commit gpg2 for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package gpg2 for openSUSE:Factory checked in
at 2024-08-13 13:22:21
Comparing /work/SRC/openSUSE:Factory/gpg2 (Old)
and /work/SRC/openSUSE:Factory/.gpg2.new.7232 (New)
Package is "gpg2"
Tue Aug 13 13:22:21 2024 rev:175 rq:1193388 version:2.4.5
Changes:
--- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2024-03-09
20:55:11.255693695 +0100
+++ /work/SRC/openSUSE:Factory/.gpg2.new.7232/gpg2.changes 2024-08-13
13:22:32.204478260 +0200
@@ -1,0 +2,6 @@
+Mon Aug 12 04:30:42 UTC 2024 - Andreas Stieger
+
+- Remove explicit runtime library dependency, pick ease of
+ maintenance in Tumbleweed over mixed project use runtime bugs.
+
+---
Other differences:
--
++ gpg2.spec ++
--- /var/tmp/diff_new_pack.DWcDgK/_old 2024-08-13 13:22:32.908507594 +0200
+++ /var/tmp/diff_new_pack.DWcDgK/_new 2024-08-13 13:22:32.908507594 +0200
@@ -2,6 +2,7 @@
# spec file for package gpg2
#
# Copyright (c) 2024 SUSE LLC
+# Copyright (c) 2024 Andreas Stieger
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -64,11 +65,6 @@
BuildRequires: pkgconfig(libusb-1.0)
BuildRequires: pkgconfig(sqlite3) >= 3.27
BuildRequires: pkgconfig(zlib)
-# runtime dependency to support devel repository users - boo#955982
-Requires: libassuan0 >= 2.5.0
-Requires: libgcrypt20 >= 1.9.1
-Requires: libgpg-error >= 1.46
-Requires: libksba >= 1.6.3
Requires: pinentry
Recommends: dirmngr = %{version}
Provides: gnupg = %{version}
commit gpg2 for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package gpg2 for openSUSE:Factory checked in
at 2024-03-09 20:54:13
Comparing /work/SRC/openSUSE:Factory/gpg2 (Old)
and /work/SRC/openSUSE:Factory/.gpg2.new.1770 (New)
Package is "gpg2"
Sat Mar 9 20:54:13 2024 rev:174 rq:1156460 version:2.4.5
Changes:
--- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2024-01-26
22:46:25.858391032 +0100
+++ /work/SRC/openSUSE:Factory/.gpg2.new.1770/gpg2.changes 2024-03-09
20:55:11.255693695 +0100
@@ -1,0 +2,27 @@
+Fri Mar 8 13:14:00 UTC 2024 - Pedro Monreal
+
+- Update to 2.4.5:
+ * gpg,gpgv: New option --assert-pubkey-algo. [T6946]
+ * gpg: Emit status lines for errors in the compression layer. [T6977]
+ * gpg: Fix invocation with --trusted-keys and --no-options. [T7025]
+ * gpgsm: Allow for a longer salt in PKCS#12 files. [T6757]
+ * gpgtar: Make --status-fd=2 work on Windows. [T6961]
+ * scd: Support for the ACR-122U NFC reader. [rG1682ca9f01]
+ * scd: Suport D-TRUST ECC cards. [T7000,T7001]
+ * scd: Allow auto detaching of kernel drivers; can be disabled with
+the new compatibility-flag ccid-no-auto-detach. [rGa1ea3b13e0]
+ * scd: Allow setting a PIN length of 6 also with a reset code for
+openpgp cards. [T6843]
+ * agent: Allow GET_PASSPHRASE in restricted mode. [rGadf4db6e20]
+ * dirmngr: Trust system's root CAs for checking CRL issuers. [T6963]
+ * dirmngr: Fix regression in 2.4.4 in fetching keys via hkps. [T6997]
+ * gpg-wks-client: Make option --mirror work properly w/o specifying
+domains. [rG37cc255e49]
+ * g13,gpg-wks-client: Allow command style options as in "g13 mount
+foo". [rGa09157ccb2]
+ * Allow tilde expansion for the foo-program options. [T7017]
+ * Make the getswdb.sh tool usable outside the GnuPG tree.
+ * Release-info: https://dev.gnupg.org/T6960
+ * Update the required versions for the dependencies.
+
+---
Old:
gnupg-2.4.4.tar.bz2
gnupg-2.4.4.tar.bz2.sig
New:
gnupg-2.4.5.tar.bz2
gnupg-2.4.5.tar.bz2.sig
Other differences:
--
++ gpg2.spec ++
--- /var/tmp/diff_new_pack.iPlCso/_old 2024-03-09 20:55:12.003721076 +0100
+++ /var/tmp/diff_new_pack.iPlCso/_new 2024-03-09 20:55:12.003721076 +0100
@@ -17,7 +17,7 @@
Name: gpg2
-Version:2.4.4
+Version:2.4.5
Release:0
Summary:File encryption, decryption, signature creation and
verification utility
License:GPL-3.0-or-later
@@ -60,7 +60,7 @@
BuildRequires: pkgconfig
BuildRequires: readline-devel
BuildRequires: pkgconfig(bzip2)
-BuildRequires: pkgconfig(gnutls) >= 3.0
+BuildRequires: pkgconfig(gnutls) >= 3.2
BuildRequires: pkgconfig(libusb-1.0)
BuildRequires: pkgconfig(sqlite3) >= 3.27
BuildRequires: pkgconfig(zlib)
@@ -68,7 +68,7 @@
Requires: libassuan0 >= 2.5.0
Requires: libgcrypt20 >= 1.9.1
Requires: libgpg-error >= 1.46
-Requires: libksba >= 1.3.4
+Requires: libksba >= 1.6.3
Requires: pinentry
Recommends: dirmngr = %{version}
Provides: gnupg = %{version}
++ gnupg-2.4.4.tar.bz2 -> gnupg-2.4.5.tar.bz2 ++
/work/SRC/openSUSE:Factory/gpg2/gnupg-2.4.4.tar.bz2
/work/SRC/openSUSE:Factory/.gpg2.new.1770/gnupg-2.4.5.tar.bz2 differ: char 11,
line 1
commit gpg2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2024-01-26 22:46:20 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.1815 (New) Package is "gpg2" Fri Jan 26 22:46:20 2024 rev:173 rq:1141713 version:2.4.4 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2023-11-02 20:20:44.146214877 +0100 +++ /work/SRC/openSUSE:Factory/.gpg2.new.1815/gpg2.changes 2024-01-26 22:46:25.858391032 +0100 @@ -1,0 +2,52 @@ +Thu Jan 25 18:51:03 UTC 2024 - Pedro Monreal + +- Update to 2.4.4: [bsc#1219191] + * gpg: Do not keep an unprotected smartcard backup key on disk. +See https://gnupg.org/blog/20240125-smartcard-backup-key.html +for a security advisory. [T6944] + * gpg: Allow to specify seconds since Epoch beyond 2038 on 32-bit +platforms. [T6736] + * gpg: Fix expiration time when Creation-Date is specified. [T5252] + * gpg: Add support for Subkey-Expire-Date. [rG96b69c1866] + * gpg: Add option --with-v5-fingerprint. [T6705] + * gpg: Add sub-option ignore-attributes to --import-options. + * gpg: Add --list-filter properties sig_expires/sig_expires_d. + * gpg: Fix validity of re-imported keys. [T6399] + * gpg: Report BEGIN_ status before examining the input. [T6481] + * gpg: Don't try to compress a read-only keybox. [T6811] + * gpg: Choose key from inserted card over a non-inserted card. [T6831] + * gpg: Allow to create revocations even with non-compliant algos. [T6929] + * gpg: Fix regression in the Revoker keyword of the parameter file. [T6923] + * gpg: Improve error message for expired default keys. [T4704] + * gpgsm: Add --always-trust feature. [T6559] + * gpgsm: Support ECC certificates in de-vs mode. [T6802] + * gpgsm: Major rewrite of the PKCS#12 parser. [T6536] + * gpgsm: No not show the pkcs#12 passphrase in debug output. [T6654] + * keyboxd: Timeout on failure to get the database lock. [T6838] + * agent: Update the key stubs only if really modified. [T6829] + * scd: Add support for certain Starcos 3.2 cards. [rG5304c9b080] + * scd: Add support for CardOS 5.4 cards. [rG812f988059] + * scd: Add support for D-Trust 4.1/4.4 cards. [rG0b85a9ac09] + * scd: Add support for Smartcafe Expert 7.0 cards. [T6919] + * scd: Add a length check for a new PIN. [T6843] + * tpm: Fix keytotpm handling in the agent. [rG9909f622f6] + * tpm: Fixes for the TPM test suite. [T6052] + * dirmngr: New option --ignore-crl-extensions. [T6545] + * dirmngr: Support config value "none" to disable the default +keyserver. [T6708] + * dirmngr: Fix handling of the HTTP Content-Length. [rGa5e33618f4] + * gpgconf: Add commands --lock and --unlock. [rG93b5ba38dc] + * gpgconf: Add keyword socketdir to gpgconf.ctl. [rG239c1fdc28] + * gpgconf: Adjust the -X command for the new VERSION file format. [T6918] + * wkd: Use export-clean for gpg-wks-client's --mirror and --create +commands. [rG2c7f7a5a278c] + * wkd: Make --add-revocs the default in gpg-wks-client. New option +--no-add-revocs. [rG10c937ee68] + * Remove duplicated backslashes when setting the homedir. [T6833] + * Ignore attempts to remove the /dev/null device. [T6556] + * Improve advisory file lock retry strategy. [T3380] + * Release-info: https://dev.gnupg.org/T6578 + * Remove patch upstream: +- gnupg-Report-BEGIN_-status-before-examining-the-input.patch + +--- Old: gnupg-2.4.3.tar.bz2 gnupg-2.4.3.tar.bz2.sig gnupg-Report-BEGIN_-status-before-examining-the-input.patch New: gnupg-2.4.4.tar.bz2 gnupg-2.4.4.tar.bz2.sig BETA DEBUG BEGIN: Old: * Remove patch upstream: - gnupg-Report-BEGIN_-status-before-examining-the-input.patch BETA DEBUG END: Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.wHJD7X/_old 2024-01-26 22:46:27.870463492 +0100 +++ /var/tmp/diff_new_pack.wHJD7X/_new 2024-01-26 22:46:27.874463636 +0100 @@ -1,7 +1,7 @@ # # spec file for package gpg2 # -# Copyright (c) 2023 SUSE LLC +# Copyright (c) 2024 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.4.3 +Version:2.4.4 Release:0 Summary:File encryption, decryption, signature creation and verification utility License:GPL-3.0-or-later @@ -44,10 +44,8 @@ Patch11:gnupg-allow-large-rsa.patch #PATCH-FIX-SUSE Revert the rfc4880bis features default of key generation Patch12:gnupg-revert-rfc4880bis.patch -#PATCH-FIX-UPSTREAM Fix emacs gpg2 o
commit gpg2 for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package gpg2 for openSUSE:Factory checked in
at 2023-11-02 20:20:41
Comparing /work/SRC/openSUSE:Factory/gpg2 (Old)
and /work/SRC/openSUSE:Factory/.gpg2.new.17445 (New)
Package is "gpg2"
Thu Nov 2 20:20:41 2023 rev:172 rq:1121440 version:2.4.3
Changes:
--- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2023-10-20
23:15:41.284157830 +0200
+++ /work/SRC/openSUSE:Factory/.gpg2.new.17445/gpg2.changes 2023-11-02
20:20:44.146214877 +0100
@@ -1,0 +2,6 @@
+Mon Oct 30 15:01:05 UTC 2023 - Pedro Monreal
+
+- Fix the build in SLE and Leap by adding an exclude in the files
+ section for the dirmngr's systemd user units. [jsc#PED-7093]
+
+---
Other differences:
--
++ gpg2.spec ++
--- /var/tmp/diff_new_pack.Gix7FM/_old 2023-11-02 20:20:45.074249025 +0100
+++ /var/tmp/diff_new_pack.Gix7FM/_new 2023-11-02 20:20:45.074249025 +0100
@@ -183,6 +183,9 @@
%dir %{_sysconfdir}/gnupg
%config(noreplace) %{_sysconfdir}/gnupg/gpgconf.conf
%{_userunitdir}/gpg-agent*
+%if 0%{?sle_version} >= 150500
+%exclude %{_userunitdir}/dirmngr.*
+%endif
%files -n dirmngr
%license COPYING*
commit gpg2 for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package gpg2 for openSUSE:Factory checked in
at 2023-10-20 23:15:36
Comparing /work/SRC/openSUSE:Factory/gpg2 (Old)
and /work/SRC/openSUSE:Factory/.gpg2.new.1945 (New)
Package is "gpg2"
Fri Oct 20 23:15:36 2023 rev:171 rq:1118846 version:2.4.3
Changes:
--- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2023-10-17
20:22:37.238287851 +0200
+++ /work/SRC/openSUSE:Factory/.gpg2.new.1945/gpg2.changes 2023-10-20
23:15:41.284157830 +0200
@@ -1,0 +2,7 @@
+Tue Oct 17 10:27:15 UTC 2023 - Pedro Monreal
+
+- Do not pull revision info from GIT when autoconf is run. This
+ removes the -unknown suffix after the version number.
