[CVS] OpenPKG: openpkg-src/gnupg2/ gnupg2.patch gnupg2.spec
OpenPKG CVS Repository http://cvs.openpkg.org/ Server: cvs.openpkg.org Name: Ralf S. Engelschall Root: /v/openpkg/cvs Email: [EMAIL PROTECTED] Module: openpkg-src Date: 06-Jul-2007 12:52:02 Branch: HEAD Handle: 2007070611520200 Removed files: openpkg-src/gnupg2 gnupg2.patch gnupg2.spec Log: remove gnupg2 Summary: RevisionChanges Path 1.6 +0 -36 openpkg-src/gnupg2/gnupg2.patch 1.12+0 -179openpkg-src/gnupg2/gnupg2.spec rm -f openpkg-src/gnupg2/gnupg2.patch '@@ .' Index: openpkg-src/gnupg2/gnupg2.patch [NO CHANGE SUMMARY BECAUSE FILE AS A WHOLE IS JUST REMOVED] @@ . rm -f openpkg-src/gnupg2/gnupg2.spec '@@ .' Index: openpkg-src/gnupg2/gnupg2.spec [NO CHANGE SUMMARY BECAUSE FILE AS A WHOLE IS JUST REMOVED] @@ . __ OpenPKG http://openpkg.org CVS Repository Commit List openpkg-cvs@openpkg.org
[CVS] OpenPKG: openpkg-src/gnupg2/ gnupg2.patch gnupg2.spec
OpenPKG CVS Repository
http://cvs.openpkg.org/
Server: cvs.openpkg.org Name: Ralf S. Engelschall
Root: /v/openpkg/cvs Email: [EMAIL PROTECTED]
Module: openpkg-src Date: 01-Feb-2007 09:29:08
Branch: HEAD Handle: 2007020108290700
Modified files:
openpkg-src/gnupg2 gnupg2.patch gnupg2.spec
Log:
upgrading package: gnupg2 2.0.1 - 2.0.2
Summary:
RevisionChanges Path
1.5 +22 -259openpkg-src/gnupg2/gnupg2.patch
1.8 +2 -2 openpkg-src/gnupg2/gnupg2.spec
patch -p0 '@@ .'
Index: openpkg-src/gnupg2/gnupg2.patch
$ cvs diff -u -r1.4 -r1.5 gnupg2.patch
--- openpkg-src/gnupg2/gnupg2.patch 7 Dec 2006 19:42:20 - 1.4
+++ openpkg-src/gnupg2/gnupg2.patch 1 Feb 2007 08:29:07 - 1.5
@@ -1,10 +1,28 @@
+Index: agent/genkey.c
+--- agent/genkey.c.orig 2007-01-25 10:43:10 +0100
agent/genkey.c 2007-02-01 09:23:19 +0100
+@@ -87,12 +87,9 @@
+ if (utf8_charcount (pw) minlen )
+ {
+ char *desc = xtryasprintf
+-( ngettext (Warning: You have entered a passphrase that%%0A
++( Warning: You have entered a passphrase that%%0A
+ is obviously not secure. A passphrase should%%0A
+-be at least %u character long.,
+-Warning: You have entered a passphrase that%%0A
+-is obviously not secure. A passphrase should%%0A
+-be at least %u characters long., minlen), minlen );
++be at least %u characters long., minlen );
+ if (!desc)
+ return gpg_error_from_syserror ();
