[CVS] OpenPKG: openpkg-src/gnupg2/ gnupg2.patch gnupg2.spec
OpenPKG CVS Repository http://cvs.openpkg.org/ Server: cvs.openpkg.org Name: Ralf S. Engelschall Root: /v/openpkg/cvs Email: [EMAIL PROTECTED] Module: openpkg-src Date: 06-Jul-2007 12:52:02 Branch: HEAD Handle: 2007070611520200 Removed files: openpkg-src/gnupg2 gnupg2.patch gnupg2.spec Log: remove gnupg2 Summary: RevisionChanges Path 1.6 +0 -36 openpkg-src/gnupg2/gnupg2.patch 1.12+0 -179openpkg-src/gnupg2/gnupg2.spec rm -f openpkg-src/gnupg2/gnupg2.patch '@@ .' Index: openpkg-src/gnupg2/gnupg2.patch [NO CHANGE SUMMARY BECAUSE FILE AS A WHOLE IS JUST REMOVED] @@ . rm -f openpkg-src/gnupg2/gnupg2.spec '@@ .' Index: openpkg-src/gnupg2/gnupg2.spec [NO CHANGE SUMMARY BECAUSE FILE AS A WHOLE IS JUST REMOVED] @@ . __ OpenPKG http://openpkg.org CVS Repository Commit List openpkg-cvs@openpkg.org
[CVS] OpenPKG: openpkg-src/gnupg2/ gnupg2.patch gnupg2.spec
OpenPKG CVS Repository http://cvs.openpkg.org/ Server: cvs.openpkg.org Name: Ralf S. Engelschall Root: /v/openpkg/cvs Email: [EMAIL PROTECTED] Module: openpkg-src Date: 01-Feb-2007 09:29:08 Branch: HEAD Handle: 2007020108290700 Modified files: openpkg-src/gnupg2 gnupg2.patch gnupg2.spec Log: upgrading package: gnupg2 2.0.1 - 2.0.2 Summary: RevisionChanges Path 1.5 +22 -259openpkg-src/gnupg2/gnupg2.patch 1.8 +2 -2 openpkg-src/gnupg2/gnupg2.spec patch -p0 '@@ .' Index: openpkg-src/gnupg2/gnupg2.patch $ cvs diff -u -r1.4 -r1.5 gnupg2.patch --- openpkg-src/gnupg2/gnupg2.patch 7 Dec 2006 19:42:20 - 1.4 +++ openpkg-src/gnupg2/gnupg2.patch 1 Feb 2007 08:29:07 - 1.5 @@ -1,10 +1,28 @@ +Index: agent/genkey.c +--- agent/genkey.c.orig 2007-01-25 10:43:10 +0100 agent/genkey.c 2007-02-01 09:23:19 +0100 +@@ -87,12 +87,9 @@ + if (utf8_charcount (pw) minlen ) + { + char *desc = xtryasprintf +-( ngettext (Warning: You have entered a passphrase that%%0A ++( Warning: You have entered a passphrase that%%0A + is obviously not secure. A passphrase should%%0A +-be at least %u character long., +-Warning: You have entered a passphrase that%%0A +-is obviously not secure. A passphrase should%%0A +-be at least %u characters long., minlen), minlen ); ++be at least %u characters long., minlen ); + if (!desc) + return gpg_error_from_syserror (); + Index: configure configure.orig 2006-11-28 17:05:22 +0100 -+++ configure2006-11-29 09:11:52 +0100 -@@ -6915,13 +6915,13 @@ - # +--- configure.orig 2007-01-31 15:09:31 +0100 configure2007-02-01 09:17:47 +0100 +@@ -6916,13 +6916,13 @@ # Check wether it is necessary to link against libdl. # + gnupg_dlopen_save_libs=$LIBS -LIBS= { echo $as_me:$LINENO: checking for library containing dlopen 5 echo $ECHO_N checking for library containing dlopen... $ECHO_C 6; } @@ -16,258 +34,3 @@ cat conftest.