+ * Add gnupg-nobetasuffix.patch [bsc#1216334]
+
+---
New:
gnupg-nobetasuffix.patch
Other differences:
--
++ gpg2.spec ++
--- /var/tmp/diff_new_pack.X4UvKj/_old 2023-10-20 23:15:43.424235912 +0200
+++ /var/tmp/diff_new_pack.X4UvKj/_new 2023-10-20 23:15:43.428236059 +0200
@@ -46,6 +46,8 @@
Patch12:gnupg-revert-rfc4880bis.patch
#PATCH-FIX-UPSTREAM Fix emacs gpg2 output parsing
Patch13:gnupg-Report-BEGIN_-status-before-examining-the-input.patch
+#PATCH-FIX-OPENSUSE Do not pull revision info from GIT when autoconf is run
+Patch14:gnupg-nobetasuffix.patch
BuildRequires: expect
BuildRequires: fdupes
BuildRequires: ibmswtpm2
++ gnupg-nobetasuffix.patch ++
Index: gnupg-2.4.3/autogen.sh
===
--- gnupg-2.4.3.orig/autogen.sh
+++ gnupg-2.4.3/autogen.sh
@@ -221,7 +221,7 @@ if [ "$myhost" = "find-version" ]; then
esac
beta=no
-if [ -e .git ]; then
+if false; then
ingit=yes
tmp=$(git describe --match "${matchstr1}" --long 2>/dev/null)
tmp=$(echo "$tmp" | sed s/^"$package"//)
@@ -237,8 +237,8 @@ if [ "$myhost" = "find-version" ]; then
rvd=$((0x$(echo ${rev} | dd bs=1 count=4 2>/dev/null)))
else
ingit=no
- beta=yes
- tmp="-unknown"
+ beta=no
+ tmp=""
rev="000"
rvd="0"
fi
commit gpg2 for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package gpg2 for openSUSE:Factory checked in
at 2023-10-17 20:22:32
Comparing /work/SRC/openSUSE:Factory/gpg2 (Old)
and /work/SRC/openSUSE:Factory/.gpg2.new.20540 (New)
Package is "gpg2"
Tue Oct 17 20:22:32 2023 rev:170 rq:1118131 version:2.4.3
Changes:
--- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2023-10-12
11:42:08.977118290 +0200
+++ /work/SRC/openSUSE:Factory/.gpg2.new.20540/gpg2.changes 2023-10-17
20:22:37.238287851 +0200
@@ -1,0 +2,8 @@
+Mon Oct 16 19:54:40 UTC 2023 - Pedro Monreal
+
+- Fix Emacs EasyPG behavior when parsing output:
+ * gpg: Report BEGIN_* status before examining the input.
+ * Upstream task: https://dev.gnupg.org/T6481
+ * Add gnupg-Report-BEGIN_-status-before-examining-the-input.patch
+
+---
New:
gnupg-Report-BEGIN_-status-before-examining-the-input.patch
Other differences:
--
++ gpg2.spec ++
--- /var/tmp/diff_new_pack.LmLKfe/_old 2023-10-17 20:22:38.250323280 +0200
+++ /var/tmp/diff_new_pack.LmLKfe/_new 2023-10-17 20:22:38.254323420 +0200
@@ -44,6 +44,8 @@
Patch11:gnupg-allow-large-rsa.patch
#PATCH-FIX-SUSE Revert the rfc4880bis features default of key generation
Patch12:gnupg-revert-rfc4880bis.patch
+#PATCH-FIX-UPSTREAM Fix emacs gpg2 output parsing
+Patch13:gnupg-Report-BEGIN_-status-before-examining-the-input.patch
BuildRequires: expect
BuildRequires: fdupes
BuildRequires: ibmswtpm2
++ gnupg-Report-BEGIN_-status-before-examining-the-input.patch ++
>From 2f872fa68c6576724b9dabee9fb0844266f55d0d Mon Sep 17 00:00:00 2001
From: NIIBE Yutaka
Date: Wed, 24 May 2023 10:36:04 +0900
Subject: [PATCH 4847/5000] gpg: Report BEGIN_* status before examining the
input.
* common/miscellaneous.c (is_openpgp_compressed_packet)
(is_file_compressed): Moved to ...
* common/iobuf.c: ... in this file.
(is_file_compressed): Change the argument to INP, the iobuf.
* common/util.h (is_file_compressed): Remove.
* common/iobuf.h (is_file_compressed): Add.
* g10/cipher-aead.c (write_header): Don't call write_status_printf
here.
(cipher_filter_aead): Call write_status_printf when called with
IOBUFCTRL_INIT.
* g10/cipher-cfb.c (write_header): Don't call write_status_printf
here.
(cipher_filter_cfb): Call write_status_printf when called with
IOBUFCTRL_INIT.
* g10/encrypt.c (encrypt_simple): Use new is_file_compressed function,
after call of iobuf_push_filter.
(encrypt_crypt): Likewise.
* g10/sign.c (sign_file): Likewise.
--
GnuPG-bug-id: 6481
Signed-off-by: NIIBE Yutaka
diff --git a/common/iobuf.c b/common/iobuf.c
index 62cde27f9..e088812a6 100644
--- a/common/iobuf.c
+++ b/common/iobuf.c
@@ -3057,3 +3057,123 @@ iobuf_skip_rest (iobuf_t a, unsigned long n, int
partial)
}
}
}
+
+
+/* Check whether (BUF,LEN) is valid header for an OpenPGP compressed
+ * packet. LEN should be at least 6. */
+static int
+is_openpgp_compressed_packet (const unsigned char *buf, size_t len)
+{
+ int c, ctb, pkttype;
+ int lenbytes;
+
+ ctb = *buf++; len--;
+ if (!(ctb & 0x80))
+return 0; /* Invalid packet. */
+
+ if ((ctb & 0x40)) /* New style (OpenPGP) CTB. */
+{
+ pkttype = (ctb & 0x3f);
+ if (!len)
+return 0; /* Expected first length octet missing. */
+ c = *buf++; len--;
+ if (c < 192)
+;
+ else if (c < 224)
+{
+ if (!len)
+return 0; /* Expected second length octet missing. */
+}
+ else if (c == 255)
+{
+ if (len < 4)
+return 0; /* Expected length octets missing */
+}
+}
+ else /* Old style CTB. */
+{
+ pkttype = (ctb>>2)&0xf;
+ lenbytes = ((ctb&3)==3)? 0 : (1<<(ctb & 3));
+ if (len < lenbytes)
+return 0; /* Not enough length bytes. */
+}
+
+ return (pkttype == 8);
+}
+
+
+/*
+ * Check if the file is compressed, by peeking the iobuf. You need to
+ * pass the iobuf with INP. Returns true if the buffer seems to be
+ * compressed.
+ */
+int
+is_file_compressed (iobuf_t inp)
+{
+ int i;
+ char buf[32];
+ int buflen;
+
+ struct magic_compress_s
+ {
+byte len;
+byte extchk;
+byte magic[5];
+ } magic[] =
+ {
+ { 3, 0, { 0x42, 0x5a, 0x68, 0x00 } }, /* bzip2 */
+ { 3, 0, { 0x1f, 0x8b, 0x08, 0x00 } }, /* gzip */
+ { 4, 0, { 0x50, 0x4b, 0x03, 0x04 } }, /* (pk)zip */
+ { 5, 0, { '%', 'P', 'D', 'F', '-'} }, /* PDF */
+ { 4, 1, { 0xff, 0xd8, 0xff, 0xe0 } }, /* Maybe JFIF */
+ { 5, 2, { 0x89, 'P','N','G', 0x0d} } /* Likely PNG */
+ };
+
+ if (!inp)
+return 0;
+
+ for ( ; inp->chain; inp = inp->chai
commit gpg2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2023-10-11 23:54:10 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.1807 (New) Package is "gpg2" Wed Oct 11 23:54:10 2023 rev:169 rq:1116712 version:2.4.3 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2023-09-28 00:34:28.636125296 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new.1807/gpg2.changes 2023-10-12 11:42:08.977118290 +0200 @@ -1,0 +2,15 @@ +Tue Oct 10 06:46:08 UTC 2023 - Pedro Monreal + +- Install the internal executables in the /usr/libexec dir instead + of /usr/lib64. These files are keyboxd, scdaemon, gpg-auth + gpg-check-pattern, gpg-pair-tool, gpg-preset-passphrase, + gpg-protect-tool, gpg-wks-client, dirmngr_ldap and tpm2daemon. + +--- +Mon Oct 9 12:33:12 UTC 2023 - Pedro Monreal + +- Provide the systemd-user files since they have been removed + upstream since version 2.4.1. [bsc#1201564] + * Add gpg2-systemd-user.tar.xz + +--- @@ -8,0 +24,86 @@ +Thu Aug 3 16:24:19 UTC 2023 - Pedro Monreal + +- Revert back to use the IBM TPM Software stack. + +--- +Wed Jul 5 09:10:55 UTC 2023 - Pedro Monreal + +- Update to 2.4.3: + * gpg: Set default expiration date to 3 years. [T2701] + * gpg: Add --list-filter properties "key_expires" and +"key_expires_d". [T6529] + * gpg: Emit status line and proper diagnostics for write errors. [T6528] + * gpg: Make progress work for large files on Windows. [T6534] + * gpg: New option --no-compress as alias for -z0. + * gpgsm: Print PROGRESS status lines. Add new --input-size-hint. [T6534] + * gpgsm: Support SENDCERT_SKI for --call-dirmngr. [rG701a8b30f0] + * gpgsm: Major rewrite of the PKCS#12 parser. [T6536] + * gpgtar: New option --no-compress. + * dirmngr: Extend the AD_QUERY command. [rG207c99567c] + * dirmngr: Disable the HTTP redirect rewriting. [T6477] + * dirmngr: New option --compatibility-flags. [rGbf04b07327] + * dirmngr: New option --ignore-crl-extensions. [T6545] + * wkd: Use export-clean for gpg-wks-client's --mirror and --create +commands. [rG2c7f7a5a27] + * wkd: Make --add-revocs the default in gpg-wks-client. New option +--no-add-revocs. [rG10c937ee68] + * scd: Make signing work for Nexus cards. [rGb83d86b988] + * scd: Fix authentication with Administration Key for PIV. [rG25b59cf6ce] + +--- +Tue May 30 19:37:39 UTC 2023 - Pedro Monreal + +- Update to 2.4.2: + * gpg: Print a warning if no more encryption subkeys are left over +after changing the expiration date. [rGef2c3d50fa] + * gpg: Fix searching for the ADSK key when adding an ADSK. [T6504] + * gpgsm: Speed up key listings on Windows. [rG08ff55bd44] + * gpgsm: Reduce the number of "failed to open policy file" +diagnostics. [rG68613a6a9d] + * agent: Make updating of private key files more robust and track +display S/N. [T6135] + * keyboxd: Avoid longish delays on Windows when listing keys. +[rG6944aefa3c] + * gpgtar: Emit extra status lines to help GPGME. [T6497] + * w32: Avoid using the VirtualStore. [T6403] + * Rebase gnupg-add_legacy_FIPS_mode_option.patch + +--- +Fri Apr 28 11:58:06 UTC 2023 - Pedro Monreal + +- Update to 2.4.1: + * If the ~/.gnupg directory does not exist, the keyboxd is now +automagically enabled. [rGd9e7488b17] + * gpg: New option --add-desig-revoker. [rG3d094e2bcf] + * gpg: New option --assert-signer. [rGc9e95b8dee] + * gpg: New command --quick-add-adsk and other ADSK features. +[T6395, https://gnupg.org/blog/20230321-adsk.html] + * gpg: New list-option "show-unusable-sigs". Also show "[self-signature]" +instead of the user-id in key signature listings. [rG103acfe9ca] + * gpg: For symmetric encryption the default S2K hash is now SHA256. [T6367] + * gpg: Detect already compressed data also when using a pipe. Also +detect JPEG and PNG file formats. [T6332] + * gpg: New subcommand "openpgp" for --card-edit. [T6462] + * gpgsm: Verification of detached signatures does now strip trailing +zeroes from the input if --assume-binary is used. [rG2a13f7f9dc] + * gpgsm: Non-armored detached signature are now created without +using indefinite form length octets. This improves compatibility +with some PDF signature verification software. [rG8996b0b655] + * gpgtar: Emit progress status lines in create mode. [T6363] + * dirmngr: The LDAP modifyTimestamp is now returned by some +keyserver commands. [r
commit gpg2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2023-09-28 00:24:56 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.23327 (New) Package is "gpg2" Thu Sep 28 00:24:56 2023 rev:168 rq:1113652 version:2.4.0 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2023-06-07 23:07:09.379250788 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new.23327/gpg2.changes 2023-09-28 00:34:28.636125296 +0200 @@ -1,0 +2,121 @@ +Thu Sep 21 07:36:32 UTC 2023 - Pedro Monreal + +- Install the systemd user units in the _userunitdir [bsc#1201564] + * Note that, there is no activation by default. + * Rework excludes in the spec's files section. + +--- +Fri Mar 10 09:03:00 UTC 2023 - Pedro Monreal + +- Temporarily revert back to the pre-2.4 default for key generation. + The new rfc4880bis has been set as the default in 2.4 version and + might create incompatible keys. Note that, rfc4880bis can still + be used with the option flag --rfc4880bis as in previous versions. + * More info in the gnupg-devel ML: +https://lists.gnupg.org/pipermail/gnupg-devel/2022-December/035183.html + * Reverted commit https://dev.gnupg.org/rGcaf4b3fc16e9 + * Add gnupg-revert-rfc4880bis.patch + +--- +Fri Mar 10 08:42:02 UTC 2023 - Pedro Monreal + +- Allow 8192 bit RSA keys in keygen UI when large_rsa is set + * Add gnupg-allow-large-rsa.patch + +--- +Wed Jan 11 11:15:54 UTC 2023 - Pedro Monreal + +- Fix broken GPGME QT tests: Upstram dev task dev.gnupg.org/T6313 + * The original patch has been modified to expand the changes +also to the tests/gpgme/Makefile.in file. + * Add gnupg-tests-Fix-tests-gpgme-for-in-source-tree-builds.patch + +--- +Tue Dec 20 16:01:05 UTC 2022 - David Anes + +- Updated to require libgpg-error-devel >= 1.46 + +- Rebased patches: + * gnupg-allow-import-of-previously-known-keys-even-without-UIDs.patch + * gnupg-add_legacy_FIPS_mode_option.patch + +- GnuPG 2.4.0: + * common: Fix translations in --help for gpgrt < 1.47. + * gpg: Do not continue the export after a cancel for the primary key. + * gpg: Replace use of PRIu64 in log_debug. + * Update NEWS for 2.4.0. + * tests: Fix make check with GPGME. + * agent: Allow arguments to "scd serialno" in restricted mode. + * scd:p15: Skip deleted records. + * build: Remove Windows CE support. + * wkd: Do not send/install/mirror expired user ids. + * gpgsm: Print the revocation time also with --verify. + * gpgsm: Fix "problem re-searching certificate" case. + * gpgsm: Print revocation date and reason in cert listings. + * gpgsm: Silence the "non-critical certificate policy not allowed". + * gpgsm: Always use the chain model if the root-CA requests this. + * gpg: New export option "mode1003". + * gpg: Remove a mostly duplicated function. + * tests: Simplify fake-pinentry to use the option only. + * tests: Fix fake-pinentry for Windows. + * tests: Fix make check-all. + * agent: Fix import of protected v5 keys. + * gpgsm: Change default algo to AES-256. + * tests: Put a workaround for semihosted environment. + * tests: More fix for semihosted environment. + * tests: Support semihosted environment. + * tests: Fix tests under cms. + * tests,w32: Fix for semihosted environment. + * w32: Fix for tests on semihosted environment. + * w32: Fix gnupg_unsetenv. + * wkd: New option --add-revocs and some fixes. + * wkd: Make use of --debug extprog. + * gpg: New export-filter export-revocs. + * gpg: Fix double-free in gpg --card-edit. + * gpg: Make --require-compliance work with out --status-fd. + * gpg: New option --list-filter. + * dirmngr: Silence ocsp debug output. + * tests: Fix to support --enable-all-tests and variants. + * tests:w32: Fix for non-dot file name for Windows. + * tests:gpgscm:w32: Fix for GetTempPath. + * tests: Keep .log files in objdir. + * tests: Use 233 for invalid value of FD. + * w32: Fix gnupg_tmpfile for possible failure. + * scd: Redact --debug cardio output of a VERIFY APDU. + * common: Remove Windows CE support in common. + * gpgsm: Fix colon outout of ECC encryption certificates. + * scd:nks: Fix ECC signing if key not given by keygrip. + * dirmngr: Fix verification of ECDSA signed CRLs. + * agent: Allow trustlist on Windows in Unicode homedirs. + * gpg: Fix verification of cleartext signatures with overlong lines. + * gpg: Move w32_system function. + * gpg: New option --quick-update-pref. + * gpg: New list-options show-pref and show-pref-verbose.