+
Index: configure
configure.orig 2006-11-28 17:05:22 +0100
-+++ configure2006-11-29 09:11:52 +0100
-@@ -6915,13 +6915,13 @@
- #
+--- configure.orig 2007-01-31 15:09:31 +0100
configure2007-02-01 09:17:47 +0100
+@@ -6916,13 +6916,13 @@
# Check wether it is necessary to link against libdl.
#
+ gnupg_dlopen_save_libs=$LIBS
-LIBS=
{ echo $as_me:$LINENO: checking for library containing dlopen 5
echo $ECHO_N checking for library containing dlopen... $ECHO_C 6; }
@@ -16,258 +34,3 @@
cat conftest.$ac_ext _ACEOF
/* confdefs.h. */
_ACEOF
-
--
-
-Security Fix (CVE-2006-6235)
-
-Index: g10/encr-data.c
g10/encr-data.c (revision 4352)
-+++ g10/encr-data.c (working copy)
-@@ -39,16 +39,37 @@
- static int decode_filter ( void *opaque, int control, IOBUF a,
- byte *buf, size_t *ret_len);
-
--typedef struct
-+typedef struct decode_filter_context_s
- {
- gcry_cipher_hd_t cipher_hd;
- gcry_md_hd_t mdc_hash;
- char defer[22];
- int defer_filled;
- int eof_seen;
--} decode_filter_ctx_t;
-+ int refcount;
-+} *decode_filter_ctx_t;
-
-
-+/* Helper to release the decode context. */
-+static void
-+release_dfx_context (decode_filter_ctx_t dfx)
-+{
-+ if (!dfx)
-+return;
-+
-+ assert (dfx-refcount);
-+ if ( !--dfx-refcount )
-+{
-+ gcry_cipher_close (dfx-cipher_hd);
-+ dfx-cipher_hd = NULL;
-+ gcry_md_close (dfx-mdc_hash);
-+ dfx-mdc_hash = NULL;
-+ xfree (dfx);
-+}
-+}
-+
-+
-+
- /
- * Decrypt the data, specified by ED with the key DEK.
- */
-@@ -62,7 +83,11 @@
- unsigned blocksize;
- unsigned nprefix;
-
-- memset( dfx, 0, sizeof dfx );
-+ dfx = xtrycalloc (1, sizeof *dfx);
-+ if (!dfx)
-+return gpg_error_from_syserror ();
-+ dfx-refcount = 1;
-+
- if ( opt.verbose !dek-algo_info_printed )
- {
- const char *s = gcry_cipher_algo_name (dek-algo);
-@@ -77,20 +102,20 @@
- goto leave;
- blocksize = gcry_cipher_get_algo_blklen (dek-algo);
- if ( !blocksize || blocksize 16 )
--log_fatal(unsupported blocksize %u\n, blocksize );
-+log_fatal (unsupported blocksize %u\n, blocksize );
- nprefix = blocksize;
- if ( ed-len ed-len (nprefix+2) )
- BUG();
-
- if ( ed-mdc_method )
- {
-- if (gcry_md_open (dfx.mdc_hash, ed-mdc_method, 0 ))
-+ if (gcry_md_open (dfx-mdc_hash, ed-mdc_method, 0 ))
- BUG ();
- if ( DBG_HASHING )
--gcry_md_start_debug (dfx.mdc_hash, checkmdc);
-+gcry_md_start_debug (dfx-mdc_hash, checkmdc);
- }
-
-- rc = gcry_cipher_open (dfx.cipher_hd, dek-algo,
-+ rc = gcry_cipher_open (dfx-cipher_hd,
[CVS] OpenPKG: openpkg-src/gnupg2/ gnupg2.patch gnupg2.spec
OpenPKG CVS Repository
http://cvs.openpkg.org/
Server: cvs.openpkg.org Name: Ralf S. Engelschall
Root: /v/openpkg/cvs Email: [EMAIL PROTECTED]
Module: openpkg-src Date: 07-Dec-2006 20:42:21
Branch: HEAD Handle: 2006120719422000
Modified files:
openpkg-src/gnupg2 gnupg2.patch gnupg2.spec
Log:
Security Fix (CVE-2006-6235)
Summary:
RevisionChanges Path
1.4 +255 -0 openpkg-src/gnupg2/gnupg2.patch
1.6 +1 -1 openpkg-src/gnupg2/gnupg2.spec
patch -p0 '@@ .'
