c7f7a5a278c] + * wkd: Make --add-revocs the default in gpg-wks-client. New option +--no-add-revocs. [rG10c937ee68] + * Remove duplicated backslashes when setting the homedir. [T6833] + * Ignore attempts to remove the /dev/null device. [T6556] + * Improve advisory file lock retry strategy. [T3380] + * Release-info: https://dev.gnupg.org/T6578 + * Remove patch upstream: +- gnupg-Report-BEGIN_-status-before-examining-the-input.patch + +--- Old: gnupg-2.4.3.tar.bz2 gnupg-2.4.3.tar.bz2.sig gnupg-Report-BEGIN_-status-before-examining-the-input.patch New: gnupg-2.4.4.tar.bz2 gnupg-2.4.4.tar.bz2.sig BETA DEBUG BEGIN: Old: * Remove patch upstream: - gnupg-Report-BEGIN_-status-before-examining-the-input.patch BETA DEBUG END: Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.wHJD7X/_old 2024-01-26 22:46:27.870463492 +0100 +++ /var/tmp/diff_new_pack.wHJD7X/_new 2024-01-26 22:46:27.874463636 +0100 @@ -1,7 +1,7 @@ # # spec file for package gpg2 # -# Copyright (c) 2023 SUSE LLC +# Copyright (c) 2024 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.4.3 +Version:2.4.4 Release:0 Summary:File encryption, decryption, signature creation and verification utility License:GPL-3.0-or-later @@ -44,10 +44,8 @@ Patch11:gnupg-allow-large-rsa.patch #PATCH-FIX-SUSE Revert the rfc4880bis features default of key generation Patch12:gnupg-revert-rfc4880bis.patch -#PATCH-FIX-UPSTREAM Fix emacs gpg2 o
commit gpg2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2023-11-02 20:20:41 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.17445 (New) Package is "gpg2" Thu Nov 2 20:20:41 2023 rev:172 rq:1121440 version:2.4.3 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2023-10-20 23:15:41.284157830 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new.17445/gpg2.changes 2023-11-02 20:20:44.146214877 +0100 @@ -1,0 +2,6 @@ +Mon Oct 30 15:01:05 UTC 2023 - Pedro Monreal + +- Fix the build in SLE and Leap by adding an exclude in the files + section for the dirmngr's systemd user units. [jsc#PED-7093] + +--- Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.Gix7FM/_old 2023-11-02 20:20:45.074249025 +0100 +++ /var/tmp/diff_new_pack.Gix7FM/_new 2023-11-02 20:20:45.074249025 +0100 @@ -183,6 +183,9 @@ %dir %{_sysconfdir}/gnupg %config(noreplace) %{_sysconfdir}/gnupg/gpgconf.conf %{_userunitdir}/gpg-agent* +%if 0%{?sle_version} >= 150500 +%exclude %{_userunitdir}/dirmngr.* +%endif %files -n dirmngr %license COPYING*
commit gpg2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2023-10-20 23:15:36 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.1945 (New) Package is "gpg2" Fri Oct 20 23:15:36 2023 rev:171 rq:1118846 version:2.4.3 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2023-10-17 20:22:37.238287851 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new.1945/gpg2.changes 2023-10-20 23:15:41.284157830 +0200 @@ -1,0 +2,7 @@ +Tue Oct 17 10:27:15 UTC 2023 - Pedro Monreal + +- Do not pull revision info from GIT when autoconf is run. This + removes the -unknown suffix after the version number. + * Add gnupg-nobetasuffix.patch [bsc#1216334] + +--- New: gnupg-nobetasuffix.patch Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.X4UvKj/_old 2023-10-20 23:15:43.424235912 +0200 +++ /var/tmp/diff_new_pack.X4UvKj/_new 2023-10-20 23:15:43.428236059 +0200 @@ -46,6 +46,8 @@ Patch12:gnupg-revert-rfc4880bis.patch #PATCH-FIX-UPSTREAM Fix emacs gpg2 output parsing Patch13:gnupg-Report-BEGIN_-status-before-examining-the-input.patch +#PATCH-FIX-OPENSUSE Do not pull revision info from GIT when autoconf is run +Patch14:gnupg-nobetasuffix.patch BuildRequires: expect BuildRequires: fdupes BuildRequires: ibmswtpm2 ++ gnupg-nobetasuffix.patch ++ Index: gnupg-2.4.3/autogen.sh === --- gnupg-2.4.3.orig/autogen.sh +++ gnupg-2.4.3/autogen.sh @@ -221,7 +221,7 @@ if [ "$myhost" = "find-version" ]; then esac beta=no -if [ -e .git ]; then +if false; then ingit=yes tmp=$(git describe --match "${matchstr1}" --long 2>/dev/null) tmp=$(echo "$tmp" | sed s/^"$package"//) @@ -237,8 +237,8 @@ if [ "$myhost" = "find-version" ]; then rvd=$((0x$(echo ${rev} | dd bs=1 count=4 2>/dev/null))) else ingit=no - beta=yes - tmp="-unknown" + beta=no + tmp="" rev="000" rvd="0" fi
commit gpg2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2023-10-17 20:22:32 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.20540 (New) Package is "gpg2" Tue Oct 17 20:22:32 2023 rev:170 rq:1118131 version:2.4.3 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2023-10-12 11:42:08.977118290 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new.20540/gpg2.changes 2023-10-17 20:22:37.238287851 +0200 @@ -1,0 +2,8 @@ +Mon Oct 16 19:54:40 UTC 2023 - Pedro Monreal + +- Fix Emacs EasyPG behavior when parsing output: + * gpg: Report BEGIN_* status before examining the input. + * Upstream task: https://dev.gnupg.org/T6481 + * Add gnupg-Report-BEGIN_-status-before-examining-the-input.patch + +--- New: gnupg-Report-BEGIN_-status-before-examining-the-input.patch Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.LmLKfe/_old 2023-10-17 20:22:38.250323280 +0200 +++ /var/tmp/diff_new_pack.LmLKfe/_new 2023-10-17 20:22:38.254323420 +0200 @@ -44,6 +44,8 @@ Patch11:gnupg-allow-large-rsa.patch #PATCH-FIX-SUSE Revert the rfc4880bis features default of key generation Patch12:gnupg-revert-rfc4880bis.patch +#PATCH-FIX-UPSTREAM Fix emacs gpg2 output parsing +Patch13:gnupg-Report-BEGIN_-status-before-examining-the-input.patch BuildRequires: expect BuildRequires: fdupes BuildRequires: ibmswtpm2 ++ gnupg-Report-BEGIN_-status-before-examining-the-input.patch ++ >From 2f872fa68c6576724b9dabee9fb0844266f55d0d Mon Sep 17 00:00:00 2001 From: NIIBE Yutaka Date: Wed, 24 May 2023 10:36:04 +0900 Subject: [PATCH 4847/5000] gpg: Report BEGIN_* status before examining the input. * common/miscellaneous.c (is_openpgp_compressed_packet) (is_file_compressed): Moved to ... * common/iobuf.c: ... in this file. (is_file_compressed): Change the argument to INP, the iobuf. * common/util.h (is_file_compressed): Remove. * common/iobuf.h (is_file_compressed): Add. * g10/cipher-aead.c (write_header): Don't call write_status_printf here. (cipher_filter_aead): Call write_status_printf when called with IOBUFCTRL_INIT. * g10/cipher-cfb.c (write_header): Don't call write_status_printf here. (cipher_filter_cfb): Call write_status_printf when called with IOBUFCTRL_INIT. * g10/encrypt.c (encrypt_simple): Use new is_file_compressed function, after call of iobuf_push_filter. (encrypt_crypt): Likewise. * g10/sign.c (sign_file): Likewise. -- GnuPG-bug-id: 6481 Signed-off-by: NIIBE Yutaka diff --git a/common/iobuf.c b/common/iobuf.c index 62cde27f9..e088812a6 100644 --- a/common/iobuf.c +++ b/common/iobuf.c @@ -3057,3 +3057,123 @@ iobuf_skip_rest (iobuf_t a, unsigned long n, int partial) } } } + + +/* Check whether (BUF,LEN) is valid header for an OpenPGP compressed + * packet. LEN should be at least 6. */ +static int +is_openpgp_compressed_packet (const unsigned char *buf, size_t len) +{ + int c, ctb, pkttype; + int lenbytes; + + ctb = *buf++; len--; + if (!(ctb & 0x80)) +return 0; /* Invalid packet. */ + + if ((ctb & 0x40)) /* New style (OpenPGP) CTB. */ +{ + pkttype = (ctb & 0x3f); + if (!len) +return 0; /* Expected first length octet missing. */ + c = *buf++; len--; + if (c < 192) +; + else if (c < 224) +{ + if (!len) +return 0; /* Expected second length octet missing. */ +} + else if (c == 255) +{ + if (len < 4) +return 0; /* Expected length octets missing */ +} +} + else /* Old style CTB. */ +{ + pkttype = (ctb>>2)&0xf; + lenbytes = ((ctb&3)==3)? 0 : (1<<(ctb & 3)); + if (len < lenbytes) +return 0; /* Not enough length bytes. */ +} + + return (pkttype == 8); +} + + +/* + * Check if the file is compressed, by peeking the iobuf. You need to + * pass the iobuf with INP. Returns true if the buffer seems to be + * compressed. + */ +int +is_file_compressed (iobuf_t inp) +{ + int i; + char buf[32]; + int buflen; + + struct magic_compress_s + { +byte len; +byte extchk; +byte magic[5]; + } magic[] = + { + { 3, 0, { 0x42, 0x5a, 0x68, 0x00 } }, /* bzip2 */ + { 3, 0, { 0x1f, 0x8b, 0x08, 0x00 } }, /* gzip */ + { 4, 0, { 0x50, 0x4b, 0x03, 0x04 } }, /* (pk)zip */ + { 5, 0, { '%', 'P', 'D', 'F', '-'} }, /* PDF */ + { 4, 1, { 0xff, 0xd8, 0xff, 0xe0 } }, /* Maybe JFIF */ + { 5, 2, { 0x89, 'P','N','G', 0x0d} } /* Likely PNG */ + }; + + if (!inp) +return 0; + + for ( ; inp->chain; inp = inp->chai