$ac_ext _ACEOF /* confdefs.h. */ _ACEOF - -- - -Security Fix (CVE-2006-6235) - -Index: g10/encr-data.c g10/encr-data.c (revision 4352) -+++ g10/encr-data.c (working copy) -@@ -39,16 +39,37 @@ - static int decode_filter ( void *opaque, int control, IOBUF a, - byte *buf, size_t *ret_len); - --typedef struct -+typedef struct decode_filter_context_s - { - gcry_cipher_hd_t cipher_hd; - gcry_md_hd_t mdc_hash; - char defer[22]; - int defer_filled; - int eof_seen; --} decode_filter_ctx_t; -+ int refcount; -+} *decode_filter_ctx_t; - - -+/* Helper to release the decode context. */ -+static void -+release_dfx_context (decode_filter_ctx_t dfx) -+{ -+ if (!dfx) -+return; -+ -+ assert (dfx-refcount); -+ if ( !--dfx-refcount ) -+{ -+ gcry_cipher_close (dfx-cipher_hd); -+ dfx-cipher_hd = NULL; -+ gcry_md_close (dfx-mdc_hash); -+ dfx-mdc_hash = NULL; -+ xfree (dfx); -+} -+} -+ -+ -+ - / - * Decrypt the data, specified by ED with the key DEK. - */ -@@ -62,7 +83,11 @@ - unsigned blocksize; - unsigned nprefix; - -- memset( dfx, 0, sizeof dfx ); -+ dfx = xtrycalloc (1, sizeof *dfx); -+ if (!dfx) -+return gpg_error_from_syserror (); -+ dfx-refcount = 1; -+ - if ( opt.verbose !dek-algo_info_printed ) - { - const char *s = gcry_cipher_algo_name (dek-algo); -@@ -77,20 +102,20 @@ - goto leave; - blocksize = gcry_cipher_get_algo_blklen (dek-algo); - if ( !blocksize || blocksize 16 ) --log_fatal(unsupported blocksize %u\n, blocksize ); -+log_fatal (unsupported blocksize %u\n, blocksize ); - nprefix = blocksize; - if ( ed-len ed-len (nprefix+2) ) - BUG(); - - if ( ed-mdc_method ) - { -- if (gcry_md_open (dfx.mdc_hash, ed-mdc_method, 0 )) -+ if (gcry_md_open (dfx-mdc_hash, ed-mdc_method, 0 )) - BUG (); - if ( DBG_HASHING ) --gcry_md_start_debug (dfx.mdc_hash, checkmdc); -+gcry_md_start_debug (dfx-mdc_hash, checkmdc); - } - -- rc = gcry_cipher_open (dfx.cipher_hd, dek-algo, -+ rc = gcry_cipher_open (dfx-cipher_hd,
[CVS] OpenPKG: openpkg-src/gnupg2/ gnupg2.patch gnupg2.spec
OpenPKG CVS Repository http://cvs.openpkg.org/ Server: cvs.openpkg.org Name: Ralf S. Engelschall Root: /v/openpkg/cvs Email: [EMAIL PROTECTED] Module: openpkg-src Date: 07-Dec-2006 20:42:21 Branch: HEAD Handle: 2006120719422000 Modified files: openpkg-src/gnupg2 gnupg2.patch gnupg2.spec Log: Security Fix (CVE-2006-6235) Summary: RevisionChanges Path 1.4 +255 -0 openpkg-src/gnupg2/gnupg2.patch 1.6 +1 -1 openpkg-src/gnupg2/gnupg2.spec patch -p0 '@@ .' Index: openpkg-src/gnupg2/gnupg2.patch $ cvs diff -u -r1.3 -r1.4 gnupg2.patch --- openpkg-src/gnupg2/gnupg2.patch 29 Nov 2006 08:22:28 - 1.3 +++ openpkg-src/gnupg2/gnupg2.patch 7 Dec 2006 19:42:20 - 1.4 @@ -16,3 +16,258 @@ cat conftest.