Index: openpkg-src/gnupg2/gnupg2.patch
$ cvs diff -u -r1.3 -r1.4 gnupg2.patch
--- openpkg-src/gnupg2/gnupg2.patch 29 Nov 2006 08:22:28 - 1.3
+++ openpkg-src/gnupg2/gnupg2.patch 7 Dec 2006 19:42:20 - 1.4
@@ -16,3 +16,258 @@
cat conftest.$ac_ext _ACEOF
/* confdefs.h. */
_ACEOF
+
+-
+
+Security Fix (CVE-2006-6235)
+
+Index: g10/encr-data.c
+--- g10/encr-data.c (revision 4352)
g10/encr-data.c (working copy)
+@@ -39,16 +39,37 @@
+ static int decode_filter ( void *opaque, int control, IOBUF a,
+ byte *buf, size_t *ret_len);
+
+-typedef struct
++typedef struct decode_filter_context_s
+ {
+ gcry_cipher_hd_t cipher_hd;
+ gcry_md_hd_t mdc_hash;
+ char defer[22];
+ int defer_filled;
+ int eof_seen;
+-} decode_filter_ctx_t;
++ int refcount;
++} *decode_filter_ctx_t;
+
+
++/* Helper to release the decode context. */
++static void
++release_dfx_context (decode_filter_ctx_t dfx)
++{
++ if (!dfx)
++return;
++
++ assert (dfx-refcount);
++ if ( !--dfx-refcount )
++{
++ gcry_cipher_close (dfx-cipher_hd);
++ dfx-cipher_hd = NULL;
++ gcry_md_close (dfx-mdc_hash);
++ dfx-mdc_hash = NULL;
++ xfree (dfx);
++}
++}
++
++
++
+ /
+ * Decrypt the data, specified by ED with the key DEK.
+ */
+@@ -62,7 +83,11 @@
+ unsigned blocksize;
+ unsigned nprefix;
+
+- memset( dfx, 0, sizeof dfx );
++ dfx = xtrycalloc (1, sizeof *dfx);
++ if (!dfx)
++return gpg_error_from_syserror ();
++ dfx-refcount = 1;
++
+ if ( opt.verbose !dek-algo_info_printed )
+ {
+ const char *s = gcry_cipher_algo_name (dek-algo);
+@@ -77,20 +102,20 @@
+ goto leave;
+ blocksize = gcry_cipher_get_algo_blklen (dek-algo);
+ if ( !blocksize || blocksize 16 )
+-log_fatal(unsupported blocksize %u\n, blocksize );
++log_fatal (unsupported blocksize %u\n, blocksize );
+ nprefix = blocksize;
+ if ( ed-len ed-len (nprefix+2) )
+ BUG();
+
+ if ( ed-mdc_method )
+ {
+- if (gcry_md_open (dfx.mdc_hash, ed-mdc_method, 0 ))
++ if (gcry_md_open (dfx-mdc_hash, ed-mdc_method, 0 ))
+ BUG ();
+ if ( DBG_HASHING )
+-gcry_md_start_debug (dfx.mdc_hash, checkmdc);
++gcry_md_start_debug (dfx-mdc_hash, checkmdc);
+ }
+
+- rc = gcry_cipher_open (dfx.cipher_hd, dek-algo,
++ rc = gcry_cipher_open (dfx-cipher_hd, dek-algo,
+ GCRY_CIPHER_MODE_CFB,
+ (GCRY_CIPHER_SECURE
+ | ((ed-mdc_method || dek-algo = 100)?