commit gpg2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2023-10-11 23:54:10 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.1807 (New) Package is "gpg2" Wed Oct 11 23:54:10 2023 rev:169 rq:1116712 version:2.4.3 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2023-09-28 00:34:28.636125296 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new.1807/gpg2.changes 2023-10-12 11:42:08.977118290 +0200 @@ -1,0 +2,15 @@ +Tue Oct 10 06:46:08 UTC 2023 - Pedro Monreal + +- Install the internal executables in the /usr/libexec dir instead + of /usr/lib64. These files are keyboxd, scdaemon, gpg-auth + gpg-check-pattern, gpg-pair-tool, gpg-preset-passphrase, + gpg-protect-tool, gpg-wks-client, dirmngr_ldap and tpm2daemon. + +--- +Mon Oct 9 12:33:12 UTC 2023 - Pedro Monreal + +- Provide the systemd-user files since they have been removed + upstream since version 2.4.1. [bsc#1201564] + * Add gpg2-systemd-user.tar.xz + +--- @@ -8,0 +24,86 @@ +Thu Aug 3 16:24:19 UTC 2023 - Pedro Monreal + +- Revert back to use the IBM TPM Software stack. + +--- +Wed Jul 5 09:10:55 UTC 2023 - Pedro Monreal + +- Update to 2.4.3: + * gpg: Set default expiration date to 3 years. [T2701] + * gpg: Add --list-filter properties "key_expires" and +"key_expires_d". [T6529] + * gpg: Emit status line and proper diagnostics for write errors. [T6528] + * gpg: Make progress work for large files on Windows. [T6534] + * gpg: New option --no-compress as alias for -z0. + * gpgsm: Print PROGRESS status lines. Add new --input-size-hint. [T6534] + * gpgsm: Support SENDCERT_SKI for --call-dirmngr. [rG701a8b30f0] + * gpgsm: Major rewrite of the PKCS#12 parser. [T6536] + * gpgtar: New option --no-compress. + * dirmngr: Extend the AD_QUERY command. [rG207c99567c] + * dirmngr: Disable the HTTP redirect rewriting. [T6477] + * dirmngr: New option --compatibility-flags. [rGbf04b07327] + * dirmngr: New option --ignore-crl-extensions. [T6545] + * wkd: Use export-clean for gpg-wks-client's --mirror and --create +commands. [rG2c7f7a5a27] + * wkd: Make --add-revocs the default in gpg-wks-client. New option +--no-add-revocs. [rG10c937ee68] + * scd: Make signing work for Nexus cards. [rGb83d86b988] + * scd: Fix authentication with Administration Key for PIV. [rG25b59cf6ce] + +--- +Tue May 30 19:37:39 UTC 2023 - Pedro Monreal + +- Update to 2.4.2: + * gpg: Print a warning if no more encryption subkeys are left over +after changing the expiration date. [rGef2c3d50fa] + * gpg: Fix searching for the ADSK key when adding an ADSK. [T6504] + * gpgsm: Speed up key listings on Windows. [rG08ff55bd44] + * gpgsm: Reduce the number of "failed to open policy file" +diagnostics. [rG68613a6a9d] + * agent: Make updating of private key files more robust and track +display S/N. [T6135] + * keyboxd: Avoid longish delays on Windows when listing keys. +[rG6944aefa3c] + * gpgtar: Emit extra status lines to help GPGME. [T6497] + * w32: Avoid using the VirtualStore. [T6403] + * Rebase gnupg-add_legacy_FIPS_mode_option.patch + +--- +Fri Apr 28 11:58:06 UTC 2023 - Pedro Monreal + +- Update to 2.4.1: + * If the ~/.gnupg directory does not exist, the keyboxd is now +automagically enabled. [rGd9e7488b17] + * gpg: New option --add-desig-revoker. [rG3d094e2bcf] + * gpg: New option --assert-signer. [rGc9e95b8dee] + * gpg: New command --quick-add-adsk and other ADSK features. +[T6395, https://gnupg.org/blog/20230321-adsk.html] + * gpg: New list-option "show-unusable-sigs". Also show "[self-signature]" +instead of the user-id in key signature listings. [rG103acfe9ca] + * gpg: For symmetric encryption the default S2K hash is now SHA256. [T6367] + * gpg: Detect already compressed data also when using a pipe. Also +detect JPEG and PNG file formats. [T6332] + * gpg: New subcommand "openpgp" for --card-edit. [T6462] + * gpgsm: Verification of detached signatures does now strip trailing +zeroes from the input if --assume-binary is used. [rG2a13f7f9dc] + * gpgsm: Non-armored detached signature are now created without +using indefinite form length octets. This improves compatibility +with some PDF signature verification software. [rG8996b0b655] + * gpgtar: Emit progress status lines in create mode. [T6363] + * dirmngr: The LDAP modifyTimestamp is now returned by some +keyserver commands. [r
commit gpg2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2023-09-28 00:24:56 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.23327 (New) Package is "gpg2" Thu Sep 28 00:24:56 2023 rev:168 rq:1113652 version:2.4.0 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2023-06-07 23:07:09.379250788 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new.23327/gpg2.changes 2023-09-28 00:34:28.636125296 +0200 @@ -1,0 +2,121 @@ +Thu Sep 21 07:36:32 UTC 2023 - Pedro Monreal + +- Install the systemd user units in the _userunitdir [bsc#1201564] + * Note that, there is no activation by default. + * Rework excludes in the spec's files section. + +--- +Fri Mar 10 09:03:00 UTC 2023 - Pedro Monreal + +- Temporarily revert back to the pre-2.4 default for key generation. + The new rfc4880bis has been set as the default in 2.4 version and + might create incompatible keys. Note that, rfc4880bis can still + be used with the option flag --rfc4880bis as in previous versions. + * More info in the gnupg-devel ML: +https://lists.gnupg.org/pipermail/gnupg-devel/2022-December/035183.html + * Reverted commit https://dev.gnupg.org/rGcaf4b3fc16e9 + * Add gnupg-revert-rfc4880bis.patch + +--- +Fri Mar 10 08:42:02 UTC 2023 - Pedro Monreal + +- Allow 8192 bit RSA keys in keygen UI when large_rsa is set + * Add gnupg-allow-large-rsa.patch + +--- +Wed Jan 11 11:15:54 UTC 2023 - Pedro Monreal + +- Fix broken GPGME QT tests: Upstram dev task dev.gnupg.org/T6313 + * The original patch has been modified to expand the changes +also to the tests/gpgme/Makefile.in file. + * Add gnupg-tests-Fix-tests-gpgme-for-in-source-tree-builds.patch + +--- +Tue Dec 20 16:01:05 UTC 2022 - David Anes + +- Updated to require libgpg-error-devel >= 1.46 + +- Rebased patches: + * gnupg-allow-import-of-previously-known-keys-even-without-UIDs.patch + * gnupg-add_legacy_FIPS_mode_option.patch + +- GnuPG 2.4.0: + * common: Fix translations in --help for gpgrt < 1.47. + * gpg: Do not continue the export after a cancel for the primary key. + * gpg: Replace use of PRIu64 in log_debug. + * Update NEWS for 2.4.0. + * tests: Fix make check with GPGME. + * agent: Allow arguments to "scd serialno" in restricted mode. + * scd:p15: Skip deleted records. + * build: Remove Windows CE support. + * wkd: Do not send/install/mirror expired user ids. + * gpgsm: Print the revocation time also with --verify. + * gpgsm: Fix "problem re-searching certificate" case. + * gpgsm: Print revocation date and reason in cert listings. + * gpgsm: Silence the "non-critical certificate policy not allowed". + * gpgsm: Always use the chain model if the root-CA requests this. + * gpg: New export option "mode1003". + * gpg: Remove a mostly duplicated function. + * tests: Simplify fake-pinentry to use the option only. + * tests: Fix fake-pinentry for Windows. + * tests: Fix make check-all. + * agent: Fix import of protected v5 keys. + * gpgsm: Change default algo to AES-256. + * tests: Put a workaround for semihosted environment. + * tests: More fix for semihosted environment. + * tests: Support semihosted environment. + * tests: Fix tests under cms. + * tests,w32: Fix for semihosted environment. + * w32: Fix for tests on semihosted environment. + * w32: Fix gnupg_unsetenv. + * wkd: New option --add-revocs and some fixes. + * wkd: Make use of --debug extprog. + * gpg: New export-filter export-revocs. + * gpg: Fix double-free in gpg --card-edit. + * gpg: Make --require-compliance work with out --status-fd. + * gpg: New option --list-filter. + * dirmngr: Silence ocsp debug output. + * tests: Fix to support --enable-all-tests and variants. + * tests:w32: Fix for non-dot file name for Windows. + * tests:gpgscm:w32: Fix for GetTempPath. + * tests: Keep .log files in objdir. + * tests: Use 233 for invalid value of FD. + * w32: Fix gnupg_tmpfile for possible failure. + * scd: Redact --debug cardio output of a VERIFY APDU. + * common: Remove Windows CE support in common. + * gpgsm: Fix colon outout of ECC encryption certificates. + * scd:nks: Fix ECC signing if key not given by keygrip. + * dirmngr: Fix verification of ECDSA signed CRLs. + * agent: Allow trustlist on Windows in Unicode homedirs. + * gpg: Fix verification of cleartext signatures with overlong lines. + * gpg: Move w32_system function. + * gpg: New option --quick-update-pref. + * gpg: New list-options show-pref and show-pref-verbose.