commit gpg2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2023-06-07 23:06:41 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.15902 (New) Package is "gpg2" Wed Jun 7 23:06:41 2023 rev:167 rq:1091340 version:2.3.8 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2023-06-06 19:55:48.370312093 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new.15902/gpg2.changes 2023-06-07 23:07:09.379250788 +0200 @@ -2,177 +1,0 @@ -Tue May 30 19:37:39 UTC 2023 - Pedro Monreal - -- Update to 2.4.2: - * gpg: Print a warning if no more encryption subkeys are left over -after changing the expiration date. [rGef2c3d50fa] - * gpg: Fix searching for the ADSK key when adding an ADSK. [T6504] - * gpgsm: Speed up key listings on Windows. [rG08ff55bd44] - * gpgsm: Reduce the number of "failed to open policy file" -diagnostics. [rG68613a6a9d] - * agent: Make updating of private key files more robust and track -display S/N. [T6135] - * keyboxd: Avoid longish delays on Windows when listing keys. -[rG6944aefa3c] - * gpgtar: Emit extra status lines to help GPGME. [T6497] - * w32: Avoid using the VirtualStore. [T6403] - * Rebase gnupg-add_legacy_FIPS_mode_option.patch - -Fri Apr 28 11:58:06 UTC 2023 - Pedro Monreal - -- Update to 2.4.1: - * If the ~/.gnupg directory does not exist, the keyboxd is now -automagically enabled. [rGd9e7488b17] - * gpg: New option --add-desig-revoker. [rG3d094e2bcf] - * gpg: New option --assert-signer. [rGc9e95b8dee] - * gpg: New command --quick-add-adsk and other ADSK features. -[T6395, https://gnupg.org/blog/20230321-adsk.html] - * gpg: New list-option "show-unusable-sigs". Also show "[self-signature]" -instead of the user-id in key signature listings. [rG103acfe9ca] - * gpg: For symmetric encryption the default S2K hash is now SHA256. [T6367] - * gpg: Detect already compressed data also when using a pipe. Also -detect JPEG and PNG file formats. [T6332] - * gpg: New subcommand "openpgp" for --card-edit. [T6462] - * gpgsm: Verification of detached signatures does now strip trailing -zeroes from the input if --assume-binary is used. [rG2a13f7f9dc] - * gpgsm: Non-armored detached signature are now created without -using indefinite form length octets. This improves compatibility -with some PDF signature verification software. [rG8996b0b655] - * gpgtar: Emit progress status lines in create mode. [T6363] - * dirmngr: The LDAP modifyTimestamp is now returned by some -keyserver commands. [rG56d309133f] - * ssh: Allow specification of the order keys are presented to ssh. -See the man page entry for --enable-ssh-support. [T5996, T6212] - * gpg: Make list-options "show-sig-subpackets" work again. -Fixes regression in 2.4.0. [rG5a223303d7] - * gpg: Fix the keytocard command for Yubikeys. [T6378] - * gpg: Do not continue an export after a cancel for the primary key. [T6093] - * gpg: Replace the --override-compliance-check hack by a real fix. [T5655] - * gpgtar: Fix decryption with input taken from stdin. [T6355] - * Rebase patches: -- gnupg-revert-rfc4880bis.patch -- gnupg-add_legacy_FIPS_mode_option.patch - * Remove patch fixed upstream: -- gnupg-tests-Fix-tests-gpgme-for-in-source-tree-builds.patch - -Fri Mar 10 09:03:00 UTC 2023 - Pedro Monreal - -- Temporarily revert back to the pre-2.4 default for key generation. - The new rfc4880bis has been set as the default in 2.4 version and - might create incompatible keys. Note that, rfc4880bis can still - be used with the option flag --rfc4880bis as in previous versions. - * More info in the gnupg-devel ML: -https://lists.gnupg.org/pipermail/gnupg-devel/2022-December/035183.html - * Reverted commit https://dev.gnupg.org/rGcaf4b3fc16e9 - * Add gnupg-revert-rfc4880bis.patch - -Fri Mar 10 08:42:02 UTC 2023 - Pedro Monreal - -- Allow 8192 bit RSA keys in keygen UI when large_rsa is set - * Add gnupg-allow-large-rsa.patch - -Tue Feb 7 08:58:03 UTC 2023 - Pedro Monreal - -- Fix the regression test suite fails with the IBM TPM Software - stack. Builds fine using the Intel TPM; use the swtpm and - tpm2-0-tss-devel packages instead of ibmswtpm2 and ibmtss-devel. - -Wed Jan 11 11:15:54 UTC 2023 - Pedro Monreal - -- Fix broken GPGME QT tests: Upstram dev task dev.gnupg.org/T6313 - * The original patch has been modified to expand
commit gpg2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2023-06-06 19:55:08 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.15902 (New) Package is "gpg2" Tue Jun 6 19:55:08 2023 rev:166 rq:1090818 version:2.4.2 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2023-05-17 10:53:05.219333121 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new.15902/gpg2.changes 2023-06-06 19:55:48.370312093 +0200 @@ -1,0 +2,177 @@ +Tue May 30 19:37:39 UTC 2023 - Pedro Monreal + +- Update to 2.4.2: + * gpg: Print a warning if no more encryption subkeys are left over +after changing the expiration date. [rGef2c3d50fa] + * gpg: Fix searching for the ADSK key when adding an ADSK. [T6504] + * gpgsm: Speed up key listings on Windows. [rG08ff55bd44] + * gpgsm: Reduce the number of "failed to open policy file" +diagnostics. [rG68613a6a9d] + * agent: Make updating of private key files more robust and track +display S/N. [T6135] + * keyboxd: Avoid longish delays on Windows when listing keys. +[rG6944aefa3c] + * gpgtar: Emit extra status lines to help GPGME. [T6497] + * w32: Avoid using the VirtualStore. [T6403] + * Rebase gnupg-add_legacy_FIPS_mode_option.patch + +--- +Fri Apr 28 11:58:06 UTC 2023 - Pedro Monreal + +- Update to 2.4.1: + * If the ~/.gnupg directory does not exist, the keyboxd is now +automagically enabled. [rGd9e7488b17] + * gpg: New option --add-desig-revoker. [rG3d094e2bcf] + * gpg: New option --assert-signer. [rGc9e95b8dee] + * gpg: New command --quick-add-adsk and other ADSK features. +[T6395, https://gnupg.org/blog/20230321-adsk.html] + * gpg: New list-option "show-unusable-sigs". Also show "[self-signature]" +instead of the user-id in key signature listings. [rG103acfe9ca] + * gpg: For symmetric encryption the default S2K hash is now SHA256. [T6367] + * gpg: Detect already compressed data also when using a pipe. Also +detect JPEG and PNG file formats. [T6332] + * gpg: New subcommand "openpgp" for --card-edit. [T6462] + * gpgsm: Verification of detached signatures does now strip trailing +zeroes from the input if --assume-binary is used. [rG2a13f7f9dc] + * gpgsm: Non-armored detached signature are now created without +using indefinite form length octets. This improves compatibility +with some PDF signature verification software. [rG8996b0b655] + * gpgtar: Emit progress status lines in create mode. [T6363] + * dirmngr: The LDAP modifyTimestamp is now returned by some +keyserver commands. [rG56d309133f] + * ssh: Allow specification of the order keys are presented to ssh. +See the man page entry for --enable-ssh-support. [T5996, T6212] + * gpg: Make list-options "show-sig-subpackets" work again. +Fixes regression in 2.4.0. [rG5a223303d7] + * gpg: Fix the keytocard command for Yubikeys. [T6378] + * gpg: Do not continue an export after a cancel for the primary key. [T6093] + * gpg: Replace the --override-compliance-check hack by a real fix. [T5655] + * gpgtar: Fix decryption with input taken from stdin. [T6355] + * Rebase patches: +- gnupg-revert-rfc4880bis.patch +- gnupg-add_legacy_FIPS_mode_option.patch + * Remove patch fixed upstream: +- gnupg-tests-Fix-tests-gpgme-for-in-source-tree-builds.patch + +--- +Fri Mar 10 09:03:00 UTC 2023 - Pedro Monreal + +- Temporarily revert back to the pre-2.4 default for key generation. + The new rfc4880bis has been set as the default in 2.4 version and + might create incompatible keys. Note that, rfc4880bis can still + be used with the option flag --rfc4880bis as in previous versions. + * More info in the gnupg-devel ML: +https://lists.gnupg.org/pipermail/gnupg-devel/2022-December/035183.html + * Reverted commit https://dev.gnupg.org/rGcaf4b3fc16e9 + * Add gnupg-revert-rfc4880bis.patch + +--- +Fri Mar 10 08:42:02 UTC 2023 - Pedro Monreal + +- Allow 8192 bit RSA keys in keygen UI when large_rsa is set + * Add gnupg-allow-large-rsa.patch + +--- +Tue Feb 7 08:58:03 UTC 2023 - Pedro Monreal + +- Fix the regression test suite fails with the IBM TPM Software + stack. Builds fine using the Intel TPM; use the swtpm and + tpm2-0-tss-devel packages instead of ibmswtpm2 and ibmtss-devel. + +--- +Wed Jan 11 11:15:54 UTC 2023 - Pedro Monreal + +- Fix broken GPGME QT tests: Upstram dev task dev.gnupg.org/T6313 + * The original patch has been modified to expand
commit gpg2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2023-05-17 10:52:48 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.1533 (New) Package is "gpg2" Wed May 17 10:52:48 2023 rev:165 rq:1087520 version:2.3.8 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2023-05-16 14:27:04.471621239 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new.1533/gpg2.changes 2023-05-17 10:53:05.219333121 +0200 @@ -2,164 +1,0 @@ -Sat Apr 29 08:25:46 UTC 2023 - Pedro Monreal - -- Temporarily revert back to the pre-2.4 default for key generation. - The new rfc4880bis has been set as the default in 2.4 version and - might create incompatible keys. Note that, rfc4880bis can still - be used with the option flag --rfc4880bis as in previous versions. - * More info in the gnupg-devel ML: -https://lists.gnupg.org/pipermail/gnupg-devel/2022-December/035183.html - * Reverted commit https://dev.gnupg.org/rGcaf4b3fc16e9 - * Add gnupg-revert-rfc4880bis.patch - -Sat Apr 29 08:12:32 UTC 2023 - Pedro Monreal - -- Allow 8192 bit RSA keys in keygen UI when large_rsa is set - * Add gnupg-allow-large-rsa.patch - -Sat Apr 29 08:01:16 UTC 2023 - Pedro Monreal - -- Enable the regression tests: Fix the regression test suite that - fails with the IBM TPM Software stack. Builds fine using the Intel - TPM; use the swtpm and tpm2-0-tss-devel packages instead of - ibmswtpm2 and ibmtss-devel. - -Fri Apr 28 17:32:11 UTC 2023 - David Anes - -- Rebased patches: - * gnupg-add_legacy_FIPS_mode_option.patch - -- Removed patches (already upstream): - * gnupg-tests-Fix-tests-gpgme-for-in-source-tree-builds.patch - -- Don't ship systemd examples, as they are removed from upstream - release tarball. - -- Update to 2.4.1: - * If the ~/.gnupg directory does not exist, the keyboxd is now -automagically enabled. - * gpg: New option --add-desig-revoker. - * gpg: New option --assert-signer. - * gpg: New command --quick-add-adsk and other ADSK features. - * gpg: New list-option "show-unusable-sigs". Also show -"[self-signature]" instead of the user-id in key signature -listings. - * gpg: For symmetric encryption the default S2K hash is now SHA256. - * gpg: Detect already compressed data also when using a pipe. Also -detect JPEG and PNG file formats. - * gpg: New subcommand "openpgp" for --card-edit. - * gpgsm: Verification of detached signatures does now strip trailing -zeroes from the input if --assume-binary is used. - * gpgsm: Non-armored detached signature are now created without -using indefinite form length octets. This improves compatibility -with some PDF signature verification software. - * gpgtar: Emit progress status lines in create mode. - * dirmngr: The LDAP modifyTimestamp is now returned by some -keyserver commands. - * ssh: Allow specification of the order keys are presented to ssh. -See the man page entry for --enable-ssh-support. - * gpg: Make list-options "show-sig-subpackets" work again. -Fixes regression in 2.4.0. - * gpg: Fix the keytocard command for Yubikeys. - * gpg: Do not continue an export after a cancel for the primary key. - * gpg: Replace the --override-compliance-check hack by a real fix. - * gpgtar: Fix decryption with input taken from stdin. - -Wed Jan 11 11:15:54 UTC 2023 - Pedro Monreal - -- Fix broken GPGME QT tests: Upstram dev task dev.gnupg.org/T6313 - * The original patch has been modified to expand the changes -also to the tests/gpgme/Makefile.in file. - * Add gnupg-tests-Fix-tests-gpgme-for-in-source-tree-builds.patch - -Tue Dec 20 16:01:05 UTC 2022 - David Anes - -- Updated to require libgpg-error-devel >= 1.46 - -- Rebased patches: - * gnupg-allow-import-of-previously-known-keys-even-without-UIDs.patch - * gnupg-add_legacy_FIPS_mode_option.patch - -- GnuPG 2.4.0: - * common: Fix translations in --help for gpgrt < 1.47. - * gpg: Do not continue the export after a cancel for the primary key. - * gpg: Replace use of PRIu64 in log_debug. - * Update NEWS for 2.4.0. - * tests: Fix make check with GPGME. - * agent: Allow arguments to "scd serialno" in restricted mode. - * scd:p15: Skip deleted records. - * build: Remove Windows CE support. - * wkd: Do not send/install/mirror expired user ids. - * gpgsm: Print the revocation time also with --verify. - * gpgsm: Fix "problem re-searching certifi
commit gpg2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2023-05-16 14:15:56 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.1533 (New) Package is "gpg2" Tue May 16 14:15:56 2023 rev:164 rq:1087238 version:2.4.1 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2022-10-18 12:45:10.921748617 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new.1533/gpg2.changes 2023-05-16 14:27:04.471621239 +0200 @@ -1,0 +2,164 @@ +Sat Apr 29 08:25:46 UTC 2023 - Pedro Monreal + +- Temporarily revert back to the pre-2.4 default for key generation. + The new rfc4880bis has been set as the default in 2.4 version and + might create incompatible keys. Note that, rfc4880bis can still + be used with the option flag --rfc4880bis as in previous versions. + * More info in the gnupg-devel ML: +https://lists.gnupg.org/pipermail/gnupg-devel/2022-December/035183.html + * Reverted commit https://dev.gnupg.org/rGcaf4b3fc16e9 + * Add gnupg-revert-rfc4880bis.patch + +--- +Sat Apr 29 08:12:32 UTC 2023 - Pedro Monreal + +- Allow 8192 bit RSA keys in keygen UI when large_rsa is set + * Add gnupg-allow-large-rsa.patch + +--- +Sat Apr 29 08:01:16 UTC 2023 - Pedro Monreal + +- Enable the regression tests: Fix the regression test suite that + fails with the IBM TPM Software stack. Builds fine using the Intel + TPM; use the swtpm and tpm2-0-tss-devel packages instead of + ibmswtpm2 and ibmtss-devel. + +--- +Fri Apr 28 17:32:11 UTC 2023 - David Anes + +- Rebased patches: + * gnupg-add_legacy_FIPS_mode_option.patch + +- Removed patches (already upstream): + * gnupg-tests-Fix-tests-gpgme-for-in-source-tree-builds.patch + +- Don't ship systemd examples, as they are removed from upstream + release tarball. + +- Update to 2.4.1: + * If the ~/.gnupg directory does not exist, the keyboxd is now +automagically enabled. + * gpg: New option --add-desig-revoker. + * gpg: New option --assert-signer. + * gpg: New command --quick-add-adsk and other ADSK features. + * gpg: New list-option "show-unusable-sigs". Also show +"[self-signature]" instead of the user-id in key signature +listings. + * gpg: For symmetric encryption the default S2K hash is now SHA256. + * gpg: Detect already compressed data also when using a pipe. Also +detect JPEG and PNG file formats. + * gpg: New subcommand "openpgp" for --card-edit. + * gpgsm: Verification of detached signatures does now strip trailing +zeroes from the input if --assume-binary is used. + * gpgsm: Non-armored detached signature are now created without +using indefinite form length octets. This improves compatibility +with some PDF signature verification software. + * gpgtar: Emit progress status lines in create mode. + * dirmngr: The LDAP modifyTimestamp is now returned by some +keyserver commands. + * ssh: Allow specification of the order keys are presented to ssh. +See the man page entry for --enable-ssh-support. + * gpg: Make list-options "show-sig-subpackets" work again. +Fixes regression in 2.4.0. + * gpg: Fix the keytocard command for Yubikeys. + * gpg: Do not continue an export after a cancel for the primary key. + * gpg: Replace the --override-compliance-check hack by a real fix. + * gpgtar: Fix decryption with input taken from stdin. + +--- +Wed Jan 11 11:15:54 UTC 2023 - Pedro Monreal + +- Fix broken GPGME QT tests: Upstram dev task dev.gnupg.org/T6313 + * The original patch has been modified to expand the changes +also to the tests/gpgme/Makefile.in file. + * Add gnupg-tests-Fix-tests-gpgme-for-in-source-tree-builds.patch + +--- +Tue Dec 20 16:01:05 UTC 2022 - David Anes + +- Updated to require libgpg-error-devel >= 1.46 + +- Rebased patches: + * gnupg-allow-import-of-previously-known-keys-even-without-UIDs.patch + * gnupg-add_legacy_FIPS_mode_option.patch + +- GnuPG 2.4.0: + * common: Fix translations in --help for gpgrt < 1.47. + * gpg: Do not continue the export after a cancel for the primary key. + * gpg: Replace use of PRIu64 in log_debug. + * Update NEWS for 2.4.0. + * tests: Fix make check with GPGME. + * agent: Allow arguments to "scd serialno" in restricted mode. + * scd:p15: Skip deleted records. + * build: Remove Windows CE support. + * wkd: Do not send/install/mirror expired user ids. + * gpgsm: Print the revocation time also with --verify. + * gpgsm: Fix "problem re-searching certifi
commit gpg2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2022-10-18 12:44:45 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.2275 (New) Package is "gpg2" Tue Oct 18 12:44:45 2022 rev:163 rq:1029595 version:2.3.8 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2022-08-10 17:12:37.949603455 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new.2275/gpg2.changes 2022-10-18 12:45:10.921748617 +0200 @@ -1,0 +2,38 @@ +Mon Oct 17 11:35:11 UTC 2022 - Pedro Monreal + +- GnuPG 2.3.8: + * gpg: Do not consider unknown public keys as non-compliant while +decrypting. + * gpg: Avoid to emit a compliance mode line if Libgcrypt is +non-compliant. + * gpg: Improve --edit-key setpref command to ease c+p. + * gpg: Emit an ERROR status if --quick-set-primary-uid fails and +allow to pass the user ID by hash. + * gpg: Actually show symmetric+pubkey encrypted data as de-vs +compliant. Add extra compliance checks for symkey_enc packets. + * gpg: In de-vs mode use SHA-256 instead of SHA-1 as implicit +preference. + * gpgsm: Fix reporting of bad passphrase error during PKCS#11 +import. + * agent: Fix a regression in "READKEY --format=ssh". + * agent: New option --need-attr for KEYINFO. + * agent: New attribute "Remote-list" for use by KEYINFO. + * scd: Fix problem with Yubikey 5.4 firmware. + * dirmngr: Fix CRL Distribution Point fallback to other schemes. + * dirmngr: New LDAP server flag "areconly" (A-record-only). + * dirmngr: Fix upload of multiple keys for an LDAP server specified +using the colon format. + * dirmngr: Use LDAP schema v2 when a Base DN is specified. + * dirmngr: Avoid caching expired certificates. + * wkd: Fix path traversal attack in gpg-wks-server. Add the mail +address to the pending request data. + * wkd: New command --mirror for gpg-wks-client. + * gpg-auth: New tool for authentication. + * New common.conf option no-autostart. + * Silence warnings from AllowSetForegroundWindow unless +GNUPG_EXEC_DEBUG_FLAGS is used. + * Rebase gnupg-detect_FIPS_mode.patch + * Remove patch upstream: +- gnupg-2.3.7-scd-openpgp-Fix-workaround-for-Yubikey-heuristics.patch + +--- Old: gnupg-2.3.7-scd-openpgp-Fix-workaround-for-Yubikey-heuristics.patch gnupg-2.3.7.tar.bz2 gnupg-2.3.7.tar.bz2.sig New: gnupg-2.3.8.tar.bz2 gnupg-2.3.8.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.IcRQle/_old 2022-10-18 12:45:11.865750766 +0200 +++ /var/tmp/diff_new_pack.IcRQle/_new 2022-10-18 12:45:11.869750775 +0200 @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.3.7 +Version:2.3.8 Release:0 Summary:File encryption, decryption, signature creation and verification utility License:GPL-3.0-or-later @@ -39,7 +39,6 @@ Patch8: gnupg-accept_subkeys_with_a_good_revocation_but_no_self-sig_during_import.patch Patch9: gnupg-add-test-cases-for-import-without-uid.patch Patch10: gnupg-allow-import-of-previously-known-keys-even-without-UIDs.patch -Patch11: gnupg-2.3.7-scd-openpgp-Fix-workaround-for-Yubikey-heuristics.patch BuildRequires: expect BuildRequires: fdupes BuildRequires: ibmswtpm2 ++ gnupg-2.3.7.tar.bz2 -> gnupg-2.3.8.tar.bz2 ++ /work/SRC/openSUSE:Factory/gpg2/gnupg-2.3.7.tar.bz2 /work/SRC/openSUSE:Factory/.gpg2.new.2275/gnupg-2.3.8.tar.bz2 differ: char 11, line 1 ++ gnupg-detect_FIPS_mode.patch ++ --- /var/tmp/diff_new_pack.IcRQle/_old 2022-10-18 12:45:11.945750948 +0200 +++ /var/tmp/diff_new_pack.IcRQle/_new 2022-10-18 12:45:11.949750957 +0200 @@ -1,34 +1,18 @@ -Index: gnupg-2.1.1/g10/encrypt.c +Index: gnupg-2.3.8/g10/mainproc.c === gnupg-2.1.1.orig/g10/encrypt.c -+++ gnupg-2.1.1/g10/encrypt.c -@@ -783,7 +783,10 @@ encrypt_filter (void *opaque, int contro - /* Because 3DES is implicitly in the prefs, this can - only happen if we do not have any public keys in - the list. */ -- efx->cfx.dek->algo = DEFAULT_CIPHER_ALGO; -+ /* Libgcrypt manual says that gcry_version_check must be called -+before calling gcry_fips_mode_active. */ -+ gcry_check_version (NULL); -+ efx->cfx.dek->algo = gcry_fips_mode_active() ? CIPHER_ALGO_AES : DEFAULT_CIPHER_ALGO; - } - - /* In case 3DES has been selected, print a warning if -Index: gnup
commit gpg2 for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package gpg2 for openSUSE:Factory checked in
at 2022-08-10 17:12:29
Comparing /work/SRC/openSUSE:Factory/gpg2 (Old)
and /work/SRC/openSUSE:Factory/.gpg2.new.1521 (New)
Package is "gpg2"
Wed Aug 10 17:12:29 2022 rev:162 rq:993850 version:2.3.7
Changes:
--- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2022-07-31
23:00:28.827610941 +0200
+++ /work/SRC/openSUSE:Factory/.gpg2.new.1521/gpg2.changes 2022-08-10
17:12:37.949603455 +0200
@@ -1,0 +2,6 @@
+Mon Aug 8 18:00:44 UTC 2022 - Andreas Stieger
+
+- Fix YubiKey 5 Nano support (boo#1202201), add
+ gnupg-2.3.7-scd-openpgp-Fix-workaround-for-Yubikey-heuristics.patch
+
+---
New:
gnupg-2.3.7-scd-openpgp-Fix-workaround-for-Yubikey-heuristics.patch
Other differences:
--
++ gpg2.spec ++
--- /var/tmp/diff_new_pack.axRsrW/_old 2022-08-10 17:12:38.785605637 +0200
+++ /var/tmp/diff_new_pack.axRsrW/_new 2022-08-10 17:12:38.789605648 +0200
@@ -39,6 +39,7 @@
Patch8:
gnupg-accept_subkeys_with_a_good_revocation_but_no_self-sig_during_import.patch
Patch9: gnupg-add-test-cases-for-import-without-uid.patch
Patch10:
gnupg-allow-import-of-previously-known-keys-even-without-UIDs.patch
+Patch11:
gnupg-2.3.7-scd-openpgp-Fix-workaround-for-Yubikey-heuristics.patch
BuildRequires: expect
BuildRequires: fdupes
BuildRequires: ibmswtpm2
++ gnupg-2.3.7-scd-openpgp-Fix-workaround-for-Yubikey-heuristics.patch
++
>From f34b9147eb3070bce80d53febaa564164cd6c977 Mon Sep 17 00:00:00 2001
From: NIIBE Yutaka
Date: Wed, 13 Jul 2022 10:40:55 +0900
Subject: [PATCH] scd:openpgp: Fix workaround for Yubikey heuristics.