+@@ -104,7 +129,7 @@
+
+
+ /* log_hexdump( thekey, dek-key, dek-keylen );*/
+- rc = gcry_cipher_setkey (dfx.cipher_hd, dek-key, dek-keylen);
++ rc = gcry_cipher_setkey (dfx-cipher_hd, dek-key, dek-keylen);
+ if ( gpg_err_code (rc) == GPG_ERR_WEAK_KEY )
+ {
+ log_info(_(WARNING: message was encrypted with
+@@ -123,7 +148,7 @@
+ goto leave;
+ }
+
+- gcry_cipher_setiv (dfx.cipher_hd, NULL, 0);
++ gcry_cipher_setiv (dfx-cipher_hd, NULL, 0);
+
+ if ( ed-len )
+ {
+@@ -144,8 +169,8 @@
+ temp[i] = c;
+ }
+
+- gcry_cipher_decrypt (dfx.cipher_hd, temp, nprefix+2, NULL, 0);
+- gcry_cipher_sync (dfx.cipher_hd);
++ gcry_cipher_decrypt (dfx-cipher_hd, temp, nprefix+2, NULL, 0);
++ gcry_cipher_sync (dfx-cipher_hd);
+ p = temp;
+ /* log_hexdump( prefix, temp, nprefix+2 ); */
+ if (dek-symmetric
+@@ -155,17 +180,18 @@
+ goto leave;
+ }
+
+- if ( dfx.mdc_hash )
+-gcry_md_write (dfx.mdc_hash, temp, nprefix+2);
+-
++ if ( dfx-mdc_hash )
++gcry_md_write (dfx-mdc_hash, temp, nprefix+2);
++
++ dfx-refcount++;
+ if ( ed-mdc_method )
+-iobuf_push_filter( ed-buf, mdc_decode_filter, dfx );
++
[CVS] OpenPKG: openpkg-src/gnupg2/ gnupg2.patch gnupg2.spec
OpenPKG CVS Repository
http://cvs.openpkg.org/
Server: cvs.openpkg.org Name: Ralf S. Engelschall
Root: /v/openpkg/cvs Email: [EMAIL PROTECTED]
Module: openpkg-src Date: 29-Nov-2006 09:22:29
Branch: HEAD Handle: 2006112908222801
Modified files:
openpkg-src/gnupg2 gnupg2.patch gnupg2.spec
Log:
upgrading package: gnupg2 2.0.0 - 2.0.1
Summary:
RevisionChanges Path
1.3 +6 -25 openpkg-src/gnupg2/gnupg2.patch
1.5 +5 -3 openpkg-src/gnupg2/gnupg2.spec
patch -p0 '@@ .'
Index: openpkg-src/gnupg2/gnupg2.patch
$ cvs diff -u -r1.2 -r1.3 gnupg2.patch
--- openpkg-src/gnupg2/gnupg2.patch 28 Nov 2006 07:11:10 - 1.2
+++ openpkg-src/gnupg2/gnupg2.patch 29 Nov 2006 08:22:28 - 1.3
@@ -1,37 +1,18 @@
Index: configure
configure.orig 2006-11-11 14:37:23 +0100
-+++ configure2006-11-15 20:58:27 +0100
-@@ -5929,13 +5929,13 @@
+--- configure.orig 2006-11-28 17:05:22 +0100
configure2006-11-29 09:11:52 +0100
+@@ -6915,13 +6915,13 @@
#
# Check wether it is necessary to link against libdl.
#
-LIBS=
- echo $as_me:$LINENO: checking for library containing dlopen 5
- echo $ECHO_N checking for library containing dlopen... $ECHO_C 6
+ { echo $as_me:$LINENO: checking for library containing dlopen 5
+ echo $ECHO_N checking for library containing dlopen... $ECHO_C 6; }
if test ${ac_cv_search_dlopen+set} = set; then
echo $ECHO_N (cached) $ECHO_C 6
else
ac_func_search_save_LIBS=$LIBS
+ LIBS=
- ac_cv_search_dlopen=no
cat conftest.$ac_ext _ACEOF
/* confdefs.h. */
-
--
-
-Security Fix
-http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000241.html
-
-Index: g10/openfile.c
g10/openfile.c.orig 2006-07-31 16:00:19 +0200
-+++ g10/openfile.c 2006-11-28 08:04:21 +0100
-@@ -144,8 +144,8 @@
-
- s = _(Enter new filename);
-
--n = strlen(s) + namelen + 10;
- defname = name namelen? make_printable_string( name, namelen, 0):
NULL;
-+n = strlen(s) + (defname ? strlen(defname) : 0) + 10;
- prompt = xmalloc(n);
- if( defname )
- sprintf(prompt, %s [%s]: , s, defname );
+ _ACEOF
@@ .
patch -p0 '@@ .'