commit gpg2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2023-06-07 23:06:41 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.15902 (New) Package is "gpg2" Wed Jun 7 23:06:41 2023 rev:167 rq:1091340 version:2.3.8 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2023-06-06 19:55:48.370312093 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new.15902/gpg2.changes 2023-06-07 23:07:09.379250788 +0200 @@ -2,177 +1,0 @@ -Tue May 30 19:37:39 UTC 2023 - Pedro Monreal - -- Update to 2.4.2: - * gpg: Print a warning if no more encryption subkeys are left over -after changing the expiration date. [rGef2c3d50fa] - * gpg: Fix searching for the ADSK key when adding an ADSK. [T6504] - * gpgsm: Speed up key listings on Windows. [rG08ff55bd44] - * gpgsm: Reduce the number of "failed to open policy file" -diagnostics. [rG68613a6a9d] - * agent: Make updating of private key files more robust and track -display S/N. [T6135] - * keyboxd: Avoid longish delays on Windows when listing keys. -[rG6944aefa3c] - * gpgtar: Emit extra status lines to help GPGME. [T6497] - * w32: Avoid using the VirtualStore. [T6403] - * Rebase gnupg-add_legacy_FIPS_mode_option.patch - -Fri Apr 28 11:58:06 UTC 2023 - Pedro Monreal - -- Update to 2.4.1: - * If the ~/.gnupg directory does not exist, the keyboxd is now -automagically enabled. [rGd9e7488b17] - * gpg: New option --add-desig-revoker. [rG3d094e2bcf] - * gpg: New option --assert-signer. [rGc9e95b8dee] - * gpg: New command --quick-add-adsk and other ADSK features. -[T6395, https://gnupg.org/blog/20230321-adsk.html] - * gpg: New list-option "show-unusable-sigs". Also show "[self-signature]" -instead of the user-id in key signature listings. [rG103acfe9ca] - * gpg: For symmetric encryption the default S2K hash is now SHA256. [T6367] - * gpg: Detect already compressed data also when using a pipe. Also -detect JPEG and PNG file formats. [T6332] - * gpg: New subcommand "openpgp" for --card-edit. [T6462] - * gpgsm: Verification of detached signatures does now strip trailing -zeroes from the input if --assume-binary is used. [rG2a13f7f9dc] - * gpgsm: Non-armored detached signature are now created without -using indefinite form length octets. This improves compatibility -with some PDF signature verification software. [rG8996b0b655] - * gpgtar: Emit progress status lines in create mode. [T6363] - * dirmngr: The LDAP modifyTimestamp is now returned by some -keyserver commands. [rG56d309133f] - * ssh: Allow specification of the order keys are presented to ssh. -See the man page entry for --enable-ssh-support. [T5996, T6212] - * gpg: Make list-options "show-sig-subpackets" work again. -Fixes regression in 2.4.0. [rG5a223303d7] - * gpg: Fix the keytocard command for Yubikeys. [T6378] - * gpg: Do not continue an export after a cancel for the primary key. [T6093] - * gpg: Replace the --override-compliance-check hack by a real fix. [T5655] - * gpgtar: Fix decryption with input taken from stdin. [T6355] - * Rebase patches: -- gnupg-revert-rfc4880bis.patch -- gnupg-add_legacy_FIPS_mode_option.patch - * Remove patch fixed upstream: -- gnupg-tests-Fix-tests-gpgme-for-in-source-tree-builds.patch - -Fri Mar 10 09:03:00 UTC 2023 - Pedro Monreal - -- Temporarily revert back to the pre-2.4 default for key generation. - The new rfc4880bis has been set as the default in 2.4 version and - might create incompatible keys. Note that, rfc4880bis can still - be used with the option flag --rfc4880bis as in previous versions. - * More info in the gnupg-devel ML: -https://lists.gnupg.org/pipermail/gnupg-devel/2022-December/035183.html - * Reverted commit https://dev.gnupg.org/rGcaf4b3fc16e9 - * Add gnupg-revert-rfc4880bis.patch - -Fri Mar 10 08:42:02 UTC 2023 - Pedro Monreal - -- Allow 8192 bit RSA keys in keygen UI when large_rsa is set - * Add gnupg-allow-large-rsa.patch - -Tue Feb 7 08:58:03 UTC 2023 - Pedro Monreal - -- Fix the regression test suite fails with the IBM TPM Software - stack. Builds fine using the Intel TPM; use the swtpm and - tpm2-0-tss-devel packages instead of ibmswtpm2 and ibmtss-devel. - -Wed Jan 11 11:15:54 UTC 2023 - Pedro Monreal - -- Fix broken GPGME QT tests: Upstram dev task dev.gnupg.org/T6313 - * The original patch has been modified to expand
commit gpg2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2023-06-06 19:55:08 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.15902 (New) Package is "gpg2" Tue Jun 6 19:55:08 2023 rev:166 rq:1090818 version:2.4.2 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2023-05-17 10:53:05.219333121 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new.15902/gpg2.changes 2023-06-06 19:55:48.370312093 +0200 @@ -1,0 +2,177 @@ +Tue May 30 19:37:39 UTC 2023 - Pedro Monreal + +- Update to 2.4.2: + * gpg: Print a warning if no more encryption subkeys are left over +after changing the expiration date. [rGef2c3d50fa] + * gpg: Fix searching for the ADSK key when adding an ADSK. [T6504] + * gpgsm: Speed up key listings on Windows. [rG08ff55bd44] + * gpgsm: Reduce the number of "failed to open policy file" +diagnostics. [rG68613a6a9d] + * agent: Make updating of private key files more robust and track +display S/N. [T6135] + * keyboxd: Avoid longish delays on Windows when listing keys. +[rG6944aefa3c] + * gpgtar: Emit extra status lines to help GPGME. [T6497] + * w32: Avoid using the VirtualStore. [T6403] + * Rebase gnupg-add_legacy_FIPS_mode_option.patch + +--- +Fri Apr 28 11:58:06 UTC 2023 - Pedro Monreal + +- Update to 2.4.1: + * If the ~/.gnupg directory does not exist, the keyboxd is now +automagically enabled. [rGd9e7488b17] + * gpg: New option --add-desig-revoker. [rG3d094e2bcf] + * gpg: New option --assert-signer. [rGc9e95b8dee] + * gpg: New command --quick-add-adsk and other ADSK features. +[T6395, https://gnupg.org/blog/20230321-adsk.html] + * gpg: New list-option "show-unusable-sigs". Also show "[self-signature]" +instead of the user-id in key signature listings. [rG103acfe9ca] + * gpg: For symmetric encryption the default S2K hash is now SHA256. [T6367] + * gpg: Detect already compressed data also when using a pipe. Also +detect JPEG and PNG file formats. [T6332] + * gpg: New subcommand "openpgp" for --card-edit. [T6462] + * gpgsm: Verification of detached signatures does now strip trailing +zeroes from the input if --assume-binary is used. [rG2a13f7f9dc] + * gpgsm: Non-armored detached signature are now created without +using indefinite form length octets. This improves compatibility +with some PDF signature verification software. [rG8996b0b655] + * gpgtar: Emit progress status lines in create mode. [T6363] + * dirmngr: The LDAP modifyTimestamp is now returned by some +keyserver commands. [rG56d309133f] + * ssh: Allow specification of the order keys are presented to ssh. +See the man page entry for --enable-ssh-support. [T5996, T6212] + * gpg: Make list-options "show-sig-subpackets" work again. +Fixes regression in 2.4.0. [rG5a223303d7] + * gpg: Fix the keytocard command for Yubikeys. [T6378] + * gpg: Do not continue an export after a cancel for the primary key. [T6093] + * gpg: Replace the --override-compliance-check hack by a real fix. [T5655] + * gpgtar: Fix decryption with input taken from stdin. [T6355] + * Rebase patches: +- gnupg-revert-rfc4880bis.patch +- gnupg-add_legacy_FIPS_mode_option.patch + * Remove patch fixed upstream: +- gnupg-tests-Fix-tests-gpgme-for-in-source-tree-builds.patch + +--- +Fri Mar 10 09:03:00 UTC 2023 - Pedro Monreal + +- Temporarily revert back to the pre-2.4 default for key generation. + The new rfc4880bis has been set as the default in 2.4 version and + might create incompatible keys. Note that, rfc4880bis can still + be used with the option flag --rfc4880bis as in previous versions. + * More info in the gnupg-devel ML: +https://lists.gnupg.org/pipermail/gnupg-devel/2022-December/035183.html + * Reverted commit https://dev.gnupg.org/rGcaf4b3fc16e9 + * Add gnupg-revert-rfc4880bis.patch + +--- +Fri Mar 10 08:42:02 UTC 2023 - Pedro Monreal + +- Allow 8192 bit RSA keys in keygen UI when large_rsa is set + * Add gnupg-allow-large-rsa.patch + +--- +Tue Feb 7 08:58:03 UTC 2023 - Pedro Monreal + +- Fix the regression test suite fails with the IBM TPM Software + stack. Builds fine using the Intel TPM; use the swtpm and + tpm2-0-tss-devel packages instead of ibmswtpm2 and ibmtss-devel. + +--- +Wed Jan 11 11:15:54 UTC 2023 - Pedro Monreal + +- Fix broken GPGME QT tests: Upstram dev task dev.gnupg.org/T6313 + * The original patch has been modified to expand