References: https://bugzilla.opensuse.org/show_bug.cgi?id=1202201
* scd/app-openpgp.c (parse_algorithm_attribute): Handle the case
of firmware 5.4, too.
--
GnuPG-bug-id: 6070
Signed-off-by: NIIBE Yutaka
---
scd/app-openpgp.c | 29 +
1 file changed, 21 insertions(+), 8 deletions(-)
diff --git a/scd/app-openpgp.c b/scd/app-openpgp.c
index 8bb346a86..4667416df 100644
--- a/scd/app-openpgp.c
+++ b/scd/app-openpgp.c
@@ -6259,15 +6259,28 @@ parse_algorithm_attribute (app_t app, int keyno)
app->app_local->keyattr[keyno].ecc.algo = *buffer;
app->app_local->keyattr[keyno].ecc.flags = 0;
- if (APP_CARD(app)->cardtype == CARDTYPE_YUBIKEY
- || buffer[buflen-1] == 0x00 || buffer[buflen-1] == 0xff)
-{ /* Found "pubkey required"-byte for private key template. */
- oidlen--;
- if (buffer[buflen-1] == 0xff)
-app->app_local->keyattr[keyno].ecc.flags |= ECC_FLAG_PUBKEY;
+ if (APP_CARD(app)->cardtype == CARDTYPE_YUBIKEY)
+{
+ /* Yubikey implementations vary.
+ * Firmware version 5.2 returns "pubkey required"-byte with
+ * 0x00, but after removal and second time insertion, it
+ * returns bogus value there.
+ * Firmware version 5.4 returns none.
+ */
+ curve = ecc_curve (buffer + 1, oidlen);
+ if (!curve)
+curve = ecc_curve (buffer + 1, oidlen - 1);
+}
+ else
+{
+ if (buffer[buflen-1] == 0x00 || buffer[buflen-1] == 0xff)
+{ /* Found "pubkey required"-byte for private key template. */
+ oidlen--;
+ if (buffer[buflen-1] == 0xff)
+app->app_local->keyattr[keyno].ecc.flags |= ECC_FLAG_PUBKEY;
+}
+ curve = ecc_curve (buffer + 1, oidlen);
}
-
- curve = ecc_curve (buffer + 1, oidlen);
if (!curve)
{
--
2.37.1
commit gpg2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2022-07-31 23:00:18 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.1533 (New) Package is "gpg2" Sun Jul 31 23:00:18 2022 rev:161 rq:989805 version:2.3.7 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2022-05-24 20:31:06.734905771 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new.1533/gpg2.changes 2022-07-31 23:00:28.827610941 +0200 @@ -1,0 +2,14 @@ +Tue Jul 12 22:06:02 UTC 2022 - Andreas Stieger + +- GnuPG 2.3.7: + * CVE-2022-34903: garbled status messages could trick gpgme and +other parsers to accept faked status lines [boo#1201225] + * A number of bug fixes to the gpg command line interface + * gpgsm gained a number of new options and got some rework on +the PKCS#12 parser to support DFN issues keys + * The gpg agent got some added options and UI tweaks + * smart card support got a number of bug fixes, and improved +support for Technology Nexus cards and Yubikey + * The Telesec ESIGN application is now supported + +--- Old: gnupg-2.3.6.tar.bz2 gnupg-2.3.6.tar.bz2.sig New: gnupg-2.3.7.tar.bz2 gnupg-2.3.7.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.o1Fmiy/_old 2022-07-31 23:00:29.587613149 +0200 +++ /var/tmp/diff_new_pack.o1Fmiy/_new 2022-07-31 23:00:29.591613160 +0200 @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.3.6 +Version:2.3.7 Release:0 Summary:File encryption, decryption, signature creation and verification utility License:GPL-3.0-or-later ++ gnupg-2.3.6.tar.bz2 -> gnupg-2.3.7.tar.bz2 ++ /work/SRC/openSUSE:Factory/gpg2/gnupg-2.3.6.tar.bz2 /work/SRC/openSUSE:Factory/.gpg2.new.1533/gnupg-2.3.7.tar.bz2 differ: char 11, line 1
commit gpg2 for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package gpg2 for openSUSE:Factory checked in
at 2022-05-24 20:30:53
Comparing /work/SRC/openSUSE:Factory/gpg2 (Old)
and /work/SRC/openSUSE:Factory/.gpg2.new.2254 (New)
Package is "gpg2"
Tue May 24 20:30:53 2022 rev:160 rq:978674 version:2.3.6
Changes:
--- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2022-05-08
21:52:40.319487249 +0200
+++ /work/SRC/openSUSE:Factory/.gpg2.new.2254/gpg2.changes 2022-05-24
20:31:06.734905771 +0200
@@ -1,0 +2,5 @@
+Mon May 16 09:12:06 UTC 2022 - Marcus Meissner
+
+- added tpm support, added a new subpackage gpg2-tpm
+
+---
Other differences:
--
++ gpg2.spec ++
--- /var/tmp/diff_new_pack.lhYrND/_old 2022-05-24 20:31:07.510906463 +0200
+++ /var/tmp/diff_new_pack.lhYrND/_new 2022-05-24 20:31:07.518906470 +0200
@@ -87,6 +87,15 @@
and providing access to OCSP providers. Dirmngr is invoked internally by gpg,
gpgsm, or via the gpg-connect-agent tool.
+%package tpm
+Summary:TPM2 support for GnuPG
+Group: Productivity/Networking/Security
+
+%description tpm
+Version 2.3 of GnuPG introduced support for converting GPG private
+keys to TPM2 wrapped form. This package enables that support. The
+keytotpm command will not function unless this package is installed.
+
%lang_package
%prep
@@ -105,6 +114,7 @@
--with-pinentry-pgm=%{_bindir}/pinentry \
--with-dirmngr-pgm=%{_bindir}/dirmngr \
--with-scdaemon-pgm=%{_bindir}/scdaemon \
+--with-tpm2daemon-pgm=%{_bindir}/tpm2daemon \
--enable-ldap \
--enable-gpgsm=yes \
--enable-gpgtar \
@@ -136,6 +146,8 @@
# install scdaemon to %%{_bindir} (bnc#863645)
mv %{buildroot}%{_libdir}/scdaemon %{buildroot}%{_bindir}
mv %{buildroot}%{_libdir}/dirmngr_ldap %{buildroot}%{_bindir}
+# install tpm2daemon
+mv %{buildroot}%{_libdir}/tpm2daemon %{buildroot}%{_bindir}
# install udev rules for scdaemon
install -Dm 0644 %{SOURCE4} %{buildroot}%{_udevrulesdir}/60-scdaemon.rules
@@ -162,6 +174,7 @@
%exclude %{_docdir}/%{name}/examples/systemd-user/dirmngr.*
%doc %{_docdir}/%{name}
%exclude %{_bindir}/dirmngr*
+%exclude %{_bindir}/tpm2daemon*
%{_bindir}/*
%{_libdir}/[^d]*
%{_sbindir}/addgnupghome
@@ -178,4 +191,7 @@
%{_docdir}/%{name}/examples/systemd-user/dirmngr.*
%{_bindir}/dirmngr*
+%files tpm
+%{_bindir}/tpm2daemon*
+
%changelog
commit gpg2 for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package gpg2 for openSUSE:Factory checked in
at 2022-05-08 21:52:27
Comparing /work/SRC/openSUSE:Factory/gpg2 (Old)
and /work/SRC/openSUSE:Factory/.gpg2.new.1538 (New)
Package is "gpg2"
Sun May 8 21:52:27 2022 rev:159 rq:975336 version:2.3.6
Changes:
--- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2021-12-23
17:53:48.763721469 +0100
+++ /work/SRC/openSUSE:Factory/.gpg2.new.1538/gpg2.changes 2022-05-08
21:52:40.319487249 +0200
@@ -1,0 +2,11 @@
+Mon Apr 25 19:09:32 UTC 2022 - Andreas Stieger
+
+- GnuPG 2.3.6:
+ * Up to five times faster verification of detached signatures,
+doubled detached signing speed, threefold decryption speedup
+for large files, nearly double the AES256.OCB encryption speed
+ * Add support for GeNUA cards
+ * Added and improved options for crypto options, and all-around
+bug fixes
+
+---
Old:
gnupg-2.3.4.tar.bz2
gnupg-2.3.4.tar.bz2.sig
New:
gnupg-2.3.6.tar.bz2
gnupg-2.3.6.tar.bz2.sig
Other differences:
--
++ gpg2.spec ++
--- /var/tmp/diff_new_pack.bWIMig/_old 2022-05-08 21:52:41.127488265 +0200
+++ /var/tmp/diff_new_pack.bWIMig/_new 2022-05-08 21:52:41.131488271 +0200
@@ -1,7 +1,7 @@
#
# spec file for package gpg2
#
-# Copyright (c) 2021 SUSE LLC
+# Copyright (c) 2022 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -17,7 +17,7 @@
Name: gpg2
-Version:2.3.4
+Version:2.3.6
Release:0
Summary:File encryption, decryption, signature creation and
verification utility
License:GPL-3.0-or-later
@@ -26,7 +26,7 @@
Source: https://gnupg.org/ftp/gcrypt/gnupg/gnupg-%{version}.tar.bz2
Source2:https://gnupg.org/ftp/gcrypt/gnupg/gnupg-%{version}.tar.bz2.sig
# https://www.gnupg.org/signature_key.html
-Source3:%{name}.keyring
+Source3:https://gnupg.org/signature_key.asc#/%{name}.keyring
Source4:scdaemon.udev
Source99: %{name}.changes
Patch1: gnupg-gpg-agent-ulimit.patch
++ gnupg-2.3.4.tar.bz2 -> gnupg-2.3.6.tar.bz2 ++
/work/SRC/openSUSE:Factory/gpg2/gnupg-2.3.4.tar.bz2
/work/SRC/openSUSE:Factory/.gpg2.new.1538/gnupg-2.3.6.tar.bz2 differ: char 11,
line 1
++ gnupg-add_legacy_FIPS_mode_option.patch ++
--- /var/tmp/diff_new_pack.bWIMig/_old 2022-05-08 21:52:41.183488336 +0200
+++ /var/tmp/diff_new_pack.bWIMig/_new 2022-05-08 21:52:41.183488336 +0200
@@ -3,11 +3,11 @@
g10/gpg.c|9 +
2 files changed, 27 insertions(+)
-Index: gnupg-2.3.4/doc/gpg.texi
+Index: gnupg-2.3.5/doc/gpg.texi
===
gnupg-2.3.4.orig/doc/gpg.texi
-+++ gnupg-2.3.4/doc/gpg.texi
-@@ -2196,6 +2196,24 @@ implies, this option is for experts only
+--- gnupg-2.3.5.orig/doc/gpg.texi
gnupg-2.3.5/doc/gpg.texi
+@@ -2197,6 +2197,24 @@ implies, this option is for experts only
understand the implications of what it allows you to do, leave this
off. @option{--no-expert} disables this option.