$ac_ext _ACEOF /* confdefs.h. */ _ACEOF + +- + +Security Fix (CVE-2006-6235) + +Index: g10/encr-data.c +--- g10/encr-data.c (revision 4352) g10/encr-data.c (working copy) +@@ -39,16 +39,37 @@ + static int decode_filter ( void *opaque, int control, IOBUF a, + byte *buf, size_t *ret_len); + +-typedef struct ++typedef struct decode_filter_context_s + { + gcry_cipher_hd_t cipher_hd; + gcry_md_hd_t mdc_hash; + char defer[22]; + int defer_filled; + int eof_seen; +-} decode_filter_ctx_t; ++ int refcount; ++} *decode_filter_ctx_t; + + ++/* Helper to release the decode context. */ ++static void ++release_dfx_context (decode_filter_ctx_t dfx) ++{ ++ if (!dfx) ++return; ++ ++ assert (dfx-refcount); ++ if ( !--dfx-refcount ) ++{ ++ gcry_cipher_close (dfx-cipher_hd); ++ dfx-cipher_hd = NULL; ++ gcry_md_close (dfx-mdc_hash); ++ dfx-mdc_hash = NULL; ++ xfree (dfx); ++} ++} ++ ++ ++ + / + * Decrypt the data, specified by ED with the key DEK. + */ +@@ -62,7 +83,11 @@ + unsigned blocksize; + unsigned nprefix; + +- memset( dfx, 0, sizeof dfx ); ++ dfx = xtrycalloc (1, sizeof *dfx); ++ if (!dfx) ++return gpg_error_from_syserror (); ++ dfx-refcount = 1; ++ + if ( opt.verbose !dek-algo_info_printed ) + { + const char *s = gcry_cipher_algo_name (dek-algo); +@@ -77,20 +102,20 @@ + goto leave; + blocksize = gcry_cipher_get_algo_blklen (dek-algo); + if ( !blocksize || blocksize 16 ) +-log_fatal(unsupported blocksize %u\n, blocksize ); ++log_fatal (unsupported blocksize %u\n, blocksize ); + nprefix = blocksize; + if ( ed-len ed-len (nprefix+2) ) + BUG(); + + if ( ed-mdc_method ) + { +- if (gcry_md_open (dfx.mdc_hash, ed-mdc_method, 0 )) ++ if (gcry_md_open (dfx-mdc_hash, ed-mdc_method, 0 )) + BUG (); + if ( DBG_HASHING ) +-gcry_md_start_debug (dfx.mdc_hash, checkmdc); ++gcry_md_start_debug (dfx-mdc_hash, checkmdc); + } + +- rc = gcry_cipher_open (dfx.cipher_hd, dek-algo, ++ rc = gcry_cipher_open (dfx-cipher_hd, dek-algo, + GCRY_CIPHER_MODE_CFB, + (GCRY_CIPHER_SECURE + | ((ed-mdc_method || dek-algo = 100)? +@@ -104,7 +129,7 @@ + + + /* log_hexdump( thekey, dek-key, dek-keylen );*/ +- rc = gcry_cipher_setkey (dfx.cipher_hd, dek-key, dek-keylen); ++ rc = gcry_cipher_setkey (dfx-cipher_hd, dek-key, dek-keylen); + if ( gpg_err_code (rc) == GPG_ERR_WEAK_KEY ) + { + log_info(_(WARNING: message was encrypted with +@@ -123,7 +148,7 @@ + goto leave; + } + +- gcry_cipher_setiv (dfx.cipher_hd, NULL, 0); ++ gcry_cipher_setiv (dfx-cipher_hd, NULL, 0); + + if ( ed-len ) + { +@@ -144,8 +169,8 @@ + temp[i] = c; + } + +- gcry_cipher_decrypt (dfx.cipher_hd, temp, nprefix+2, NULL, 0); +- gcry_cipher_sync (dfx.cipher_hd); ++ gcry_cipher_decrypt (dfx-cipher_hd, temp, nprefix+2, NULL, 0); ++ gcry_cipher_sync (dfx-cipher_hd); + p = temp; + /* log_hexdump( prefix, temp, nprefix+2 ); */ + if (dek-symmetric +@@ -155,17 +180,18 @@ + goto leave; + } + +- if ( dfx.mdc_hash ) +-gcry_md_write (dfx.mdc_hash, temp, nprefix+2); +- ++ if ( dfx-mdc_hash ) ++gcry_md_write (dfx-mdc_hash, temp, nprefix+2); ++ ++ dfx-refcount++; + if ( ed-mdc_method ) +-iobuf_push_filter( ed-buf, mdc_decode_filter, dfx ); ++
[CVS] OpenPKG: openpkg-src/gnupg2/ gnupg2.patch gnupg2.spec
OpenPKG CVS Repository http://cvs.openpkg.org/ Server: cvs.openpkg.org Name: Ralf S. Engelschall Root: /v/openpkg/cvs Email: [EMAIL PROTECTED] Module: openpkg-src Date: 29-Nov-2006 09:22:29 Branch: HEAD Handle: 2006112908222801 Modified files: openpkg-src/gnupg2 gnupg2.patch gnupg2.spec Log: upgrading package: gnupg2 2.0.0 - 2.0.1 Summary: RevisionChanges Path 1.3 +6 -25 openpkg-src/gnupg2/gnupg2.patch 1.5 +5 -3 openpkg-src/gnupg2/gnupg2.spec patch -p0 '@@ .' Index: openpkg-src/gnupg2/gnupg2.patch $ cvs diff -u -r1.2 -r1.3 gnupg2.patch --- openpkg-src/gnupg2/gnupg2.patch 28 Nov 2006 07:11:10 - 1.2 +++ openpkg-src/gnupg2/gnupg2.patch 29 Nov 2006 08:22:28 - 1.3 @@ -1,37 +1,18 @@ Index: configure configure.orig 2006-11-11 14:37:23 +0100 -+++ configure2006-11-15 20:58:27 +0100 -@@ -5929,13 +5929,13 @@ +--- configure.orig 2006-11-28 17:05:22 +0100 configure2006-11-29 09:11:52 +0100 +@@ -6915,13 +6915,13 @@ # # Check wether it is necessary to link against libdl. # -LIBS= - echo $as_me:$LINENO: checking for library containing dlopen 5 - echo $ECHO_N checking for library containing dlopen... $ECHO_C 6 + { echo $as_me:$LINENO: checking for library containing dlopen 5 + echo $ECHO_N checking for library containing dlopen... $ECHO_C 6; } if test ${ac_cv_search_dlopen+set} = set; then echo $ECHO_N (cached) $ECHO_C 6 else ac_func_search_save_LIBS=$LIBS + LIBS= - ac_cv_search_dlopen=no cat conftest.$ac_ext _ACEOF /* confdefs.h. */ - -- - -Security Fix -http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000241.html - -Index: g10/openfile.c g10/openfile.c.orig 2006-07-31 16:00:19 +0200 -+++ g10/openfile.c 2006-11-28 08:04:21 +0100 -@@ -144,8 +144,8 @@ - - s = _(Enter new filename); - --n = strlen(s) + namelen + 10; - defname = name namelen? make_printable_string( name, namelen, 0): NULL; -+n = strlen(s) + (defname ? strlen(defname) : 0) + 10; - prompt = xmalloc(n); - if( defname ) - sprintf(prompt, %s [%s]: , s, defname ); + _ACEOF @@ . patch -p0 '@@ .' Index: openpkg-src/gnupg2/gnupg2.spec $ cvs diff -u -r1.4 -r1.5 gnupg2.spec --- openpkg-src/gnupg2/gnupg2.spec28 Nov 2006 07:11:10 - 1.4 +++ openpkg-src/gnupg2/gnupg2.spec29 Nov 2006 08:22:29 - 1.5 @@ -32,8 +32,8 @@ Class:EVAL Group:PGP License: GPL -Version: 2.0.0 -Release: 20061128 +Version: 2.0.1 +Release: 20061129 # package options %option with_curl yes @@ -75,7 +75,7 @@ prog gnupg2 = { version = %{version} url = ftp://ftp.gnupg.org/gcrypt/gnupg/ -regex = gnupg-(__VER__)\.tar\.gz +regex = gnupg-(2\.__VER__)\.tar\.(gz|bz2) } %prep @@ -107,6 +107,8 @@ ./configure \ --prefix=%{l_prefix} \ --datadir=%{l_prefix}/share/gnupg2 \ +--mandir=%{l_prefix}/man \ +--infodir=%{l_prefix}/info \ --with-zlib=%{l_prefix} \ --with-bzip2=%{l_prefix} \ --with-readline=%{l_prefix} \ @@ . __ The OpenPKG Projectwww.openpkg.org CVS Repository Commit List openpkg-cvs@openpkg.org
[CVS] OpenPKG: openpkg-src/gnupg2/ gnupg2.patch gnupg2.spec
OpenPKG CVS Repository http://cvs.openpkg.org/ Server: cvs.openpkg.org Name: Ralf S. Engelschall Root: /v/openpkg/cvs Email: [EMAIL PROTECTED] Module: openpkg-src Date: 28-Nov-2006 08:11:10 Branch: HEAD Handle: 2006112807111000 Modified files: openpkg-src/gnupg2 gnupg2.patch gnupg2.spec Log: Security Fix Summary: RevisionChanges Path 1.2 +19 -0 openpkg-src/gnupg2/gnupg2.patch 1.4 +1 -1 openpkg-src/gnupg2/gnupg2.spec patch -p0 '@@ .' Index: openpkg-src/gnupg2/gnupg2.patch $ cvs diff -u -r1.1 -r1.2 gnupg2.patch --- openpkg-src/gnupg2/gnupg2.patch 15 Nov 2006 20:52:51 - 1.1 +++ openpkg-src/gnupg2/gnupg2.patch 28 Nov 2006 07:11:10 - 1.2 @@ -16,3 +16,22 @@ ac_cv_search_dlopen=no cat conftest.$ac_ext _ACEOF /* confdefs.h. */ + +- + +Security Fix +http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000241.html + +Index: g10/openfile.c +--- g10/openfile.c.orig 2006-07-31 16:00:19 +0200 g10/openfile.c 2006-11-28 08:04:21 +0100 +@@ -144,8 +144,8 @@ + + s = _(Enter new filename); + +-n = strlen(s) + namelen + 10; + defname = name namelen? make_printable_string( name, namelen, 0): NULL; ++n = strlen(s) + (defname ? strlen(defname) : 0) + 10; + prompt = xmalloc(n); + if( defname ) + sprintf(prompt, %s [%s]: , s, defname ); @@ . patch -p0 '@@ .' Index: openpkg-src/gnupg2/gnupg2.spec $ cvs diff -u -r1.3 -r1.4 gnupg2.spec --- openpkg-src/gnupg2/gnupg2.spec16 Nov 2006 07:08:08 - 1.3 +++ openpkg-src/gnupg2/gnupg2.spec28 Nov 2006 07:11:10 - 1.4 @@ -33,7 +33,7 @@ Group:PGP License: GPL Version: 2.0.0 -Release: 20061116 +Release: 20061128 # package options %option with_curl yes @@ . __ The OpenPKG Projectwww.openpkg.org CVS Repository Commit List openpkg-cvs@openpkg.org