commit gpg2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2023-05-17 10:52:48 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.1533 (New) Package is "gpg2" Wed May 17 10:52:48 2023 rev:165 rq:1087520 version:2.3.8 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2023-05-16 14:27:04.471621239 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new.1533/gpg2.changes 2023-05-17 10:53:05.219333121 +0200 @@ -2,164 +1,0 @@ -Sat Apr 29 08:25:46 UTC 2023 - Pedro Monreal - -- Temporarily revert back to the pre-2.4 default for key generation. - The new rfc4880bis has been set as the default in 2.4 version and - might create incompatible keys. Note that, rfc4880bis can still - be used with the option flag --rfc4880bis as in previous versions. - * More info in the gnupg-devel ML: -https://lists.gnupg.org/pipermail/gnupg-devel/2022-December/035183.html - * Reverted commit https://dev.gnupg.org/rGcaf4b3fc16e9 - * Add gnupg-revert-rfc4880bis.patch - -Sat Apr 29 08:12:32 UTC 2023 - Pedro Monreal - -- Allow 8192 bit RSA keys in keygen UI when large_rsa is set - * Add gnupg-allow-large-rsa.patch - -Sat Apr 29 08:01:16 UTC 2023 - Pedro Monreal - -- Enable the regression tests: Fix the regression test suite that - fails with the IBM TPM Software stack. Builds fine using the Intel - TPM; use the swtpm and tpm2-0-tss-devel packages instead of - ibmswtpm2 and ibmtss-devel. - -Fri Apr 28 17:32:11 UTC 2023 - David Anes - -- Rebased patches: - * gnupg-add_legacy_FIPS_mode_option.patch - -- Removed patches (already upstream): - * gnupg-tests-Fix-tests-gpgme-for-in-source-tree-builds.patch - -- Don't ship systemd examples, as they are removed from upstream - release tarball. - -- Update to 2.4.1: - * If the ~/.gnupg directory does not exist, the keyboxd is now -automagically enabled. - * gpg: New option --add-desig-revoker. - * gpg: New option --assert-signer. - * gpg: New command --quick-add-adsk and other ADSK features. - * gpg: New list-option "show-unusable-sigs". Also show -"[self-signature]" instead of the user-id in key signature -listings. - * gpg: For symmetric encryption the default S2K hash is now SHA256. - * gpg: Detect already compressed data also when using a pipe. Also -detect JPEG and PNG file formats. - * gpg: New subcommand "openpgp" for --card-edit. - * gpgsm: Verification of detached signatures does now strip trailing -zeroes from the input if --assume-binary is used. - * gpgsm: Non-armored detached signature are now created without -using indefinite form length octets. This improves compatibility -with some PDF signature verification software. - * gpgtar: Emit progress status lines in create mode. - * dirmngr: The LDAP modifyTimestamp is now returned by some -keyserver commands. - * ssh: Allow specification of the order keys are presented to ssh. -See the man page entry for --enable-ssh-support. - * gpg: Make list-options "show-sig-subpackets" work again. -Fixes regression in 2.4.0. - * gpg: Fix the keytocard command for Yubikeys. - * gpg: Do not continue an export after a cancel for the primary key. - * gpg: Replace the --override-compliance-check hack by a real fix. - * gpgtar: Fix decryption with input taken from stdin. - -Wed Jan 11 11:15:54 UTC 2023 - Pedro Monreal - -- Fix broken GPGME QT tests: Upstram dev task dev.gnupg.org/T6313 - * The original patch has been modified to expand the changes -also to the tests/gpgme/Makefile.in file. - * Add gnupg-tests-Fix-tests-gpgme-for-in-source-tree-builds.patch - -Tue Dec 20 16:01:05 UTC 2022 - David Anes - -- Updated to require libgpg-error-devel >= 1.46 - -- Rebased patches: - * gnupg-allow-import-of-previously-known-keys-even-without-UIDs.patch - * gnupg-add_legacy_FIPS_mode_option.patch - -- GnuPG 2.4.0: - * common: Fix translations in --help for gpgrt < 1.47. - * gpg: Do not continue the export after a cancel for the primary key. - * gpg: Replace use of PRIu64 in log_debug. - * Update NEWS for 2.4.0. - * tests: Fix make check with GPGME. - * agent: Allow arguments to "scd serialno" in restricted mode. - * scd:p15: Skip deleted records. - * build: Remove Windows CE support. - * wkd: Do not send/install/mirror expired user ids. - * gpgsm: Print the revocation time also with --verify. - * gpgsm: Fix "problem re-searching certifi
commit gpg2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2023-05-16 14:15:56 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.1533 (New) Package is "gpg2" Tue May 16 14:15:56 2023 rev:164 rq:1087238 version:2.4.1 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2022-10-18 12:45:10.921748617 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new.1533/gpg2.changes 2023-05-16 14:27:04.471621239 +0200 @@ -1,0 +2,164 @@ +Sat Apr 29 08:25:46 UTC 2023 - Pedro Monreal + +- Temporarily revert back to the pre-2.4 default for key generation. + The new rfc4880bis has been set as the default in 2.4 version and + might create incompatible keys. Note that, rfc4880bis can still + be used with the option flag --rfc4880bis as in previous versions. + * More info in the gnupg-devel ML: +https://lists.gnupg.org/pipermail/gnupg-devel/2022-December/035183.html + * Reverted commit https://dev.gnupg.org/rGcaf4b3fc16e9 + * Add gnupg-revert-rfc4880bis.patch + +--- +Sat Apr 29 08:12:32 UTC 2023 - Pedro Monreal + +- Allow 8192 bit RSA keys in keygen UI when large_rsa is set + * Add gnupg-allow-large-rsa.patch + +--- +Sat Apr 29 08:01:16 UTC 2023 - Pedro Monreal + +- Enable the regression tests: Fix the regression test suite that + fails with the IBM TPM Software stack. Builds fine using the Intel + TPM; use the swtpm and tpm2-0-tss-devel packages instead of + ibmswtpm2 and ibmtss-devel. + +--- +Fri Apr 28 17:32:11 UTC 2023 - David Anes + +- Rebased patches: + * gnupg-add_legacy_FIPS_mode_option.patch + +- Removed patches (already upstream): + * gnupg-tests-Fix-tests-gpgme-for-in-source-tree-builds.patch + +- Don't ship systemd examples, as they are removed from upstream + release tarball. + +- Update to 2.4.1: + * If the ~/.gnupg directory does not exist, the keyboxd is now +automagically enabled. + * gpg: New option --add-desig-revoker. + * gpg: New option --assert-signer. + * gpg: New command --quick-add-adsk and other ADSK features. + * gpg: New list-option "show-unusable-sigs". Also show +"[self-signature]" instead of the user-id in key signature +listings. + * gpg: For symmetric encryption the default S2K hash is now SHA256. + * gpg: Detect already compressed data also when using a pipe. Also +detect JPEG and PNG file formats. + * gpg: New subcommand "openpgp" for --card-edit. + * gpgsm: Verification of detached signatures does now strip trailing +zeroes from the input if --assume-binary is used. + * gpgsm: Non-armored detached signature are now created without +using indefinite form length octets. This improves compatibility +with some PDF signature verification software. + * gpgtar: Emit progress status lines in create mode. + * dirmngr: The LDAP modifyTimestamp is now returned by some +keyserver commands. + * ssh: Allow specification of the order keys are presented to ssh. +See the man page entry for --enable-ssh-support. + * gpg: Make list-options "show-sig-subpackets" work again. +Fixes regression in 2.4.0. + * gpg: Fix the keytocard command for Yubikeys. + * gpg: Do not continue an export after a cancel for the primary key. + * gpg: Replace the --override-compliance-check hack by a real fix. + * gpgtar: Fix decryption with input taken from stdin. + +--- +Wed Jan 11 11:15:54 UTC 2023 - Pedro Monreal + +- Fix broken GPGME QT tests: Upstram dev task dev.gnupg.org/T6313 + * The original patch has been modified to expand the changes +also to the tests/gpgme/Makefile.in file. + * Add gnupg-tests-Fix-tests-gpgme-for-in-source-tree-builds.patch + +--- +Tue Dec 20 16:01:05 UTC 2022 - David Anes + +- Updated to require libgpg-error-devel >= 1.46 + +- Rebased patches: + * gnupg-allow-import-of-previously-known-keys-even-without-UIDs.patch + * gnupg-add_legacy_FIPS_mode_option.patch + +- GnuPG 2.4.0: + * common: Fix translations in --help for gpgrt < 1.47. + * gpg: Do not continue the export after a cancel for the primary key. + * gpg: Replace use of PRIu64 in log_debug. + * Update NEWS for 2.4.0. + * tests: Fix make check with GPGME. + * agent: Allow arguments to "scd serialno" in restricted mode. + * scd:p15: Skip deleted records. + * build: Remove Windows CE support. + * wkd: Do not send/install/mirror expired user ids. + * gpgsm: Print the revocation time also with --verify. + * gpgsm: Fix "problem re-searching certifi
commit gpg2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2022-10-18 12:44:45 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.2275 (New) Package is "gpg2" Tue Oct 18 12:44:45 2022 rev:163 rq:1029595 version:2.3.8 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2022-08-10 17:12:37.949603455 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new.2275/gpg2.changes 2022-10-18 12:45:10.921748617 +0200 @@ -1,0 +2,38 @@ +Mon Oct 17 11:35:11 UTC 2022 - Pedro Monreal + +- GnuPG 2.3.8: + * gpg: Do not consider unknown public keys as non-compliant while +decrypting. + * gpg: Avoid to emit a compliance mode line if Libgcrypt is +non-compliant. + * gpg: Improve --edit-key setpref command to ease c+p. + * gpg: Emit an ERROR status if --quick-set-primary-uid fails and +allow to pass the user ID by hash. + * gpg: Actually show symmetric+pubkey encrypted data as de-vs +compliant. Add extra compliance checks for symkey_enc packets. + * gpg: In de-vs mode use SHA-256 instead of SHA-1 as implicit +preference. + * gpgsm: Fix reporting of bad passphrase error during PKCS#11 +import. + * agent: Fix a regression in "READKEY --format=ssh". + * agent: New option --need-attr for KEYINFO. + * agent: New attribute "Remote-list" for use by KEYINFO. + * scd: Fix problem with Yubikey 5.4 firmware. + * dirmngr: Fix CRL Distribution Point fallback to other schemes. + * dirmngr: New LDAP server flag "areconly" (A-record-only). + * dirmngr: Fix upload of multiple keys for an LDAP server specified +using the colon format. + * dirmngr: Use LDAP schema v2 when a Base DN is specified. + * dirmngr: Avoid caching expired certificates. + * wkd: Fix path traversal attack in gpg-wks-server. Add the mail +address to the pending request data. + * wkd: New command --mirror for gpg-wks-client. + * gpg-auth: New tool for authentication. + * New common.conf option no-autostart. + * Silence warnings from AllowSetForegroundWindow unless +GNUPG_EXEC_DEBUG_FLAGS is used. + * Rebase gnupg-detect_FIPS_mode.patch + * Remove patch upstream: +- gnupg-2.3.7-scd-openpgp-Fix-workaround-for-Yubikey-heuristics.patch + +--- Old: gnupg-2.3.7-scd-openpgp-Fix-workaround-for-Yubikey-heuristics.patch gnupg-2.3.7.tar.bz2 gnupg-2.3.7.tar.bz2.sig New: gnupg-2.3.8.tar.bz2 gnupg-2.3.8.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.IcRQle/_old 2022-10-18 12:45:11.865750766 +0200 +++ /var/tmp/diff_new_pack.IcRQle/_new 2022-10-18 12:45:11.869750775 +0200 @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.3.7 +Version:2.3.8 Release:0 Summary:File encryption, decryption, signature creation and verification utility License:GPL-3.0-or-later @@ -39,7 +39,6 @@ Patch8: gnupg-accept_subkeys_with_a_good_revocation_but_no_self-sig_during_import.patch Patch9: gnupg-add-test-cases-for-import-without-uid.patch Patch10: gnupg-allow-import-of-previously-known-keys-even-without-UIDs.patch -Patch11: gnupg-2.3.7-scd-openpgp-Fix-workaround-for-Yubikey-heuristics.patch BuildRequires: expect BuildRequires: fdupes BuildRequires: ibmswtpm2 ++ gnupg-2.3.7.tar.bz2 -> gnupg-2.3.8.tar.bz2 ++ /work/SRC/openSUSE:Factory/gpg2/gnupg-2.3.7.tar.bz2 /work/SRC/openSUSE:Factory/.gpg2.new.2275/gnupg-2.3.8.tar.bz2 differ: char 11, line 1 ++ gnupg-detect_FIPS_mode.patch ++ --- /var/tmp/diff_new_pack.IcRQle/_old 2022-10-18 12:45:11.945750948 +0200 +++ /var/tmp/diff_new_pack.IcRQle/_new 2022-10-18 12:45:11.949750957 +0200 @@ -1,34 +1,18 @@ -Index: gnupg-2.1.1/g10/encrypt.c +Index: gnupg-2.3.8/g10/mainproc.c === gnupg-2.1.1.orig/g10/encrypt.c -+++ gnupg-2.1.1/g10/encrypt.c -@@ -783,7 +783,10 @@ encrypt_filter (void *opaque, int contro - /* Because 3DES is implicitly in the prefs, this can - only happen if we do not have any public keys in - the list. */ -- efx->cfx.dek->algo = DEFAULT_CIPHER_ALGO; -+ /* Libgcrypt manual says that gcry_version_check must be called -+before calling gcry_fips_mode_active. */ -+ gcry_check_version (NULL); -+ efx->cfx.dek->algo = gcry_fips_mode_active() ? CIPHER_ALGO_AES : DEFAULT_CIPHER_ALGO; - } - - /* In case 3DES has been selected, print a warning if -Index: gnup