@@ -32,19 +32,19 @@
@end table
-Index: gnupg-2.3.4/g10/gpg.c
+Index: gnupg-2.3.5/g10/gpg.c
===
gnupg-2.3.4.orig/g10/gpg.c
-+++ gnupg-2.3.4/g10/gpg.c
-@@ -442,6 +442,7 @@ enum cmd_and_opt_values
- oChUid,
+--- gnupg-2.3.5.orig/g10/gpg.c
gnupg-2.3.5/g10/gpg.c
+@@ -443,6 +443,7 @@ enum cmd_and_opt_values
oForceSignKey,
oForbidGenKey,
+ oRequireCompliance,
+oSetLegacyFips,
oNoop
};
-@@ -877,6 +878,7 @@ static gpgrt_opt_t opts[] = {
+@@ -878,6 +879,7 @@ static gpgrt_opt_t opts[] = {
ARGPARSE_s_s (oDigestAlgo, "digest-algo", "@"),
ARGPARSE_s_s (oCertDigestAlgo, "cert-digest-algo", "@"),
ARGPARSE_s_n (oOverrideComplianceCheck, "override-compliance-check", "@"),
@@ -52,8 +52,8 @@
ARGPARSE_header (NULL, N_("Options for unattended use")),
-@@ -3725,6 +3727,14 @@ main (int argc, char **argv)
- mopt.forbid_gen_key = 1;
+@@ -3737,6 +3739,14 @@ main (int argc, char **argv)
+ opt.flags.require_compliance = 1;
break;
+ case oSetLegacyFips:
++ gpg2.keyring ++
--- /var/tmp/diff_new_pack.bWIMig/_old 2022-05-08 21:52:41.207488366 +0200
+++ /var/tmp/diff_new_pack.bWIMig/_new 2022-05-08 21:52:41.211488371 +0200
@@ -1,66 +1,87 @@
-BEGIN PGP PUBLIC KEY BLOCK-
-mQENBE0ti4EBCACqGtKlX9jI/enhlBdy2cyQP6Q7JoyxtaG6/ckAKWHYrqFTQk3I
-Ue8TuDrGT742XFncG9PoMBfJDUNltIPgKFn8E
commit gpg2 for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package gpg2 for openSUSE:Factory checked in
at 2021-12-23 17:53:35
Comparing /work/SRC/openSUSE:Factory/gpg2 (Old)
and /work/SRC/openSUSE:Factory/.gpg2.new.2520 (New)
Package is "gpg2"
Thu Dec 23 17:53:35 2021 rev:158 rq:942136 version:2.3.4
Changes:
--- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2021-11-27
00:51:35.266747498 +0100
+++ /work/SRC/openSUSE:Factory/.gpg2.new.2520/gpg2.changes 2021-12-23
17:53:48.763721469 +0100
@@ -1,0 +2,25 @@
+Wed Dec 22 16:08:08 UTC 2021 - Andreas Stieger
+
+- GnuPG 2.3.4:
+ * gpg: New option --min-rsa-length
+ * gpg: New option --forbid-gen-key
+ * gpg: New option --override-compliance-check
+ * gpgconf: New command --show-configs
+ * agent,dirmngr,keyboxd: New option --steal-socket
+ * gpg: Fix printing of binary notations
+ * gpg: Remove stale ultimately trusted keys from the trustdb
+ * gpg: Fix indentation of --print-mds and --print-md sha512
+ * gpg: Emit gpg 2.2 compatible Ed25519 signature
+ * gpgsm: Detect circular chains in --list-chain
+ * dirmngr: Make reading resolv.conf more robust
+ * dirmngr: Ask keyservers to provide the key fingerprints
+ * gpgconf: Allow changing gpg's deprecated keyserver option
+ * gpg-wks-server: Fix created file permissions
+ * scd: Support longer data for ssh-agent authentication with
+openpgp cards
+ * scd: Modify DEVINFO behavior to support looping forever
+ * Silence warning about the rootdir under Unices w/o a mounted
+/proc file system
+ * Fix possible build problems about missing include files
+
+---
Old:
gnupg-2.3.3.tar.bz2
gnupg-2.3.3.tar.bz2.sig
New:
gnupg-2.3.4.tar.bz2
gnupg-2.3.4.tar.bz2.sig
Other differences:
--
++ gpg2.spec ++
--- /var/tmp/diff_new_pack.zTNDd1/_old 2021-12-23 17:53:49.383721854 +0100
+++ /var/tmp/diff_new_pack.zTNDd1/_new 2021-12-23 17:53:49.387721856 +0100
@@ -17,7 +17,7 @@
Name: gpg2
-Version:2.3.3
+Version:2.3.4
Release:0
Summary:File encryption, decryption, signature creation and
verification utility
License:GPL-3.0-or-later
++ gnupg-2.3.3.tar.bz2 -> gnupg-2.3.4.tar.bz2 ++
/work/SRC/openSUSE:Factory/gpg2/gnupg-2.3.3.tar.bz2
/work/SRC/openSUSE:Factory/.gpg2.new.2520/gnupg-2.3.4.tar.bz2 differ: char 11,
line 1
++ gnupg-add_legacy_FIPS_mode_option.patch ++
--- /var/tmp/diff_new_pack.zTNDd1/_old 2021-12-23 17:53:49.435721886 +0100
+++ /var/tmp/diff_new_pack.zTNDd1/_new 2021-12-23 17:53:49.439721888 +0100
@@ -3,11 +3,11 @@
g10/gpg.c|9 +
2 files changed, 27 insertions(+)
-Index: gnupg-2.3.0/doc/gpg.texi
+Index: gnupg-2.3.4/doc/gpg.texi
===
gnupg-2.3.0.orig/doc/gpg.texi
-+++ gnupg-2.3.0/doc/gpg.texi
-@@ -2178,6 +2178,24 @@ implies, this option is for experts only
+--- gnupg-2.3.4.orig/doc/gpg.texi
gnupg-2.3.4/doc/gpg.texi
+@@ -2196,6 +2196,24 @@ implies, this option is for experts only
understand the implications of what it allows you to do, leave this
off. @option{--no-expert} disables this option.
@@ -32,28 +32,28 @@
@end table
-Index: gnupg-2.3.0/g10/gpg.c
+Index: gnupg-2.3.4/g10/gpg.c
===
gnupg-2.3.0.orig/g10/gpg.c
-+++ gnupg-2.3.0/g10/gpg.c
-@@ -437,6 +437,7 @@ enum cmd_and_opt_values
- oNoIncludeKeyBlock,
+--- gnupg-2.3.4.orig/g10/gpg.c
gnupg-2.3.4/g10/gpg.c
+@@ -442,6 +442,7 @@ enum cmd_and_opt_values
oChUid,
oForceSignKey,
+ oForbidGenKey,
+oSetLegacyFips,
oNoop
};
-@@ -870,6 +871,7 @@ static gpgrt_opt_t opts[] = {
- ARGPARSE_s_s (oAEADAlgo, "aead-algo", "@"),
+@@ -877,6 +878,7 @@ static gpgrt_opt_t opts[] = {
ARGPARSE_s_s (oDigestAlgo, "digest-algo", "@"),
ARGPARSE_s_s (oCertDigestAlgo, "cert-digest-algo", "@"),
+ ARGPARSE_s_n (oOverrideComplianceCheck, "override-compliance-check", "@"),
+ ARGPARSE_s_n (oSetLegacyFips, "set-legacy-fips", "@"),
ARGPARSE_header (NULL, N_("Options for unattended use")),
-@@ -3688,6 +3690,14 @@ main (int argc, char **argv)
- opt.flags.full_timestrings = 1;
+@@ -3725,6 +3727,14 @@ main (int argc, char **argv)
+ mopt.forbid_gen_key = 1;
break;
+ case oSetLegacyFips:
commit gpg2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2021-11-27 00:50:50 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.1895 (New) Package is "gpg2" Sat Nov 27 00:50:50 2021 rev:157 rq:933499 version:2.3.3 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2021-10-22 14:39:52.546630345 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new.1895/gpg2.changes 2021-11-27 00:51:35.266747498 +0100 @@ -1,0 +2,148 @@ +Tue Oct 12 19:20:50 UTC 2021 - Andreas Stieger + +- GnuPG 2.3.3: + * agent: Fix segv in GET_PASSPHRASE (regression) + * dirmngr: Fix Let's Encrypt certificate chain validation + * gpg: Change default and maximum AEAD chunk size to 4 MiB + * gpg: Print a warning when importing a bad cv25519 secret key + * gpg: Fix --list-packets for undecryptable AEAD packets + * gpg: Verify backsigs for v5 keys correctly + * keyboxd: Fix checksum computation for no UBID entry on disk + * keyboxd: Fix "invalid object" error with cv448 keys + * dirmngr: New option --ignore-cert + * agent: Fix calibrate_get_time use of clock_gettime + * Support a gpgconf.ctl file under Unix and use this for the +regression tests + +--- +Wed Aug 25 10:01:38 UTC 2021 - Pedro Monreal + +- GnuPG 2.3.2: + * gpg: Allow fingerprint based lookup with --locate-external-key. + * gpg: Allow decryption w/o public key but with correct card inserted. + * gpg: Auto import keys specified with --trusted-keys. + * gpg: Do not use import-clean for LDAP keyserver imports. + * gpg: Fix mailbox based search via AKL keyserver method. + * gpg: Fix memory corruption with --clearsign introduced with 2.3.1. + * gpg: Use a more descriptive prompt for symmetric decryption. + * gpg: Improve speed of secret key listing. + * gpg: Support keygrip search with traditional keyring. + * gpg: Let --fetch-key return an exit code on failure. + * gpg: Emit the NO_SECKEY status again for decryption. + * gpgsm: Support decryption of password based encryption (pwri). + * gpgsm: Support AES-GCM decryption. + * gpgsm: Let --dump-cert --show-cert also print an OpenPGP fingerprint. + * gpgsm: Fix finding of issuer in use-keyboxd mode. + * gpgsm: New option --ldapserver as an alias for --keyserver. + * agent: Use SHA-256 for SSH fingerprint by default. + * agent: Fix calling handle_pincache_put. + * agent: Fix importing protected secret key. + * agent: Fix a regression in agent_get_shadow_info_type. + * agent: Add translatable text for Caps Lock hint. + * agent: New option --pinentry-formatted-passphrase. + * agent: Add checkpin inquiry for pinentry. + * agent: New option --check-sym-passphrase-pattern. + * agent: Use the sysconfdir for a pattern file. + * agent: Make QT_QPA_PLATFORMTHEME=qt5ct work for the pinentry. + * dirmngr: LDAP search by a mailbox now ignores revoked keys. + * dirmngr: For KS_SEARCH return the fingerprint also with LDAP. + * dirmngr: Allow for non-URL specified ldap keyservers. + * dirmngr: New option --ldapserver. + * dirmngr: Fix regression in KS_GET for mail address pattern. + * card: New option --shadow for the list command. + * tests: Make sure the built keyboxd is used. + * scd: Fix computing shared secrets for 512 bit curves. + * scd: Fix unblock PIN by a Reset Code with KDF. + * scd: Fix PC/SC removed card problem. + * scd: Recover the partial match for PORTSTR for PC/SC. + * scd: Make sure to release the PC/SC context. + * scd: Fix zero-byte handling in ECC. + * scd: Fix serial number detection for Yubikey 5. + * scd: Add basic support for AET JCOP cards. + * scd: Detect external interference when --pcsc-shared is in use. + * scd: Fix access to the list of cards. + * gpgconf: Do not list a disabled tpm2d. + * gpgconf: Make runtime changes with different homedir work. + * keyboxd: Fix searching for exact mail adddress. + * keyboxd: Fix searching with multiple patterns. + * tools: Extend gpg-check-pattern. + * wkd: Fix client issue with leading or trailing spaces in user-ids. + * Pass XDG_SESSION_TYPE and QT_QPA_PLATFORM envvars to Pinentry. + * Change the default keyserver to keyserver.ubuntu.com. This is a +temporary change due to the shutdown of the SKS keyserver pools. + +--- +Fri Jun 11 12:19:16 UTC 2021 - Pedro Monreal + +- GnuPG 2.3.1: + * The new configuration file common.conf is now used to enable +the use of the key database daemon with "use-keyboxd". Using +this option in gpg.conf and gpgsm.conf is supported for a +transitional period. See doc/example/common.conf for more. + * gpg: Force version 5 key creation for ed448 and cv448 a
