Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:kssingvo:server
gpg1
gpg1.changes
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File gpg1.changes of Package gpg1
------------------------------------------------------------------- Thu Jan 2 12:59:22 UTC 2014 - bugzilla@singvogel.com - upgrade to 1.4.16 ------------------------------------------------------------------- Thu Dec 27 22:53:37 CET 2012 - bugs@singvogel.com - upgrade to 1.4.13 - removed obsolete patch for option encrypt-to - autoreconf only for suse_versions < 12.2 - removed faq.html from docs - no longer existend ------------------------------------------------------------------- Fri Nov 20 17:39:19 CET 2009 - bugs@singvogel.com - had to rename gpg-zip.1 to gpg1-zip.1 ------------------------------------------------------------------- Fri Nov 20 16:53:41 CET 2009 - bugs@singvogel.com - update to version 1.4.10 ------------------------------------------------------------------- Wed Dec 17 20:53:39 CET 2008 - kssingvo@suse.de - workaround in specfile for compiler issues in openSUSE-11.1 ------------------------------------------------------------------- Wed Mar 26 19:55:10 CET 2008 - kssingvo@suse.de - upgrade to version 1.4.9: * Fixed possible memory corruption bug in 1.4.8 while importing OpenPGP keys. * Improved AES encryption performance by more than 20% (on ia32). Decryption is also a bit faster. - fixed use-agent patch - removed references to SUSE 8.x versions in specfile - cleaned up specfile ------------------------------------------------------------------- Mon Jan 7 17:40:38 CET 2008 - kssingvo@suse.de - upgrade to version 1.4.8 * Changed the license to GPLv3. * Improved detection of keyrings specified multiple times. * Changes to better cope with broken keyservers. * Minor bug fixes. * The GnuPG --openpgp mode has been updated to match the new RFC-4880 standard. * By default --require-cross-certification is now on. --rfc2440-text and --force-v3-sigs are now off. * Allow encryption using legacy Elgamal sign+encrypt keys if option option --rfc2440 is used. * Fixed the auto creation of the key stub for smartcards. * Fixed a rare bug in decryption using the OpenPGP card. * Fix RFC-4880 typo in the SHA-224 hash prefix. Old SHA-224 signatures will continue to work. ------------------------------------------------------------------- Thu Nov 29 15:18:08 CET 2007 - kssingvo@suse.de - upgrade to version 1.4.7 - removed duplicate overflow fixes - renamed package from "gpg" to "gpg1" - adaption in files_are_digest patch ------------------------------------------------------------------- Wed Mar 14 13:42:34 CET 2007 - kssingvo@suse.de - fixed issue in improper status handling CVE-2007-1263 (bugzilla#251605) ------------------------------------------------------------------- Thu Dec 7 12:07:16 CET 2006 - kssingvo@suse.de - fixed security issue in dfx stack handling CVE-2006-6235 (bugzilla#225694) ------------------------------------------------------------------- Tue Nov 28 11:37:55 CET 2006 - kssingvo@suse.de - fixed security issue with openfile in interactive mode (bugzilla#224108) ------------------------------------------------------------------- Wed Aug 2 20:19:39 CEST 2006 - kssingvo@suse.de - update to version 1.4.5: * Reverted check for valid standard handles under Windows. * More DSA2 tweaks. * Fixed a problem uploading certain keys to the smart card. * Fixed 2 more possible memory allocation attacks. They are similar to the problem we fixed with 1.4.4. This bug can easily be be exploted for a DoS; remote code execution is not entirely impossible. * Added Norwegian translation. - added patch to sign signatures stored in files ------------------------------------------------------------------- Mon Jun 26 18:07:29 CEST 2006 - kssingvo@suse.de - upgrade to 1.4.4 (mainly bugfix version) - removed already present (security) bugfixes - adapted SUSE specialized patches - removed s-bit as we have user mlock in kernel now (bugzilla#137562) ------------------------------------------------------------------- Wed Jun 14 11:46:30 CEST 2006 - kssingvo@suse.de - fixed large uids issue SWAMP#4755, no CVE yet (bugzilla#180615) ------------------------------------------------------------------- Thu Mar 9 16:58:43 CET 2006 - kssingvo@suse.de - fixed 2nd signature security problem CVE-2006-0049 (bugzilla#155400) ------------------------------------------------------------------- Wed Feb 15 13:51:13 CET 2006 - kssingvo@suse.de - fixed signature security problem CVE-2006-0455 (bugzilla#150742) ------------------------------------------------------------------- Sat Feb 4 