commit gpg2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2022-08-10 17:12:29 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.1521 (New) Package is "gpg2" Wed Aug 10 17:12:29 2022 rev:162 rq:993850 version:2.3.7 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2022-07-31 23:00:28.827610941 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new.1521/gpg2.changes 2022-08-10 17:12:37.949603455 +0200 @@ -1,0 +2,6 @@ +Mon Aug 8 18:00:44 UTC 2022 - Andreas Stieger + +- Fix YubiKey 5 Nano support (boo#1202201), add + gnupg-2.3.7-scd-openpgp-Fix-workaround-for-Yubikey-heuristics.patch + +--- New: gnupg-2.3.7-scd-openpgp-Fix-workaround-for-Yubikey-heuristics.patch Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.axRsrW/_old 2022-08-10 17:12:38.785605637 +0200 +++ /var/tmp/diff_new_pack.axRsrW/_new 2022-08-10 17:12:38.789605648 +0200 @@ -39,6 +39,7 @@ Patch8: gnupg-accept_subkeys_with_a_good_revocation_but_no_self-sig_during_import.patch Patch9: gnupg-add-test-cases-for-import-without-uid.patch Patch10: gnupg-allow-import-of-previously-known-keys-even-without-UIDs.patch +Patch11: gnupg-2.3.7-scd-openpgp-Fix-workaround-for-Yubikey-heuristics.patch BuildRequires: expect BuildRequires: fdupes BuildRequires: ibmswtpm2 ++ gnupg-2.3.7-scd-openpgp-Fix-workaround-for-Yubikey-heuristics.patch ++ >From f34b9147eb3070bce80d53febaa564164cd6c977 Mon Sep 17 00:00:00 2001 From: NIIBE Yutaka Date: Wed, 13 Jul 2022 10:40:55 +0900 Subject: [PATCH] scd:openpgp: Fix workaround for Yubikey heuristics. References: https://bugzilla.opensuse.org/show_bug.cgi?id=1202201 * scd/app-openpgp.c (parse_algorithm_attribute): Handle the case of firmware 5.4, too. -- GnuPG-bug-id: 6070 Signed-off-by: NIIBE Yutaka --- scd/app-openpgp.c | 29 + 1 file changed, 21 insertions(+), 8 deletions(-) diff --git a/scd/app-openpgp.c b/scd/app-openpgp.c index 8bb346a86..4667416df 100644 --- a/scd/app-openpgp.c +++ b/scd/app-openpgp.c @@ -6259,15 +6259,28 @@ parse_algorithm_attribute (app_t app, int keyno) app->app_local->keyattr[keyno].ecc.algo = *buffer; app->app_local->keyattr[keyno].ecc.flags = 0; - if (APP_CARD(app)->cardtype == CARDTYPE_YUBIKEY - || buffer[buflen-1] == 0x00 || buffer[buflen-1] == 0xff) -{ /* Found "pubkey required"-byte for private key template. */ - oidlen--; - if (buffer[buflen-1] == 0xff) -app->app_local->keyattr[keyno].ecc.flags |= ECC_FLAG_PUBKEY; + if (APP_CARD(app)->cardtype == CARDTYPE_YUBIKEY) +{ + /* Yubikey implementations vary. + * Firmware version 5.2 returns "pubkey required"-byte with + * 0x00, but after removal and second time insertion, it + * returns bogus value there. + * Firmware version 5.4 returns none. + */ + curve = ecc_curve (buffer + 1, oidlen); + if (!curve) +curve = ecc_curve (buffer + 1, oidlen - 1); +} + else +{ + if (buffer[buflen-1] == 0x00 || buffer[buflen-1] == 0xff) +{ /* Found "pubkey required"-byte for private key template. */ + oidlen--; + if (buffer[buflen-1] == 0xff) +app->app_local->keyattr[keyno].ecc.flags |= ECC_FLAG_PUBKEY; +} + curve = ecc_curve (buffer + 1, oidlen); } - - curve = ecc_curve (buffer + 1, oidlen); if (!curve) { -- 2.37.1
commit gpg2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2022-07-31 23:00:18 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.1533 (New) Package is "gpg2" Sun Jul 31 23:00:18 2022 rev:161 rq:989805 version:2.3.7 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2022-05-24 20:31:06.734905771 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new.1533/gpg2.changes 2022-07-31 23:00:28.827610941 +0200 @@ -1,0 +2,14 @@ +Tue Jul 12 22:06:02 UTC 2022 - Andreas Stieger + +- GnuPG 2.3.7: + * CVE-2022-34903: garbled status messages could trick gpgme and +other parsers to accept faked status lines [boo#1201225] + * A number of bug fixes to the gpg command line interface + * gpgsm gained a number of new options and got some rework on +the PKCS#12 parser to support DFN issues keys + * The gpg agent got some added options and UI tweaks + * smart card support got a number of bug fixes, and improved +support for Technology Nexus cards and Yubikey + * The Telesec ESIGN application is now supported + +--- Old: gnupg-2.3.6.tar.bz2 gnupg-2.3.6.tar.bz2.sig New: gnupg-2.3.7.tar.bz2 gnupg-2.3.7.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.o1Fmiy/_old 2022-07-31 23:00:29.587613149 +0200 +++ /var/tmp/diff_new_pack.o1Fmiy/_new 2022-07-31 23:00:29.591613160 +0200 @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.3.6 +Version:2.3.7 Release:0 Summary:File encryption, decryption, signature creation and verification utility License:GPL-3.0-or-later ++ gnupg-2.3.6.tar.bz2 -> gnupg-2.3.7.tar.bz2 ++ /work/SRC/openSUSE:Factory/gpg2/gnupg-2.3.6.tar.bz2 /work/SRC/openSUSE:Factory/.gpg2.new.1533/gnupg-2.3.7.tar.bz2 differ: char 11, line 1
commit gpg2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2022-05-24 20:30:53 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.2254 (New) Package is "gpg2" Tue May 24 20:30:53 2022 rev:160 rq:978674 version:2.3.6 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2022-05-08 21:52:40.319487249 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new.2254/gpg2.changes 2022-05-24 20:31:06.734905771 +0200 @@ -1,0 +2,5 @@ +Mon May 16 09:12:06 UTC 2022 - Marcus Meissner + +- added tpm support, added a new subpackage gpg2-tpm + +--- Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.lhYrND/_old 2022-05-24 20:31:07.510906463 +0200 +++ /var/tmp/diff_new_pack.lhYrND/_new 2022-05-24 20:31:07.518906470 +0200 @@ -87,6 +87,15 @@ and providing access to OCSP providers. Dirmngr is invoked internally by gpg, gpgsm, or via the gpg-connect-agent tool. +%package tpm +Summary:TPM2 support for GnuPG +Group: Productivity/Networking/Security + +%description tpm +Version 2.3 of GnuPG introduced support for converting GPG private +keys to TPM2 wrapped form. This package enables that support. The +keytotpm command will not function unless this package is installed. + %lang_package %prep @@ -105,6 +114,7 @@ --with-pinentry-pgm=%{_bindir}/pinentry \ --with-dirmngr-pgm=%{_bindir}/dirmngr \ --with-scdaemon-pgm=%{_bindir}/scdaemon \ +--with-tpm2daemon-pgm=%{_bindir}/tpm2daemon \ --enable-ldap \ --enable-gpgsm=yes \ --enable-gpgtar \ @@ -136,6 +146,8 @@ # install scdaemon to %%{_bindir} (bnc#863645) mv %{buildroot}%{_libdir}/scdaemon %{buildroot}%{_bindir} mv %{buildroot}%{_libdir}/dirmngr_ldap %{buildroot}%{_bindir} +# install tpm2daemon +mv %{buildroot}%{_libdir}/tpm2daemon %{buildroot}%{_bindir} # install udev rules for scdaemon install -Dm 0644 %{SOURCE4} %{buildroot}%{_udevrulesdir}/60-scdaemon.rules @@ -162,6 +174,7 @@ %exclude %{_docdir}/%{name}/examples/systemd-user/dirmngr.* %doc %{_docdir}/%{name} %exclude %{_bindir}/dirmngr* +%exclude %{_bindir}/tpm2daemon* %{_bindir}/* %{_libdir}/[^d]* %{_sbindir}/addgnupghome @@ -178,4 +191,7 @@ %{_docdir}/%{name}/examples/systemd-user/dirmngr.* %{_bindir}/dirmngr* +%files tpm +%{_bindir}/tpm2daemon* + %changelog
commit gpg2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2022-05-08 21:52:27 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.1538 (New) Package is "gpg2" Sun May 8 21:52:27 2022 rev:159 rq:975336 version:2.3.6 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2021-12-23 17:53:48.763721469 +0100 +++ /work/SRC/openSUSE:Factory/.gpg2.new.1538/gpg2.changes 2022-05-08 21:52:40.319487249 +0200 @@ -1,0 +2,11 @@ +Mon Apr 25 19:09:32 UTC 2022 - Andreas Stieger + +- GnuPG 2.3.6: + * Up to five times faster verification of detached signatures, +doubled detached signing speed, threefold decryption speedup +for large files, nearly double the AES256.OCB encryption speed + * Add support for GeNUA cards + * Added and improved options for crypto options, and all-around +bug fixes + +--- Old: gnupg-2.3.4.tar.bz2 gnupg-2.3.4.tar.bz2.sig New: gnupg-2.3.6.tar.bz2 gnupg-2.3.6.