commit gpg2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2021-10-22 14:39:51 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.1890 (New) Package is "gpg2" Fri Oct 22 14:39:51 2021 rev:156 rq: version:2.2.27 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2021-10-20 20:23:59.941367510 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new.1890/gpg2.changes 2021-10-22 14:39:52.546630345 +0200 @@ -2,148 +1,0 @@ -Tue Oct 12 19:20:50 UTC 2021 - Andreas Stieger - -- GnuPG 2.3.3: - * agent: Fix segv in GET_PASSPHRASE (regression) - * dirmngr: Fix Let's Encrypt certificate chain validation - * gpg: Change default and maximum AEAD chunk size to 4 MiB - * gpg: Print a warning when importing a bad cv25519 secret key - * gpg: Fix --list-packets for undecryptable AEAD packets - * gpg: Verify backsigs for v5 keys correctly - * keyboxd: Fix checksum computation for no UBID entry on disk - * keyboxd: Fix "invalid object" error with cv448 keys - * dirmngr: New option --ignore-cert - * agent: Fix calibrate_get_time use of clock_gettime - * Support a gpgconf.ctl file under Unix and use this for the -regression tests - -Wed Aug 25 10:01:38 UTC 2021 - Pedro Monreal - -- GnuPG 2.3.2: - * gpg: Allow fingerprint based lookup with --locate-external-key. - * gpg: Allow decryption w/o public key but with correct card inserted. - * gpg: Auto import keys specified with --trusted-keys. - * gpg: Do not use import-clean for LDAP keyserver imports. - * gpg: Fix mailbox based search via AKL keyserver method. - * gpg: Fix memory corruption with --clearsign introduced with 2.3.1. - * gpg: Use a more descriptive prompt for symmetric decryption. - * gpg: Improve speed of secret key listing. - * gpg: Support keygrip search with traditional keyring. - * gpg: Let --fetch-key return an exit code on failure. - * gpg: Emit the NO_SECKEY status again for decryption. - * gpgsm: Support decryption of password based encryption (pwri). - * gpgsm: Support AES-GCM decryption. - * gpgsm: Let --dump-cert --show-cert also print an OpenPGP fingerprint. - * gpgsm: Fix finding of issuer in use-keyboxd mode. - * gpgsm: New option --ldapserver as an alias for --keyserver. - * agent: Use SHA-256 for SSH fingerprint by default. - * agent: Fix calling handle_pincache_put. - * agent: Fix importing protected secret key. - * agent: Fix a regression in agent_get_shadow_info_type. - * agent: Add translatable text for Caps Lock hint. - * agent: New option --pinentry-formatted-passphrase. - * agent: Add checkpin inquiry for pinentry. - * agent: New option --check-sym-passphrase-pattern. - * agent: Use the sysconfdir for a pattern file. - * agent: Make QT_QPA_PLATFORMTHEME=qt5ct work for the pinentry. - * dirmngr: LDAP search by a mailbox now ignores revoked keys. - * dirmngr: For KS_SEARCH return the fingerprint also with LDAP. - * dirmngr: Allow for non-URL specified ldap keyservers. - * dirmngr: New option --ldapserver. - * dirmngr: Fix regression in KS_GET for mail address pattern. - * card: New option --shadow for the list command. - * tests: Make sure the built keyboxd is used. - * scd: Fix computing shared secrets for 512 bit curves. - * scd: Fix unblock PIN by a Reset Code with KDF. - * scd: Fix PC/SC removed card problem. - * scd: Recover the partial match for PORTSTR for PC/SC. - * scd: Make sure to release the PC/SC context. - * scd: Fix zero-byte handling in ECC. - * scd: Fix serial number detection for Yubikey 5. - * scd: Add basic support for AET JCOP cards. - * scd: Detect external interference when --pcsc-shared is in use. - * scd: Fix access to the list of cards. - * gpgconf: Do not list a disabled tpm2d. - * gpgconf: Make runtime changes with different homedir work. - * keyboxd: Fix searching for exact mail adddress. - * keyboxd: Fix searching with multiple patterns. - * tools: Extend gpg-check-pattern. - * wkd: Fix client issue with leading or trailing spaces in user-ids. - * Pass XDG_SESSION_TYPE and QT_QPA_PLATFORM envvars to Pinentry. - * Change the default keyserver to keyserver.ubuntu.com. This is a -temporary change due to the shutdown of the SKS keyserver pools. - -Fri Jun 11 12:19:16 UTC 2021 - Pedro Monreal - -- GnuPG 2.3.1: - * The new configuration file common.conf is now used to enable -the use of the key database daemon with "use-keyboxd". Using -this option in gpg.conf and gpgsm.conf is supported for a -transitional period. See doc/example/common.conf for more. - * gpg: Force version 5 key creation for ed448 and cv448 algori
commit gpg2 for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2021-10-20 20:23:18 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.1890 (New) Package is "gpg2" Wed Oct 20 20:23:18 2021 rev:155 rq:925429 version:2.3.3 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2021-06-15 16:37:06.985670565 +0200 +++ /work/SRC/openSUSE:Factory/.gpg2.new.1890/gpg2.changes 2021-10-20 20:23:59.941367510 +0200 @@ -1,0 +2,148 @@ +Tue Oct 12 19:20:50 UTC 2021 - Andreas Stieger + +- GnuPG 2.3.3: + * agent: Fix segv in GET_PASSPHRASE (regression) + * dirmngr: Fix Let's Encrypt certificate chain validation + * gpg: Change default and maximum AEAD chunk size to 4 MiB + * gpg: Print a warning when importing a bad cv25519 secret key + * gpg: Fix --list-packets for undecryptable AEAD packets + * gpg: Verify backsigs for v5 keys correctly + * keyboxd: Fix checksum computation for no UBID entry on disk + * keyboxd: Fix "invalid object" error with cv448 keys + * dirmngr: New option --ignore-cert + * agent: Fix calibrate_get_time use of clock_gettime + * Support a gpgconf.ctl file under Unix and use this for the +regression tests + +--- +Wed Aug 25 10:01:38 UTC 2021 - Pedro Monreal + +- GnuPG 2.3.2: + * gpg: Allow fingerprint based lookup with --locate-external-key. + * gpg: Allow decryption w/o public key but with correct card inserted. + * gpg: Auto import keys specified with --trusted-keys. + * gpg: Do not use import-clean for LDAP keyserver imports. + * gpg: Fix mailbox based search via AKL keyserver method. + * gpg: Fix memory corruption with --clearsign introduced with 2.3.1. + * gpg: Use a more descriptive prompt for symmetric decryption. + * gpg: Improve speed of secret key listing. + * gpg: Support keygrip search with traditional keyring. + * gpg: Let --fetch-key return an exit code on failure. + * gpg: Emit the NO_SECKEY status again for decryption. + * gpgsm: Support decryption of password based encryption (pwri). + * gpgsm: Support AES-GCM decryption. + * gpgsm: Let --dump-cert --show-cert also print an OpenPGP fingerprint. + * gpgsm: Fix finding of issuer in use-keyboxd mode. + * gpgsm: New option --ldapserver as an alias for --keyserver. + * agent: Use SHA-256 for SSH fingerprint by default. + * agent: Fix calling handle_pincache_put. + * agent: Fix importing protected secret key. + * agent: Fix a regression in agent_get_shadow_info_type. + * agent: Add translatable text for Caps Lock hint. + * agent: New option --pinentry-formatted-passphrase. + * agent: Add checkpin inquiry for pinentry. + * agent: New option --check-sym-passphrase-pattern. + * agent: Use the sysconfdir for a pattern file. + * agent: Make QT_QPA_PLATFORMTHEME=qt5ct work for the pinentry. + * dirmngr: LDAP search by a mailbox now ignores revoked keys. + * dirmngr: For KS_SEARCH return the fingerprint also with LDAP. + * dirmngr: Allow for non-URL specified ldap keyservers. + * dirmngr: New option --ldapserver. + * dirmngr: Fix regression in KS_GET for mail address pattern. + * card: New option --shadow for the list command. + * tests: Make sure the built keyboxd is used. + * scd: Fix computing shared secrets for 512 bit curves. + * scd: Fix unblock PIN by a Reset Code with KDF. + * scd: Fix PC/SC removed card problem. + * scd: Recover the partial match for PORTSTR for PC/SC. + * scd: Make sure to release the PC/SC context. + * scd: Fix zero-byte handling in ECC. + * scd: Fix serial number detection for Yubikey 5. + * scd: Add basic support for AET JCOP cards. + * scd: Detect external interference when --pcsc-shared is in use. + * scd: Fix access to the list of cards. + * gpgconf: Do not list a disabled tpm2d. + * gpgconf: Make runtime changes with different homedir work. + * keyboxd: Fix searching for exact mail adddress. + * keyboxd: Fix searching with multiple patterns. + * tools: Extend gpg-check-pattern. + * wkd: Fix client issue with leading or trailing spaces in user-ids. + * Pass XDG_SESSION_TYPE and QT_QPA_PLATFORM envvars to Pinentry. + * Change the default keyserver to keyserver.ubuntu.com. This is a +temporary change due to the shutdown of the SKS keyserver pools. + +--- +Fri Jun 11 12:19:16 UTC 2021 - Pedro Monreal + +- GnuPG 2.3.1: + * The new configuration file common.conf is now used to enable +the use of the key database daemon with "use-keyboxd". Using +this option in gpg.conf and gpgsm.conf is supported for a +transitional period. See doc/example/common.conf for more. + * gpg: Force version 5 key creation for ed448 and cv448 a
commit gpg2 for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package gpg2 for openSUSE:Factory checked in
at 2021-06-15 16:36:49
Comparing /work/SRC/openSUSE:Factory/gpg2 (Old)
and /work/SRC/openSUSE:Factory/.gpg2.new.32437 (New)
Package is "gpg2"
Tue Jun 15 16:36:49 2021 rev:154 rq:899427 version:2.2.27
Changes:
--- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2021-01-19
15:59:34.151141885 +0100
+++ /work/SRC/openSUSE:Factory/.gpg2.new.32437/gpg2.changes 2021-06-15
16:37:06.985670565 +0200
@@ -1,0 +2,9 @@
+Wed Apr 7 20:56:23 UTC 2021 - Andreas Stieger
+
+- Remove the "files-are-digests" option from the openSUSE package.
+ This feature was not upstream and only used in the OBS signing
+ daemon. The recommended upstream feature for separating the data
+ to be signed from the private keys is gpg agent forwarding,
+ available from 2.1. Drop gnupg-2.2.8-files-are-digests.patch
+
+---
Old:
gnupg-2.2.8-files-are-digests.patch
Other differences:
--
++ gpg2.spec ++
--- /var/tmp/diff_new_pack.q2KT4t/_old 2021-06-15 16:37:07.561671563 +0200
+++ /var/tmp/diff_new_pack.q2KT4t/_new 2021-06-15 16:37:07.561671563 +0200
@@ -30,7 +30,6 @@
Source4:scdaemon.udev
Source99: %{name}.changes
Patch4: gnupg-2.0.9-langinfo.patch
-Patch5: gnupg-2.2.8-files-are-digests.patch
Patch6: gnupg-dont-fail-with-seahorse-agent.patch
Patch8: gnupg-set_umask_before_open_outfile.patch
Patch9: gnupg-detect_FIPS_mode.patch
@@ -65,8 +64,6 @@
Provides: gnupg = %{version}
Provides: gpg = 1.4.9
Provides: newpg
-# special feature needed for OBS signd
-Provides: gpg2_signd_support
Obsoletes: gpg < 1.4.9
%description
@@ -94,7 +91,6 @@
%setup -q -n gnupg-%{version}
%patch1124847 -p1
%patch4 -p1
-%patch5 -p1
%patch6 -p1
%patch8 -p1
%patch9 -p1
commit gpg2 for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package gpg2 for openSUSE:Factory checked in
at 2021-01-19 15:59:07
Comparing /work/SRC/openSUSE:Factory/gpg2 (Old)
and /work/SRC/openSUSE:Factory/.gpg2.new.28504 (New)
Package is "gpg2"
Tue Jan 19 15:59:07 2021 rev:153 rq:863296 version:2.2.27
Changes:
--- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2020-11-29
12:20:05.969496743 +0100
+++ /work/SRC/openSUSE:Factory/.gpg2.new.28504/gpg2.changes 2021-01-19
15:59:34.151141885 +0100
@@ -1,0 +2,21 @@
+Tue Jan 12 22:45:11 UTC 2021 - Andreas Stieger
+
+- GnuPG 2.2.27:
+ * gpgconf: Fix case with neither local nor global gpg.conf
+ * gpgconf: Fix description of two new options
+- includes changes from 2.2.26:
+ * gpg: New AKL method "ntds"
+ * gpg: Fix --trusted-key with fingerprint arg
+ * scd: Fix writing of ECC keys to an OpenPGP card
+ * scd: Make an USB error fix specific to SPR532 readers
+ * dirmngr: With new LDAP keyservers store the new attributes.