14:20:49 CET 2006 - aj@suse.de - Cleanup BuildRequires. ------------------------------------------------------------------- Mon Jan 30 10:09:11 CET 2006 - kssingvo@suse.de - fixed manpage: http_proxy -> http-proxy (bugzilla#73911) ------------------------------------------------------------------- Wed Jan 25 21:36:18 CET 2006 - mls@suse.de - converted neededforbuild to BuildRequires ------------------------------------------------------------------- Wed Nov 16 13:08:29 CET 2005 - uli@suse.de - don't run test suite on ARM (hangs sometimes in QEMU) ------------------------------------------------------------------- Mon Sep 26 01:36:36 CEST 2005 - ro@suse.de - added LDAP_DEPRECATED to CFLAGS ------------------------------------------------------------------- Thu Sep 1 13:26:24 CEST 2005 - kssingvo@suse.de - got official patch for mpi problem, replaced mine (bugzilla#112655) ------------------------------------------------------------------- Wed Aug 24 15:12:21 CEST 2005 - kssingvo@suse.de - fixed size check in mpi module (bugzilla#112655) ------------------------------------------------------------------- Wed Jul 27 14:41:22 CEST 2005 - kssingvo@suse.de - 1.4.2 is now finally released ------------------------------------------------------------------- Wed Jul 13 15:06:44 CEST 2005 - kssingvo@suse.de - upgrade to 1.4.2rc2 for crypto freeze ------------------------------------------------------------------- Mon Jul 11 16:26:05 CEST 2005 - kssingvo@suse.de - upgrade to 1.4.1 with all necessary adaptions - PIE is IMHO a bit better enabled (i.e. backward compatible) ------------------------------------------------------------------- Mon Jun 20 17:27:16 CEST 2005 - ro@suse.de - build as PIE ------------------------------------------------------------------- Tue Feb 22 15:31:34 CET 2005 - kssingvo@suse.de - security fix for cfb-cipher issue (bugzilla#65862) ------------------------------------------------------------------- Tue Feb 1 16:57:21 CET 2005 - kssingvo@suse.de - update to latest version: 1.4.0 (looks stable according to gnupg-ml) ------------------------------------------------------------------- Tue Dec 14 21:21:42 CET 2004 - kssingvo@suse.de - updated to GnuPG-1.3.93 (last RC for release of 1.4) to see if anything breaks ------------------------------------------------------------------- Sat Aug 7 10:04:51 CEST 2004 - meissner@suse.de - Fixed a compiler warning. ------------------------------------------------------------------- Tue Aug 3 21:28:57 CEST 2004 - garloff@suse.de - Update to GnuPG-1.2.5: * New options: --(no-)ask-cert-level, --min-cert-level, --max-output, --list-config, --gpgconf-list. * Performance improvements for large keyrings, --enable-key-cache * Portability fixes and simplified chnies translation. - Update README.SUSE to document the safe allocation of locked memory. ------------------------------------------------------------------- Thu Mar 25 23:41:58 CET 2004 - mmj@suse.de - Add postfix to # neededforbuild ------------------------------------------------------------------- Mon Mar 22 16:44:33 CET 2004 - garloff@suse.de - Move allocation of locked memory up and make gpg setuid root (#33570). ------------------------------------------------------------------- Wed Feb 4 00:44:27 CET 2004 - garloff@suse.de - Drop pgpgpg. - Add #norootforbuild and fix package accordingly. ------------------------------------------------------------------- Wed Feb 4 00:12:06 CET 2004 - garloff@suse.de - Update to GnuPG-1.2.4: * Experimental read-only support for bzip2 compression. * Handle msgs that are decryptable by a passphrase or secret key. * Drop most Elgamal sign+encrypt support: No signatures can be generated any more, nor keys be generated. Decryption still works as does generation of revoc certificates. However, Elgamal sign+encrypt is scheduled for complete removal. * Add russian and belarussian translations. ------------------------------------------------------------------- Tue Dec 2 14:20:03 CET 2003 - garloff@suse.de - Update to GnuPG-1.2.3: * --gnupg option disabling --openpgp and various --pgpX emulation options. * new %g (sig key fingerprint) and %p (prim key of sig fingerprint) expands for policy URLs. * new tru(st) record in --list-keys --with-colons. * REVKEYSIG status for --status-fd indicating a valid sig with a revoked key. * Romanian translations. - Drop setlocale patch. - Update README.SuSE. ------------------------------------------------------------------- Thu Nov 27 18:29:53 CET 2003 - garloff@suse.de - Fix format string bug in HKP keyserver module. - Disable possibility to create ElGamal type 20 (sign+encrypt) keys as they are vulnerable to attacks. [#33369] ------------------------------------------------------------------- Sat Jul 19 01:41:49 CEST 2003 - garloff@suse.de - Make -passphrase-fd override use-agent option [#27843] - use : in chown rather than . to separate gid from uid. ------------------------------------------------------------------- Thu Jun 12 14:40:11 CEST 2003 - garloff@suse.de - Package %dir /usr/lib(64)/gnupg - Fix syntax in test [] expressions in check scripts ------------------------------------------------------------------- Wed Jun 4 17:30:21 CEST 2003 - ro@suse.de - fix install_info --delete call and move from preun to postun ------------------------------------------------------------------- Wed Jun 4 15:18:57 CEST 2003 - garloff@suse.de - Update to GnuPG-1.2.2: * Fix for bug #27242: The trust path did not check for the given user-ID but the most trusted one belonging to the same keyID, and consequently failed to display a warning when encrypting to (or verifying a signature from) an untrusted UID. * revuid command in edit-key menu * Compatibility with CryptoEx improved. * read-only support for SHA-256 hash * TIGER192 digest algo disabled (about to be dropped from OpenPGP std) * --enable-progress-filter for frontends ------------------------------------------------------------------- Wed Feb 26 09:52:36 CET 2003 - garloff@suse.de - Report version number 1.2.2-rc1-SuSE - Change defaults to have use-agent enabled - photo-viewer settings: default to kfmclient openURL ------------------------------------------------------------------- Wed Feb 19 18:44:49 CET 2003 - garloff@suse.de - Disable %install_info for older distros. - Install convert-from-106 into /usr/bin/gpg-convert-from-106 ------------------------------------------------------------------- Tue Feb 18 00:50:32 CET 2003 - garloff@suse.de - Update to 1.2.2rc1: * convert-from-106 script to help trustdb conversion * notation names should have @ (need --expert to override) * --trust-model always for forward(!) compatibility * Prevent compiler from optimizing away memory wiping code * Skip disabled keys in selection for encryption * Minor trustdb tweaks * New translations: Finnish, Trad. Chinese - Enable external hkp interface (for gpgme/3rd party software) ------------------------------------------------------------------- Thu Feb 6 16:49:46 CET 2003 - ro@suse.de - use macros for install-info ------------------------------------------------------------------- Thu Oct 31 11:26:16 CET 2002 - ro@suse.de - re-enable autoreqprov: all required libs are part of the minimal system ------------------------------------------------------------------- Wed Oct 30 23:40:15 MET 2002 - garloff@suse.de - Avoid dependencies triggered by LDAP module. ------------------------------------------------------------------- Wed Oct 30 22:06:58 MET 2002 - garloff@suse.de - Update README.SuSE - Update to GnuPG-1.2.1: * mark secret keys generated by --export-secret-keys with # (key listing) resp. no capabilites (colon listing) * option --trusted-key is not obsolete any more * bugfixes, e.g. a recursion when reading keys for trust check - Compile with support for LDAP (openldap2) keyservers. ------------------------------------------------------------------- Fri Oct 4 12:17:50 MEST 2002 - garloff@suse.de - Move libexec to _libdir instead of share, because the plugins will also be there. ------------------------------------------------------------------- Fri Sep 27 12:36:29 MEST 2002 - garloff@suse.de - Use install-info in %post and %preun (and add acc. PreReq) - Move /usr/libexec/gnupg/gpg_keys_mailto to /usr/share/gnupg/ (it's a perl script) - Update to GnuPG-1.2.0: http://lists.gnupg.org/pipermail/gnupg-announce/2002q3/000252.html * Better docu (new gnupg(7) manpage, gpgv info file) * options file move to ~/.gnupg/gpg.conf * Modules linked statically (except for deprecated idea plugin) * Restrictions executing other helper programs configurable * group command to work with several keys * --interactive works as expected when importing keys now * Full revocation key support * export option leaving off attribute packets (e.g. photo ID to not confuse keyservers) * Workaround for HKP server subkey mangling bug in --import * --atribute-fd support (photo ID) * ElGamal encrypt AND sign as well as RSA E&S only available in expert mode key generation * MDC use increased * preferred hash algos of a key are respected * --pgp7 option sets all parameters for maximum PGP7 compat * Permission/Ownership checks of keyrings clarified * LDAP v1 keyserver support * v3 keys can be self-signed