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.bWIMig/_old 2022-05-08 21:52:41.127488265 +0200 +++ /var/tmp/diff_new_pack.bWIMig/_new 2022-05-08 21:52:41.131488271 +0200 @@ -1,7 +1,7 @@ # # spec file for package gpg2 # -# Copyright (c) 2021 SUSE LLC +# Copyright (c) 2022 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.3.4 +Version:2.3.6 Release:0 Summary:File encryption, decryption, signature creation and verification utility License:GPL-3.0-or-later @@ -26,7 +26,7 @@ Source: https://gnupg.org/ftp/gcrypt/gnupg/gnupg-%{version}.tar.bz2 Source2:https://gnupg.org/ftp/gcrypt/gnupg/gnupg-%{version}.tar.bz2.sig # https://www.gnupg.org/signature_key.html -Source3:%{name}.keyring +Source3:https://gnupg.org/signature_key.asc#/%{name}.keyring Source4:scdaemon.udev Source99: %{name}.changes Patch1: gnupg-gpg-agent-ulimit.patch ++ gnupg-2.3.4.tar.bz2 -> gnupg-2.3.6.tar.bz2 ++ /work/SRC/openSUSE:Factory/gpg2/gnupg-2.3.4.tar.bz2 /work/SRC/openSUSE:Factory/.gpg2.new.1538/gnupg-2.3.6.tar.bz2 differ: char 11, line 1 ++ gnupg-add_legacy_FIPS_mode_option.patch ++ --- /var/tmp/diff_new_pack.bWIMig/_old 2022-05-08 21:52:41.183488336 +0200 +++ /var/tmp/diff_new_pack.bWIMig/_new 2022-05-08 21:52:41.183488336 +0200 @@ -3,11 +3,11 @@ g10/gpg.c|9 + 2 files changed, 27 insertions(+) -Index: gnupg-2.3.4/doc/gpg.texi +Index: gnupg-2.3.5/doc/gpg.texi === gnupg-2.3.4.orig/doc/gpg.texi -+++ gnupg-2.3.4/doc/gpg.texi -@@ -2196,6 +2196,24 @@ implies, this option is for experts only +--- gnupg-2.3.5.orig/doc/gpg.texi gnupg-2.3.5/doc/gpg.texi +@@ -2197,6 +2197,24 @@ implies, this option is for experts only understand the implications of what it allows you to do, leave this off. @option{--no-expert} disables this option. @@ -32,19 +32,19 @@ @end table -Index: gnupg-2.3.4/g10/gpg.c +Index: gnupg-2.3.5/g10/gpg.c === gnupg-2.3.4.orig/g10/gpg.c -+++ gnupg-2.3.4/g10/gpg.c -@@ -442,6 +442,7 @@ enum cmd_and_opt_values - oChUid, +--- gnupg-2.3.5.orig/g10/gpg.c gnupg-2.3.5/g10/gpg.c +@@ -443,6 +443,7 @@ enum cmd_and_opt_values oForceSignKey, oForbidGenKey, + oRequireCompliance, +oSetLegacyFips, oNoop }; -@@ -877,6 +878,7 @@ static gpgrt_opt_t opts[] = { +@@ -878,6 +879,7 @@ static gpgrt_opt_t opts[] = { ARGPARSE_s_s (oDigestAlgo, "digest-algo", "@"), ARGPARSE_s_s (oCertDigestAlgo, "cert-digest-algo", "@"), ARGPARSE_s_n (oOverrideComplianceCheck, "override-compliance-check", "@"), @@ -52,8 +52,8 @@ ARGPARSE_header (NULL, N_("Options for unattended use")), -@@ -3725,6 +3727,14 @@ main (int argc, char **argv) - mopt.forbid_gen_key = 1; +@@ -3737,6 +3739,14 @@ main (int argc, char **argv) + opt.flags.require_compliance = 1; break; + case oSetLegacyFips: ++ gpg2.keyring ++ --- /var/tmp/diff_new_pack.bWIMig/_old 2022-05-08 21:52:41.207488366 +0200 +++ /var/tmp/diff_new_pack.bWIMig/_new 2022-05-08 21:52:41.211488371 +0200 @@ -1,66 +1,87 @@ -BEGIN PGP PUBLIC KEY BLOCK- -mQENBE0ti4EBCACqGtKlX9jI/enhlBdy2cyQP6Q7JoyxtaG6/ckAKWHYrqFTQk3I -Ue8TuDrGT742XFncG9PoMBfJDUNltIPgKFn8E
commit gpg2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2021-12-23 17:53:35 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.2520 (New) Package is "gpg2" Thu Dec 23 17:53:35 2021 rev:158 rq:942136 version:2.3.4 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2021-11-27 00:51:35.266747498 +0100 +++ /work/SRC/openSUSE:Factory/.gpg2.new.2520/gpg2.changes 2021-12-23 17:53:48.763721469 +0100 @@ -1,0 +2,25 @@ +Wed Dec 22 16:08:08 UTC 2021 - Andreas Stieger + +- GnuPG 2.3.4: + * gpg: New option --min-rsa-length + * gpg: New option --forbid-gen-key + * gpg: New option --override-compliance-check + * gpgconf: New command --show-configs + * agent,dirmngr,keyboxd: New option --steal-socket + * gpg: Fix printing of binary notations + * gpg: Remove stale ultimately trusted keys from the trustdb + * gpg: Fix indentation of --print-mds and --print-md sha512 + * gpg: Emit gpg 2.2 compatible Ed25519 signature + * gpgsm: Detect circular chains in --list-chain + * dirmngr: Make reading resolv.conf more robust + * dirmngr: Ask keyservers to provide the key fingerprints + * gpgconf: Allow changing gpg's deprecated keyserver option + * gpg-wks-server: Fix created file permissions + * scd: Support longer data for ssh-agent authentication with +openpgp cards + * scd: Modify DEVINFO behavior to support looping forever + * Silence warning about the rootdir under Unices w/o a mounted +/proc file system + * Fix possible build problems about missing include files + +--- Old: gnupg-2.3.3.tar.bz2 gnupg-2.3.3.tar.bz2.sig New: gnupg-2.3.4.tar.bz2 gnupg-2.3.4.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.zTNDd1/_old 2021-12-23 17:53:49.383721854 +0100 +++ /var/tmp/diff_new_pack.zTNDd1/_new 2021-12-23 17:53:49.387721856 +0100 @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.3.3 +Version:2.3.4 Release:0 Summary:File encryption, decryption, signature creation and verification utility License:GPL-3.0-or-later ++ gnupg-2.3.3.tar.bz2 -> gnupg-2.3.4.tar.bz2 ++ /work/SRC/openSUSE:Factory/gpg2/gnupg-2.3.3.tar.bz2 /work/SRC/openSUSE:Factory/.gpg2.new.2520/gnupg-2.3.4.tar.bz2 differ: char 11, line 1 ++ gnupg-add_legacy_FIPS_mode_option.patch ++ --- /var/tmp/diff_new_pack.zTNDd1/_old 2021-12-23 17:53:49.435721886 +0100 +++ /var/tmp/diff_new_pack.zTNDd1/_new 2021-12-23 17:53:49.439721888 +0100 @@ -3,11 +3,11 @@ g10/gpg.c|9 + 2 files changed, 27 insertions(+) -Index: gnupg-2.3.0/doc/gpg.texi +Index: gnupg-2.3.4/doc/gpg.texi === gnupg-2.3.0.orig/doc/gpg.texi -+++ gnupg-2.3.0/doc/gpg.texi -@@ -2178,6 +2178,24 @@ implies, this option is for experts only +--- gnupg-2.3.4.orig/doc/gpg.texi gnupg-2.3.4/doc/gpg.texi +@@ -2196,6 +2196,24 @@ implies, this option is for experts only understand the implications of what it allows you to do, leave this off. @option{--no-expert} disables this option. @@ -32,28 +32,28 @@ @end table -Index: gnupg-2.3.0/g10/gpg.c +Index: gnupg-2.3.4/g10/gpg.c === gnupg-2.3.0.orig/g10/gpg.c -+++ gnupg-2.3.0/g10/gpg.c -@@ -437,6 +437,7 @@ enum cmd_and_opt_values - oNoIncludeKeyBlock, +--- gnupg-2.3.4.orig/g10/gpg.c gnupg-2.3.4/g10/gpg.c +@@ -442,6 +442,7 @@ enum cmd_and_opt_values oChUid, oForceSignKey, + oForbidGenKey, +oSetLegacyFips, oNoop }; -@@ -870,6 +871,7 @@ static gpgrt_opt_t opts[] = { - ARGPARSE_s_s (oAEADAlgo, "aead-algo", "@"), +@@ -877,6 +878,7 @@ static gpgrt_opt_t opts[] = { ARGPARSE_s_s (oDigestAlgo, "digest-algo", "@"), ARGPARSE_s_s (oCertDigestAlgo, "cert-digest-algo", "@"), + ARGPARSE_s_n (oOverrideComplianceCheck, "override-compliance-check", "@"), + ARGPARSE_s_n (oSetLegacyFips, "set-legacy-fips", "@"), ARGPARSE_header (NULL, N_("Options for unattended use")), -@@ -3688,6 +3690,14 @@ main (int argc, char **argv) - opt.flags.full_timestrings = 1; +@@ -3725,6 +3727,14 @@ main (int argc, char **argv) + mopt.forbid_gen_key = 1; break; + case oSetLegacyFips:
commit gpg2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2021-11-27 00:50:50 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.1895 (New) Package is "gpg2" Sat Nov 27 00:50:50 2021 rev:157 rq:933499 version:2.3.3 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2021-10-22 14:39:52.546630345 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new.1895/gpg2.changes 2021-11-27 00:51:35.266747498 +0100 @@ -1,0 +2,148 @@ +Tue Oct 12 19:20:50 UTC 2021 - Andreas Stieger + +- GnuPG 2.3.3: + * agent: Fix segv in GET_PASSPHRASE (regression) + * dirmngr: Fix Let's Encrypt certificate chain validation + * gpg: Change default and maximum AEAD chunk size to 4 MiB + * gpg: Print a warning when importing a bad cv25519 secret key + * gpg: Fix --list-packets for undecryptable AEAD packets + * gpg: Verify backsigs for v5 keys correctly + * keyboxd: Fix checksum computation for no UBID entry on disk + * keyboxd: Fix "invalid object" error with cv448 keys + * dirmngr: New option --ignore-cert + * agent: Fix calibrate_get_time use of clock_gettime + * Support a gpgconf.ctl file under Unix and use this for the +regression tests + +--- +Wed Aug 25 10:01:38 UTC 2021 - Pedro Monreal + +- GnuPG 2.3.2: + * gpg: Allow fingerprint based lookup with --locate-external-key. + * gpg: Allow decryption w/o public key but with correct card inserted. + * gpg: Auto import keys specified with --trusted-keys. + * gpg: Do not use import-clean for LDAP keyserver imports. + * gpg: Fix mailbox based search via AKL keyserver method. + * gpg: Fix memory corruption with --clearsign introduced with 2.3.1. + * gpg: Use a more descriptive prompt for symmetric decryption. + * gpg: Improve speed of secret key listing. + * gpg: Support keygrip search with traditional keyring. + * gpg: Let --fetch-key return an exit code on failure. + * gpg: Emit the NO_SECKEY status again for decryption. + * gpgsm: Support decryption of password based encryption (pwri). + * gpgsm: Support AES-GCM decryption. + * gpgsm: Let --dump-cert --show-cert also print an OpenPGP fingerprint. + * gpgsm: Fix finding of issuer in use-keyboxd mode. + * gpgsm: New option --ldapserver as an alias for --keyserver. + * agent: Use SHA-256 for SSH fingerprint by default. + * agent: Fix calling handle_pincache_put. + * agent: Fix importing protected secret key. + * agent: Fix a regression in agent_get_shadow_info_type. + * agent: Add translatable text for Caps Lock hint. + * agent: New option --pinentry-formatted-passphrase. + * agent: Add checkpin inquiry for pinentry. + * agent: New option --check-sym-passphrase-pattern. + * agent: Use the sysconfdir for a pattern file. + * agent: Make QT_QPA_PLATFORMTHEME=qt5ct work for the pinentry. + * dirmngr: LDAP search by a mailbox now ignores revoked keys. + * dirmngr: For KS_SEARCH return the fingerprint also with LDAP. + * dirmngr: Allow for non-URL specified ldap keyservers. + * dirmngr: New option --ldapserver. + * dirmngr: Fix regression in KS_GET for mail address pattern. + * card: New option --shadow for the list command. + * tests: Make sure the built keyboxd is used. + * scd: Fix computing shared secrets for 512 bit curves. + * scd: Fix unblock PIN by a Reset Code with KDF. + * scd: Fix PC/SC removed card problem. + * scd: Recover the partial match for PORTSTR for PC/SC. + * scd: Make sure to release the PC/SC context. + * scd: Fix zero-byte handling in ECC. + * scd: Fix serial number detection for Yubikey 5. + * scd: Add basic support for AET JCOP cards. + * scd: Detect external interference when --pcsc-shared is in use. + * scd: Fix access to the list of cards. + * gpgconf: Do not list a disabled tpm2d. + * gpgconf: Make runtime changes with different homedir work. + * keyboxd: Fix searching for exact mail adddress. + * keyboxd: Fix searching with multiple patterns. + * tools: Extend gpg-check-pattern. + * wkd: Fix client issue with leading or trailing spaces in user-ids. + * Pass XDG_SESSION_TYPE and QT_QPA_PLATFORM envvars to Pinentry. + * Change the default keyserver to keyserver.ubuntu.com. This is a +temporary change due to the shutdown of the SKS keyserver pools. + +--- +Fri Jun 11 12:19:16 UTC 2021 - Pedro Monreal + +- GnuPG 2.3.1: + * The new configuration file common.conf is now used to enable +the use of the key database daemon with "use-keyboxd". Using +this option in gpg.conf and gpgsm.conf is supported for a +transitional period. See doc/example/common.conf for more. + * gpg: Force version 5 key creation for ed448 and cv448 a