+Never store the useless pgpSignerID. Fix a long standing
+bug storing some keys on an ldap server.
+ * dirmngr: Support the new Active Direcory LDAP schema for
+keyservers
+ * dirmngr: Allow LDAP OpenPGP searches via fingerprint
+ * dirmngr: Do not block other threads during keyserver LDAP calls
+ * Support global configuration files
+ * Fix the iconv fallback handling to UTF-8
+
+---
Old:
gnupg-2.2.25.tar.bz2
gnupg-2.2.25.tar.bz2.sig
New:
gnupg-2.2.27.tar.bz2
gnupg-2.2.27.tar.bz2.sig
Other differences:
--
++ gpg2.spec ++
--- /var/tmp/diff_new_pack.o1Z3sf/_old 2021-01-19 15:59:34.943143081 +0100
+++ /var/tmp/diff_new_pack.o1Z3sf/_new 2021-01-19 15:59:34.943143081 +0100
@@ -1,7 +1,7 @@
#
# spec file for package gpg2
#
-# Copyright (c) 2020 SUSE LLC
+# Copyright (c) 2021 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -17,7 +17,7 @@
Name: gpg2
-Version:2.2.25
+Version:2.2.27
Release:0
Summary:File encryption, decryption, signature creation and
verification utility
License:GPL-3.0-or-later
@@ -61,7 +61,6 @@
Requires: libgcrypt20 >= 1.8.0
Requires: libksba >= 1.3.5
Requires: pinentry
-Requires(post): %{install_info_prereq}
Recommends: dirmngr = %{version}
Provides: gnupg = %{version}
Provides: gpg = 1.4.9
@@ -165,10 +164,6 @@
%post
%udev_rules_update
-%install_info --info-dir=%{_infodir} %{_infodir}/gnupg.info.gz
-
-%preun
-%install_info_delete --info-dir=%{_infodir} %{_infodir}/gnupg.info.gz
%files lang -f gnupg2.lang
++ gnupg-2.2.25.tar.bz2 -> gnupg-2.2.27.tar.bz2 ++
/work/SRC/openSUSE:Factory/gpg2/gnupg-2.2.25.tar.bz2
/work/SRC/openSUSE:Factory/.gpg2.new.28504/gnupg-2.2.27.tar.bz2 differ: char
11, line 1
++ gnupg-2.2.8-files-are-digests.patch ++
--- /var/tmp/diff_new_pack.o1Z3sf/_old 2021-01-19 15:59:35.003143172 +0100
+++ /var/tmp/diff_new_pack.o1Z3sf/_new 2021-01-19 15:59:35.007143178 +0100
@@ -4,11 +4,11 @@
g10/sign.c| 68
--
3 files changed, 67 insertions(+), 6 deletions(-)
-Index: gnupg-2.2.20/g10/gpg.c
+Index: gnupg-2.2.27/g10/gpg.c
===
gnupg-2.2.20.orig/g10/gpg.c
-+++ gnupg-2.2.20/g10/gpg.c
-@@ -380,6 +380,7 @@ enum cmd_and_opt_values
+--- gnupg-2.2.27.orig/g10/gpg.c
gnupg-2.2.27/g10/gpg.c
+@@ -382,6 +382,7 @@ enum cmd_and_opt_values
oTTYtype,
oLCctype,
oLCmessages,
@@ -16,7 +16,7 @@
oXauthority,
oGroup,
oUnGroup,
-@@ -834,6 +835,7 @@ static ARGPARSE_OPTS opts[] = {
+@@ -838,6 +839,7 @@ static ARGPARSE_OPTS opts[] = {
ARGPARSE_s_s (oWeakDigest, "weak-digest","@"),
ARGPARSE_s_n (oUnwrap, "unwrap", "@"),
ARGPARSE_s_n (oOnlySignTextIDs, "only-sign-text-ids", "@"),
@@ -24,7 +24,7 @@
/* Aliases. I constantly mistype these, and assume other people do
as well. */
-@@ -2421,6 +2423,7 @@ main (int argc, char **argv)
+@@ -2372,6 +2374,7 @@ main (int argc, char **argv)
opt.def_cert_expire = "0";
gnupg_set_homedir (NULL);
opt.passphrase_repeat = 1;
@@ -32,7 +32,7 @@
opt.emit_version = 0;
opt.weak_digests = NULL;
-@@ -2997,6 +3000,7 @@ main (int argc, char **argv)
+@@ -2944,6 +2947,7 @@ main (int argc, char **argv)
opt.verify_options&=~VERIFY_SHOW_PHOTOS;
break;
case oPhotoViewer: opt.photo_viewer = pargs.r.ret_str; break;
@@ -40,
[opensuse-commit] commit gpg2 for openSUSE:Factory
Hello community, here is the log from the commit of package gpg2 for openSUSE:Factory checked in at 2020-11-29 12:20:02 Comparing /work/SRC/openSUSE:Factory/gpg2 (Old) and /work/SRC/openSUSE:Factory/.gpg2.new.5913 (New) Package is "gpg2" Sun Nov 29 12:20:02 2020 rev:152 rq:850962 version:2.2.25 Changes: --- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2020-11-23 10:29:38.465305429 +0100 +++ /work/SRC/openSUSE:Factory/.gpg2.new.5913/gpg2.changes 2020-11-29 12:20:05.969496743 +0100 @@ -1,0 +2,9 @@ +Mon Nov 23 22:36:17 UTC 2020 - Andreas Stieger + +- GnuPG 2.2.25: + * scd: Fix regression in 2.2.24 requiring gpg --card-status +before signing or decrypting + * gpgsm: Using Libksba 1.5.0 signatures with a rarely used +combination of attributes can now be verified + +--- Old: gnupg-2.2.24.tar.bz2 gnupg-2.2.24.tar.bz2.sig New: gnupg-2.2.25.tar.bz2 gnupg-2.2.25.tar.bz2.sig Other differences: -- ++ gpg2.spec ++ --- /var/tmp/diff_new_pack.1WlwZ2/_old 2020-11-29 12:20:07.013497798 +0100 +++ /var/tmp/diff_new_pack.1WlwZ2/_new 2020-11-29 12:20:07.013497798 +0100 @@ -17,7 +17,7 @@ Name: gpg2 -Version:2.2.24 +Version:2.2.25 Release:0 Summary:File encryption, decryption, signature creation and verification utility License:GPL-3.0-or-later ++ gnupg-2.2.24.tar.bz2 -> gnupg-2.2.25.tar.bz2 ++ /work/SRC/openSUSE:Factory/gpg2/gnupg-2.2.24.tar.bz2 /work/SRC/openSUSE:Factory/.gpg2.new.5913/gnupg-2.2.25.tar.bz2 differ: char 11, line 1 ___ openSUSE Commits mailing list -- commit@lists.opensuse.org To unsubscribe, email commit-le...@lists.opensuse.org List Netiquette: https://en.opensuse.org/openSUSE:Mailing_list_netiquette List Archives: https://lists.opensuse.org/archives/list/commit@lists.opensuse.org
[opensuse-commit] commit gpg2 for openSUSE:Factory
Hello community,
here is the log from the commit of package gpg2 for openSUSE:Factory checked in
at 2020-11-21 12:40:12
Comparing /work/SRC/openSUSE:Factory/gpg2 (Old)
and /work/SRC/openSUSE:Factory/.gpg2.new.5913 (New)
Package is "gpg2"
Sat Nov 21 12:40:12 2020 rev:151 rq:849250 version:2.2.24
Changes:
--- /work/SRC/openSUSE:Factory/gpg2/gpg2.changes2020-09-06
00:00:44.759204072 +0200
+++ /work/SRC/openSUSE:Factory/.gpg2.new.5913/gpg2.changes 2020-11-23
10:29:38.465305429 +0100
@@ -1,0 +2,28 @@
+Tue Nov 17 21:52:38 UTC 2020 - Andreas Stieger
+
+- GnuPG 2.2.24:
+ * gpg: New command --quick-revoke-sig
+ * gpg: Do not use weak digest algos if selected by recipient
+preference during sign+encrypt
+ * gpg: Switch to AES256 for symmetric encryption in de-vs mode
+ * gpg: Silence weak digest warnings with --quiet
+ * gpg: Print new status line CANCELED_BY_USER for a cancel during
+symmetric encryption
+ * gpg: Fix the encrypt+sign hash algo preference selection for
+ECDSA. This is in particular needed for keys created from
+existing smartcard based keys
+ * agent: Fix secret key import of GnuPG 2.3 generated Ed25519
+keys
+ * agent: Keep some permissions of private-keys-v1.d
+ * dirmngr: Align sks-keyservers.netCA.pem use between ntbtls and
+gnutls builds
+ * dirmngr: Fix the pool keyserver case for a single host in the
+pool
+ * scd: Fix the use case of verify_chv2 by CHECKPIN
+ * scd: Various improvements to the ccid-driver
+ * scd: Minor fixes for Yubikey
+ * gpgconf: New option --show-versions
+ * i18n: Complete overhaul and completion of the Italian
+translation
+
+---
Old:
gnupg-2.2.23.tar.bz2
gnupg-2.2.23.tar.bz2.sig
New:
gnupg-2.2.24.tar.bz2
gnupg-2.2.24.tar.bz2.sig
Other differences:
--
++ gpg2.spec ++
--- /var/tmp/diff_new_pack.SaCEN1/_old 2020-11-23 10:29:39.293306336 +0100
+++ /var/tmp/diff_new_pack.SaCEN1/_new 2020-11-23 10:29:39.297306341 +0100
@@ -17,7 +17,7 @@
Name: gpg2
-Version:2.2.23
+Version:2.2.24
Release:0
Summary:File encryption, decryption, signature creation and
verification utility
License:GPL-3.0-or-later
@@ -43,9 +43,9 @@
BuildRequires: expect
BuildRequires: fdupes
BuildRequires: libassuan-devel >= 2.5.0
-BuildRequires: libgcrypt-devel >= 1.7.0
-BuildRequires: libgpg-error-devel >= 1.25
-BuildRequires: libksba-devel >= 1.3.4
+BuildRequires: libgcrypt-devel >= 1.8.0
+BuildRequires: libgpg-error-devel >= 1.27
+BuildRequires: libksba-devel >= 1.3.5
BuildRequires: makeinfo
BuildRequires: npth-devel >= 1.2
BuildRequires: openldap2-devel
@@ -56,11 +56,10 @@
BuildRequires: pkgconfig(libusb-1.0)
BuildRequires: pkgconfig(sqlite3) >= 3.7
BuildRequires: pkgconfig(zlib)
-# Add an explicit runtime dependency to match boo#955982
-Requires: libassuan0 >= 2.4.3
-# Explicit runtime depencency - runtime version check
-Requires: libgcrypt20 >= 1.7.0
-Requires: libksba >= 1.3.4
+# runtime dependency to support devel repository users - boo#955982
+Requires: libassuan0 >= 2.5.0
+Requires: libgcrypt20 >= 1.8.0
+Requires: libksba >= 1.3.5
Requires: pinentry
Requires(post): %{install_info_prereq}
Recommends: dirmngr = %{version}
++ gnupg-2.2.23.tar.bz2 -> gnupg-2.2.24.tar.bz2 ++
/work/SRC/openSUSE:Factory/gpg2/gnupg-2.2.23.tar.bz2
/work/SRC/openSUSE:Factory/.gpg2.new.5913/gnupg-2.2.24.tar.bz2 differ: char 11,
line 1
___
openSUSE Commits mailing list -- commit@lists.opensuse.org
To unsubscribe, email commit-le...@lists.opensuse.org
List Netiquette: https://en.opensuse.org/openSUSE:Mailing_list_netiquette
List Archives:
https://lists.opensuse.org/archives/list/commit@lists.opensuse.org