with v4 signatures (for prefs) * Default character set taken from current locale ------------------------------------------------------------------- Fri Jul 26 21:23:51 CEST 2002 - adrian@suse.de - fix neededforbuild ------------------------------------------------------------------- Tue Jun 18 15:42:45 CEST 2002 - meissner@suse.de - powerpc64 is powerpc64, fixed MPI asm links. ------------------------------------------------------------------- Mon May 13 22:03:30 MEST 2002 - garloff@suse.de - Fix german --keyserver-options help text. ------------------------------------------------------------------- Sat May 11 12:08:34 MEST 2002 - garloff@suse.de - Update to gpg-1.0.7: See http://lists.gnupg.org/pipermail/gnupg-announce/2002q2/000251.html * Secret keys are now SHA-1 protected (protection against Rosa/ Klima attacks). --simple-sk-checksum disables this. * Default cipher now CAST5, hash SHA-1. * Symmetric encrypted messages use fixed file size if possible. (Improved compatibility with PGP2,6,7; breaks PGP5.) * Photographic user ID support (external viewer required). * Enhanced keyserver support via plugins (NAI LDAP, HKP email). * Support nonrevocable signatures (be careful!). * Multiple signature classes. * --pgp2,--pgp6 modes for messages to PGP2/6 users. * Signatures can have expiration date as well now. * Designated revocation keys supported (can not yet be generated though). * Permission checks for ~/.gnupg/ directory. * New tool gpgsplit. * Command "primary" in the edit menu to change primary UID. * RSA key generation supported. * Keyring managemanet reworked. * Signature status storage changed. (Use --rebuild-keydb-caches). * Key validation process (trustdb) reworked. See man page entries for --update-trustdb, --check-trustdb and --no-auto-check-trustdb * Read-only keyrings now handled as expected. * Many more ... - Default RSA keysize to 1536 (instead of 1024) - Default Photo ID viewer to kview (instead of xloadimage) ------------------------------------------------------------------- Sat May 11 11:08:50 MEST 2002 - garloff@suse.de - Add two patches for 1.0.6 from Werner Koch (for Woody): * RNG fix (non critical) * compatibility with keyrings produced with 1.0.6b or later ------------------------------------------------------------------- Mon Sep 10 18:08:47 MEST 2001 - garloff@suse.de - Fixed typos in README.SuSE - Fix message telling user about allowed keysizes for the DSA case (bug #9295). ------------------------------------------------------------------- Thu May 31 16:36:08 MEST 2001 - draht@suse.de - update to 1.0.6 to fix the do_get format string error ru locale is gone. ------------------------------------------------------------------- Fri May 18 15:06:04 MEST 2001 - garloff@suse.de - Many more problems found and (partially) corrected in the translations (.po files) which could lead to similar trouble. - Disabled ru translations as they are too buggy for me to fix. ------------------------------------------------------------------- Wed May 16 19:46:37 MEST 2001 - garloff@suse.de - Fix bug in tr locale triggered by gpg -v (bugzilla #8457) ------------------------------------------------------------------- Tue May 8 15:51:47 CEST 2001 - garloff@suse.de - Put (commented out) encrypt-to option in options skeleton to help users finding a way to read their encrypted mail ... ------------------------------------------------------------------- Sun Apr 29 23:47:52 MEST 2001 - garloff@suse.de - Update to 1.0.5: * Bugfixes and translations in addition to 1.0.4h changes. ------------------------------------------------------------------- Fri Apr 20 15:27:32 MEST 2001 - garloff@suse.de - Update to gnupg-1.0.4h: * gpg could segfault on --check-sigs in fixup_uidnode, if either uid of sig are 0. ------------------------------------------------------------------- Thu Apr 12 19:14:36 MEST 2001 - garloff@suse.de - Update to 1.0.4g: * includes the security patches (secret key import, detached signature checking) * More bugfixes * time.h fixes already included * Warn user if signing with invalid signature (which prevents the attack by altering the secret key) ------------------------------------------------------------------- Wed Feb 7 15:40:26 CET 2001 - pthomas@suse.de - If system supports LC_MESSAGES, set LC_CTYPE along with LC_MESSAGES. Required for correct i18n support in glibc2.2. - Include time.h where necessary. ------------------------------------------------------------------- Fri Dec 15 13:34:45 CET 2000 - garloff@suse.de - Include patch to require --allow-secret-key-import. Secret keys are no longer silently