commit gpg2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2021-10-22 14:39:51 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.1890 (New) Package is "gpg2" Fri Oct 22 14:39:51 2021 rev:156 rq: version:2.2.27 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2021-10-20 20:23:59.941367510 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new.1890/gpg2.changes 2021-10-22 14:39:52.546630345 +0200 @@ -2,148 +1,0 @@ -Tue Oct 12 19:20:50 UTC 2021 - Andreas Stieger - -- GnuPG 2.3.3: - * agent: Fix segv in GET_PASSPHRASE (regression) - * dirmngr: Fix Let's Encrypt certificate chain validation - * gpg: Change default and maximum AEAD chunk size to 4 MiB - * gpg: Print a warning when importing a bad cv25519 secret key - * gpg: Fix --list-packets for undecryptable AEAD packets - * gpg: Verify backsigs for v5 keys correctly - * keyboxd: Fix checksum computation for no UBID entry on disk - * keyboxd: Fix "invalid object" error with cv448 keys - * dirmngr: New option --ignore-cert - * agent: Fix calibrate_get_time use of clock_gettime - * Support a gpgconf.ctl file under Unix and use this for the -regression tests - -Wed Aug 25 10:01:38 UTC 2021 - Pedro Monreal - -- GnuPG 2.3.2: - * gpg: Allow fingerprint based lookup with --locate-external-key. - * gpg: Allow decryption w/o public key but with correct card inserted. - * gpg: Auto import keys specified with --trusted-keys. - * gpg: Do not use import-clean for LDAP keyserver imports. - * gpg: Fix mailbox based search via AKL keyserver method. - * gpg: Fix memory corruption with --clearsign introduced with 2.3.1. - * gpg: Use a more descriptive prompt for symmetric decryption. - * gpg: Improve speed of secret key listing. - * gpg: Support keygrip search with traditional keyring. - * gpg: Let --fetch-key return an exit code on failure. - * gpg: Emit the NO_SECKEY status again for decryption. - * gpgsm: Support decryption of password based encryption (pwri). - * gpgsm: Support AES-GCM decryption. - * gpgsm: Let --dump-cert --show-cert also print an OpenPGP fingerprint. - * gpgsm: Fix finding of issuer in use-keyboxd mode. - * gpgsm: New option --ldapserver as an alias for --keyserver. - * agent: Use SHA-256 for SSH fingerprint by default. - * agent: Fix calling handle_pincache_put. - * agent: Fix importing protected secret key. - * agent: Fix a regression in agent_get_shadow_info_type. - * agent: Add translatable text for Caps Lock hint. - * agent: New option --pinentry-formatted-passphrase. - * agent: Add checkpin inquiry for pinentry. - * agent: New option --check-sym-passphrase-pattern. - * agent: Use the sysconfdir for a pattern file. - * agent: Make QT_QPA_PLATFORMTHEME=qt5ct work for the pinentry. - * dirmngr: LDAP search by a mailbox now ignores revoked keys. - * dirmngr: For KS_SEARCH return the fingerprint also with LDAP. - * dirmngr: Allow for non-URL specified ldap keyservers. - * dirmngr: New option --ldapserver. - * dirmngr: Fix regression in KS_GET for mail address pattern. - * card: New option --shadow for the list command. - * tests: Make sure the built keyboxd is used. - * scd: Fix computing shared secrets for 512 bit curves. - * scd: Fix unblock PIN by a Reset Code with KDF. - * scd: Fix PC/SC removed card problem. - * scd: Recover the partial match for PORTSTR for PC/SC. - * scd: Make sure to release the PC/SC context. - * scd: Fix zero-byte handling in ECC. - * scd: Fix serial number detection for Yubikey 5. - * scd: Add basic support for AET JCOP cards. - * scd: Detect external interference when --pcsc-shared is in use. - * scd: Fix access to the list of cards. - * gpgconf: Do not list a disabled tpm2d. - * gpgconf: Make runtime changes with different homedir work. - * keyboxd: Fix searching for exact mail adddress. - * keyboxd: Fix searching with multiple patterns. - * tools: Extend gpg-check-pattern. - * wkd: Fix client issue with leading or trailing spaces in user-ids. - * Pass XDG_SESSION_TYPE and QT_QPA_PLATFORM envvars to Pinentry. - * Change the default keyserver to keyserver.ubuntu.com. This is a -temporary change due to the shutdown of the SKS keyserver pools. - -Fri Jun 11 12:19:16 UTC 2021 - Pedro Monreal - -- GnuPG 2.3.1: - * The new configuration file common.conf is now used to enable -the use of the key database daemon with "use-keyboxd". Using -this option in gpg.conf and gpgsm.conf is supported for a -transitional period. See doc/example/common.conf for more. - * gpg: Force version 5 key creation for ed448 and cv448 algori
commit gpg2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2021-10-20 20:23:18 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.1890 (New) Package is "gpg2" Wed Oct 20 20:23:18 2021 rev:155 rq:925429 version:2.3.3 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2021-06-15 16:37:06.985670565 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new.1890/gpg2.changes 2021-10-20 20:23:59.941367510 +0200 @@ -1,0 +2,148 @@ +Tue Oct 12 19:20:50 UTC 2021 - Andreas Stieger + +- GnuPG 2.3.3: + * agent: Fix segv in GET_PASSPHRASE (regression) + * dirmngr: Fix Let's Encrypt certificate chain validation + * gpg: Change default and maximum AEAD chunk size to 4 MiB + * gpg: Print a warning when importing a bad cv25519 secret key + * gpg: Fix --list-packets for undecryptable AEAD packets + * gpg: Verify backsigs for v5 keys correctly + * keyboxd: Fix checksum computation for no UBID entry on disk + * keyboxd: Fix "invalid object" error with cv448 keys + * dirmngr: New option --ignore-cert + * agent: Fix calibrate_get_time use of clock_gettime + * Support a gpgconf.ctl file under Unix and use this for the +regression tests + +--- +Wed Aug 25 10:01:38 UTC 2021 - Pedro Monreal + +- GnuPG 2.3.2: + * gpg: Allow fingerprint based lookup with --locate-external-key. + * gpg: Allow decryption w/o public key but with correct card inserted. + * gpg: Auto import keys specified with --trusted-keys. + * gpg: Do not use import-clean for LDAP keyserver imports. + * gpg: Fix mailbox based search via AKL keyserver method. + * gpg: Fix memory corruption with --clearsign introduced with 2.3.1. + * gpg: Use a more descriptive prompt for symmetric decryption. + * gpg: Improve speed of secret key listing. + * gpg: Support keygrip search with traditional keyring. + * gpg: Let --fetch-key return an exit code on failure. + * gpg: Emit the NO_SECKEY status again for decryption. + * gpgsm: Support decryption of password based encryption (pwri). + * gpgsm: Support AES-GCM decryption. + * gpgsm: Let --dump-cert --show-cert also print an OpenPGP fingerprint. + * gpgsm: Fix finding of issuer in use-keyboxd mode. + * gpgsm: New option --ldapserver as an alias for --keyserver. + * agent: Use SHA-256 for SSH fingerprint by default. + * agent: Fix calling handle_pincache_put. + * agent: Fix importing protected secret key. + * agent: Fix a regression in agent_get_shadow_info_type. + * agent: Add translatable text for Caps Lock hint. + * agent: New option --pinentry-formatted-passphrase. + * agent: Add checkpin inquiry for pinentry. + * agent: New option --check-sym-passphrase-pattern. + * agent: Use the sysconfdir for a pattern file. + * agent: Make QT_QPA_PLATFORMTHEME=qt5ct work for the pinentry. + * dirmngr: LDAP search by a mailbox now ignores revoked keys. + * dirmngr: For KS_SEARCH return the fingerprint also with LDAP. + * dirmngr: Allow for non-URL specified ldap keyservers. + * dirmngr: New option --ldapserver. + * dirmngr: Fix regression in KS_GET for mail address pattern. + * card: New option --shadow for the list command. + * tests: Make sure the built keyboxd is used. + * scd: Fix computing shared secrets for 512 bit curves. + * scd: Fix unblock PIN by a Reset Code with KDF. + * scd: Fix PC/SC removed card problem. + * scd: Recover the partial match for PORTSTR for PC/SC. + * scd: Make sure to release the PC/SC context. + * scd: Fix zero-byte handling in ECC. + * scd: Fix serial number detection for Yubikey 5. + * scd: Add basic support for AET JCOP cards. + * scd: Detect external interference when --pcsc-shared is in use. + * scd: Fix access to the list of cards. + * gpgconf: Do not list a disabled tpm2d. + * gpgconf: Make runtime changes with different homedir work. + * keyboxd: Fix searching for exact mail adddress. + * keyboxd: Fix searching with multiple patterns. + * tools: Extend gpg-check-pattern. + * wkd: Fix client issue with leading or trailing spaces in user-ids. + * Pass XDG_SESSION_TYPE and QT_QPA_PLATFORM envvars to Pinentry. + * Change the default keyserver to keyserver.ubuntu.com. This is a +temporary change due to the shutdown of the SKS keyserver pools. + +--- +Fri Jun 11 12:19:16 UTC 2021 - Pedro Monreal + +- GnuPG 2.3.1: + * The new configuration file common.conf is now used to enable +the use of the key database daemon with "use-keyboxd". Using +this option in gpg.conf and gpgsm.conf is supported for a +transitional period. See doc/example/common.conf for more. + * gpg: Force version 5 key creation for ed448 and cv448 a