Index: openpkg-src/gnupg2/gnupg2.spec
$ cvs diff -u -r1.4 -r1.5 gnupg2.spec
--- openpkg-src/gnupg2/gnupg2.spec28 Nov 2006 07:11:10 - 1.4
+++ openpkg-src/gnupg2/gnupg2.spec29 Nov 2006 08:22:29 - 1.5
@@ -32,8 +32,8 @@
Class:EVAL
Group:PGP
License: GPL
-Version: 2.0.0
-Release: 20061128
+Version: 2.0.1
+Release: 20061129
# package options
%option with_curl yes
@@ -75,7 +75,7 @@
prog gnupg2 = {
version = %{version}
url = ftp://ftp.gnupg.org/gcrypt/gnupg/
-regex = gnupg-(__VER__)\.tar\.gz
+regex = gnupg-(2\.__VER__)\.tar\.(gz|bz2)
}
%prep
@@ -107,6 +107,8 @@
./configure \
--prefix=%{l_prefix} \
--datadir=%{l_prefix}/share/gnupg2 \
+--mandir=%{l_prefix}/man \
+--infodir=%{l_prefix}/info \
--with-zlib=%{l_prefix} \
--with-bzip2=%{l_prefix} \
--with-readline=%{l_prefix} \
@@ .
__
The OpenPKG Projectwww.openpkg.org
CVS Repository Commit List openpkg-cvs@openpkg.org
[CVS] OpenPKG: openpkg-src/gnupg2/ gnupg2.patch gnupg2.spec
OpenPKG CVS Repository http://cvs.openpkg.org/ Server: cvs.openpkg.org Name: Ralf S. Engelschall Root: /v/openpkg/cvs Email: [EMAIL PROTECTED] Module: openpkg-src Date: 28-Nov-2006 08:11:10 Branch: HEAD Handle: 2006112807111000 Modified files: openpkg-src/gnupg2 gnupg2.patch gnupg2.spec Log: Security Fix Summary: RevisionChanges Path 1.2 +19 -0 openpkg-src/gnupg2/gnupg2.patch 1.4 +1 -1 openpkg-src/gnupg2/gnupg2.spec patch -p0 '@@ .' Index: openpkg-src/gnupg2/gnupg2.patch $ cvs diff -u -r1.1 -r1.2 gnupg2.patch --- openpkg-src/gnupg2/gnupg2.patch 15 Nov 2006 20:52:51 - 1.1 +++ openpkg-src/gnupg2/gnupg2.patch 28 Nov 2006 07:11:10 - 1.2 @@ -16,3 +16,22 @@ ac_cv_search_dlopen=no cat conftest.$ac_ext _ACEOF /* confdefs.h. */ + +- + +Security Fix +http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000241.html + +Index: g10/openfile.c +--- g10/openfile.c.orig 2006-07-31 16:00:19 +0200 g10/openfile.c 2006-11-28 08:04:21 +0100 +@@ -144,8 +144,8 @@ + + s = _(Enter new filename); + +-n = strlen(s) + namelen + 10; + defname = name namelen? make_printable_string( name, namelen, 0): NULL; ++n = strlen(s) + (defname ? strlen(defname) : 0) + 10; + prompt = xmalloc(n); + if( defname ) + sprintf(prompt, %s [%s]: , s, defname ); @@ . patch -p0 '@@ .' Index: openpkg-src/gnupg2/gnupg2.spec $ cvs diff -u -r1.3 -r1.4 gnupg2.spec --- openpkg-src/gnupg2/gnupg2.spec16 Nov 2006 07:08:08 - 1.3 +++ openpkg-src/gnupg2/gnupg2.spec28 Nov 2006 07:11:10 - 1.4 @@ -33,7 +33,7 @@ Group:PGP License: GPL Version: 2.0.0 -Release: 20061116 +Release: 20061128 # package options %option with_curl yes @@ . __ The OpenPKG Projectwww.openpkg.org CVS Repository Commit List openpkg-cvs@openpkg.org