imported. ------------------------------------------------------------------- Wed Dec 6 00:06:06 PST 2000 - bk@suse.de - add /usr/lib/gnupg and /usr/share/gnupg to %files(obsoletes /*'s) - doc: %doc %{_docdir}/gpg adds %{_docdir}/gpg to %files, marks everything below it as documentation(obsoletes other %doc macros) ------------------------------------------------------------------- Fri Dec 1 11:12:13 MET 2000 - garloff@suse.de - Added gnupg-1.0.4.security-patch1.diff from GnuPG site: When checking detached signatures, gnupg could have been make believe that the sig file contains the text to be checked, so the real text would not have been checked :-( ------------------------------------------------------------------- Tue Oct 24 10:48:18 MEST 2000 - garloff@suse.de - Put it as updates on ftp servers. ------------------------------------------------------------------- Mon Oct 23 20:43:22 MEST 2000 - garloff@suse.de - Update to GnuPG-1.0.4: * GnuPG <= 1.0.3 did incorrectly report messages with multiple signatures to be correct, even if some sigs are not. Fixed. * Rijndael support. * gpgv binary to just check signatures. ------------------------------------------------------------------- Tue Sep 19 11:45:02 MEST 2000 - garloff@suse.de - Update to GnuPG-1.0.3: Bugfixes: * --trusted-key option * expiration time of primary key can be changed again * display Revoked with --list-key (if appropriate) New features: * --merge-only, --try-all-secrets * Twofish and MDC support * faq.html and last but not least: * RSA support ------------------------------------------------------------------- Wed Aug 9 12:12:25 CEST 2000 - garloff@suse.de - Update to 1.0.2 (Finally get rid of the devel version) - Updated README. ------------------------------------------------------------------- Sat Jun 17 14:45:19 CEST 2000 - garloff@suse.de - Added tcl & expect to neededforbuild (needed for the checks) ------------------------------------------------------------------- Wed May 24 12:30:48 CEST 2000 - garloff@suse.de - Disable DEVELOPMENT VERSION warning ------------------------------------------------------------------- Fri May 19 17:51:01 CEST 2000 - garloff@suse.de - Added BuildRoot. ------------------------------------------------------------------- Fri May 19 14:48:40 CEST 2000 - garloff@suse.de - Fixed usage of %{_docdir} ------------------------------------------------------------------- Fri May 19 12:36:37 CEST 2000 - garloff@suse.de - Update to 1.01e-SuSE. - Moved docs to %{_docdir}. ------------------------------------------------------------------- Sat Mar 4 17:05:56 CET 2000 - garloff@suse.de - Fixed typo in german translation. - Version renamed to 1.0.1c-SuSE. ------------------------------------------------------------------- Sun Feb 27 23:43:25 CET 2000 - garloff@suse.de - Fixed perms of README.SuSE 755->644. ------------------------------------------------------------------- Tue Feb 22 20:07:53 CET 2000 - garloff@suse.de - Updated to 1.0.1c (test version) after a discussion with WK. Last workaround obsoleted by that. ------------------------------------------------------------------- Mon Feb 21 21:07:18 CET 2000 - garloff@suse.de - Turned a fatal error (gpg: 231: read expected rec type 3, got 6) into a warning. ------------------------------------------------------------------- Sat Feb 5 19:23:18 CET 2000 - garloff@suse.de - Moved manpages to /usr/share/man. ------------------------------------------------------------------- Wed Jan 5 16:26:15 CET 2000 - garloff@suse.de - Upgrade to version 1.0.1. ------------------------------------------------------------------- Wed Oct 13 20:34:49 CEST 1999 - garloff@suse.de - Back to 1.0.0. Developers obviously don't want us to use devel versions. ------------------------------------------------------------------- Wed Oct 13 19:47:08 CEST 1999 - garloff@suse.de - Upgrade to 1.0.0e. Fixed typos in README.SuSE. ------------------------------------------------------------------- Fri Sep 24 13:04:38 CEST 1999 - garloff@suse.de - Fixed filelist. ------------------------------------------------------------------- Wed Sep 22 23:27:06 CEST 1999 - garloff@suse.de - Upgraded to version 1.0.0. Updated source locations. Added README.SuSE. ------------------------------------------------------------------- Mon Sep 13 17:23:57 CEST 1999 - bs@suse.de - ran old prepare_spec on spec file to switch to new prepare_spec. ------------------------------------------------------------------- Mon Aug 23 20:51:49 CEST 1999 - garloff@suse.de - Initial check in of gpg-0.9.10 and pgpgpg-0.13
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