commit gpg2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2021-06-15 16:36:49 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.32437 (New) Package is "gpg2" Tue Jun 15 16:36:49 2021 rev:154 rq:899427 version:2.2.27 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2021-01-19 15:59:34.151141885 +0100 +++ /work/SRC/openSUSE:Factory/.gpg2.new.32437/gpg2.changes 2021-06-15 16:37:06.985670565 +0200 @@ -1,0 +2,9 @@ +Wed Apr 7 20:56:23 UTC 2021 - Andreas Stieger + +- Remove the "files-are-digests" option from the openSUSE package. + This feature was not upstream and only used in the OBS signing + daemon. The recommended upstream feature for separating the data + to be signed from the private keys is gpg agent forwarding, + available from 2.1. Drop gnupg-2.2.8-files-are-digests.patch + +--- Old: gnupg-2.2.8-files-are-digests.patch Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.q2KT4t/_old 2021-06-15 16:37:07.561671563 +0200 +++ /var/tmp/diff_new_pack.q2KT4t/_new 2021-06-15 16:37:07.561671563 +0200 @@ -30,7 +30,6 @@ Source4:scdaemon.udev Source99: %{name}.changes Patch4: gnupg-2.0.9-langinfo.patch -Patch5: gnupg-2.2.8-files-are-digests.patch Patch6: gnupg-dont-fail-with-seahorse-agent.patch Patch8: gnupg-set_umask_before_open_outfile.patch Patch9: gnupg-detect_FIPS_mode.patch @@ -65,8 +64,6 @@ Provides: gnupg = %{version} Provides: gpg = 1.4.9 Provides: newpg -# special feature needed for OBS signd -Provides: gpg2_signd_support Obsoletes: gpg < 1.4.9 %description @@ -94,7 +91,6 @@ %setup -q -n gnupg-%{version} %patch1124847 -p1 %patch4 -p1 -%patch5 -p1 %patch6 -p1 %patch8 -p1 %patch9 -p1
commit gpg2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2021-01-19 15:59:07 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.28504 (New) Package is "gpg2" Tue Jan 19 15:59:07 2021 rev:153 rq:863296 version:2.2.27 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2020-11-29 12:20:05.969496743 +0100 +++ /work/SRC/openSUSE:Factory/.gpg2.new.28504/gpg2.changes 2021-01-19 15:59:34.151141885 +0100 @@ -1,0 +2,21 @@ +Tue Jan 12 22:45:11 UTC 2021 - Andreas Stieger + +- GnuPG 2.2.27: + * gpgconf: Fix case with neither local nor global gpg.conf + * gpgconf: Fix description of two new options +- includes changes from 2.2.26: + * gpg: New AKL method "ntds" + * gpg: Fix --trusted-key with fingerprint arg + * scd: Fix writing of ECC keys to an OpenPGP card + * scd: Make an USB error fix specific to SPR532 readers + * dirmngr: With new LDAP keyservers store the new attributes. +Never store the useless pgpSignerID. Fix a long standing +bug storing some keys on an ldap server. + * dirmngr: Support the new Active Direcory LDAP schema for +keyservers + * dirmngr: Allow LDAP OpenPGP searches via fingerprint + * dirmngr: Do not block other threads during keyserver LDAP calls + * Support global configuration files + * Fix the iconv fallback handling to UTF-8 + +--- Old: gnupg-2.2.25.tar.bz2 gnupg-2.2.25.tar.bz2.sig New: gnupg-2.2.27.tar.bz2 gnupg-2.2.27.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.o1Z3sf/_old 2021-01-19 15:59:34.943143081 +0100 +++ /var/tmp/diff_new_pack.o1Z3sf/_new 2021-01-19 15:59:34.943143081 +0100 @@ -1,7 +1,7 @@ # # spec file for package gpg2 # -# Copyright (c) 2020 SUSE LLC +# Copyright (c) 2021 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.2.25 +Version:2.2.27 Release:0 Summary:File encryption, decryption, signature creation and verification utility License:GPL-3.0-or-later @@ -61,7 +61,6 @@ Requires: libgcrypt20 >= 1.8.0 Requires: libksba >= 1.3.5 Requires: pinentry -Requires(post): %{install_info_prereq} Recommends: dirmngr = %{version} Provides: gnupg = %{version} Provides: gpg = 1.4.9 @@ -165,10 +164,6 @@ %post %udev_rules_update -%install_info --info-dir=%{_infodir} %{_infodir}/gnupg.info.gz - -%preun -%install_info_delete --info-dir=%{_infodir} %{_infodir}/gnupg.info.gz %files lang -f gnupg2.lang ++ gnupg-2.2.25.tar.bz2 -> gnupg-2.2.27.tar.bz2 ++ /work/SRC/openSUSE:Factory/gpg2/gnupg-2.2.25.tar.bz2 /work/SRC/openSUSE:Factory/.gpg2.new.28504/gnupg-2.2.27.tar.bz2 differ: char 11, line 1 ++ gnupg-2.2.8-files-are-digests.patch ++ --- /var/tmp/diff_new_pack.o1Z3sf/_old 2021-01-19 15:59:35.003143172 +0100 +++ /var/tmp/diff_new_pack.o1Z3sf/_new 2021-01-19 15:59:35.007143178 +0100 @@ -4,11 +4,11 @@ g10/sign.c| 68 -- 3 files changed, 67 insertions(+), 6 deletions(-) -Index: gnupg-2.2.20/g10/gpg.c +Index: gnupg-2.2.27/g10/gpg.c === gnupg-2.2.20.orig/g10/gpg.c -+++ gnupg-2.2.20/g10/gpg.c -@@ -380,6 +380,7 @@ enum cmd_and_opt_values +--- gnupg-2.2.27.orig/g10/gpg.c gnupg-2.2.27/g10/gpg.c +@@ -382,6 +382,7 @@ enum cmd_and_opt_values oTTYtype, oLCctype, oLCmessages, @@ -16,7 +16,7 @@ oXauthority, oGroup, oUnGroup, -@@ -834,6 +835,7 @@ static ARGPARSE_OPTS opts[] = { +@@ -838,6 +839,7 @@ static ARGPARSE_OPTS opts[] = { ARGPARSE_s_s (oWeakDigest, "weak-digest","@"), ARGPARSE_s_n (oUnwrap, "unwrap", "@"), ARGPARSE_s_n (oOnlySignTextIDs, "only-sign-text-ids", "@"), @@ -24,7 +24,7 @@ /* Aliases. I constantly mistype these, and assume other people do as well. */ -@@ -2421,6 +2423,7 @@ main (int argc, char **argv) +@@ -2372,6 +2374,7 @@ main (int argc, char **argv) opt.def_cert_expire = "0"; gnupg_set_homedir (NULL); opt.passphrase_repeat = 1; @@ -32,7 +32,7 @@ opt.emit_version = 0; opt.weak_digests = NULL; -@@ -2997,6 +3000,7 @@ main (int argc, char **argv) +@@ -2944,6 +2947,7 @@ main (int argc, char **argv) opt.verify_options&=~VERIFY_SHOW_PHOTOS; break; case oPhotoViewer: opt.photo_viewer = pargs.r.ret_str; break; @@ -40,
[opensuse-commit] commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2020-11-29 12:20:02 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.5913 (New) Package is "gpg2" Sun Nov 29 12:20:02 2020 rev:152 rq:850962 version:2.2.25 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2020-11-23 10:29:38.465305429 +0100 +++ /work/SRC/openSUSE:Factory/.gpg2.new.5913/gpg2.changes 2020-11-29 12:20:05.969496743 +0100 @@ -1,0 +2,9 @@ +Mon Nov 23 22:36:17 UTC 2020 - Andreas Stieger + +- GnuPG 2.2.25: + * scd: Fix regression in 2.2.24 requiring gpg --card-status +before signing or decrypting + * gpgsm: Using Libksba 1.5.0 signatures with a rarely used +combination of attributes can now be verified + +--- Old: gnupg-2.2.24.tar.bz2 gnupg-2.2.24.tar.bz2.sig New: gnupg-2.2.25.tar.bz2 gnupg-2.2.25.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.1WlwZ2/_old 2020-11-29 12:20:07.013497798 +0100 +++ /var/tmp/diff_new_pack.1WlwZ2/_new 2020-11-29 12:20:07.013497798 +0100 @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.2.24 +Version:2.2.25 Release:0 Summary:File encryption, decryption, signature creation and verification utility License:GPL-3.0-or-later ++ gnupg-2.2.24.tar.bz2 -> gnupg-2.2.25.tar.bz2 ++ /work/SRC/openSUSE:Factory/gpg2/gnupg-2.2.24.tar.bz2 /work/SRC/openSUSE:Factory/.gpg2.new.5913/gnupg-2.2.25.tar.bz2 differ: char 11, line 1 ___ openSUSE Commits mailing list -- commit@lists.opensuse.org To unsubscribe, email commit-le...@lists.opensuse.org List Netiquette: https://en.opensuse.org/openSUSE:Mailing_list_netiquette List Archives: https://lists.opensuse.org/archives/list/commit@lists.opensuse.org
[opensuse-commit] commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2020-11-21 12:40:12 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.5913 (New) Package is "gpg2" Sat Nov 21 12:40:12 2020 rev:151 rq:849250 version:2.2.24 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2020-09-06 00:00:44.759204072 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new.5913/gpg2.changes 2020-11-23 10:29:38.465305429 +0100 @@ -1,0 +2,28 @@ +Tue Nov 17 21:52:38 UTC 2020 - Andreas Stieger + +- GnuPG 2.2.24: + * gpg: New command --quick-revoke-sig + * gpg: Do not use weak digest algos if selected by recipient +preference during sign+encrypt + * gpg: Switch to AES256 for symmetric encryption in de-vs mode + * gpg: Silence weak digest warnings with --quiet + * gpg: Print new status line CANCELED_BY_USER for a cancel during +symmetric encryption + * gpg: Fix the encrypt+sign hash algo preference selection for +ECDSA. This is in particular needed for keys created from +existing smartcard based keys + * agent: Fix secret key import of GnuPG 2.3 generated Ed25519 +keys + * agent: Keep some permissions of private-keys-v1.d + * dirmngr: Align sks-keyservers.netCA.pem use between ntbtls and +gnutls builds + * dirmngr: Fix the pool keyserver case for a single host in the +pool + * scd: Fix the use case of verify_chv2 by CHECKPIN + * scd: Various improvements to the ccid-driver + * scd: Minor fixes for Yubikey + * gpgconf: New option --show-versions + * i18n: Complete overhaul and completion of the Italian +translation + +--- Old: gnupg-2.2.23.tar.bz2 gnupg-2.2.23.tar.bz2.sig New: gnupg-2.2.24.tar.bz2 gnupg-2.2.24.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.SaCEN1/_old 2020-11-23 10:29:39.293306336 +0100 +++ /var/tmp/diff_new_pack.SaCEN1/_new 2020-11-23 10:29:39.297306341 +0100 @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.2.23 +Version:2.2.24 Release:0 Summary:File encryption, decryption, signature creation and verification utility License:GPL-3.0-or-later @@ -43,9 +43,9 @@ BuildRequires: expect BuildRequires: fdupes BuildRequires: libassuan-devel >= 2.5.0 -BuildRequires: libgcrypt-devel >= 1.7.0 -BuildRequires: libgpg-error-devel >= 1.25 -BuildRequires: libksba-devel >= 1.3.4 +BuildRequires: libgcrypt-devel >= 1.8.0 +BuildRequires: libgpg-error-devel >= 1.27 +BuildRequires: libksba-devel >= 1.3.5 BuildRequires: makeinfo BuildRequires: npth-devel >= 1.2 BuildRequires: openldap2-devel @@ -56,11 +56,10 @@ BuildRequires: pkgconfig(libusb-1.0) BuildRequires: pkgconfig(sqlite3) >= 3.7 BuildRequires: pkgconfig(zlib) -# Add an explicit runtime dependency to match boo#955982 -Requires: libassuan0 >= 2.4.3 -# Explicit runtime depencency - runtime version check -Requires: libgcrypt20 >= 1.7.0 -Requires: libksba >= 1.3.4 +# runtime dependency to support devel repository users - boo#955982 +Requires: libassuan0 >= 2.5.0 +Requires: libgcrypt20 >= 1.8.0 +Requires: libksba >= 1.3.5 Requires: pinentry Requires(post): %{install_info_prereq} Recommends: dirmngr = %{version} ++ gnupg-2.2.23.tar.bz2 -> gnupg-2.2.24.tar.bz2 ++ /work/SRC/openSUSE:Factory/gpg2/gnupg-2.2.23.tar.bz2 /work/SRC/openSUSE:Factory/.gpg2.new.5913/gnupg-2.2.24.tar.bz2 differ: char 11, line 1 ___ openSUSE Commits mailing list -- commit@lists.opensuse.org To unsubscribe, email commit-le...@lists.opensuse.org List Netiquette: https://en.opensuse.org/openSUSE:Mailing_list_netiquette List Archives: https://lists.opensuse.org/archives/list/commit@lists.opensuse.org