diffstat for gnupg-1.4.16 gnupg-1.4.16 changelog | 519 +++++++++++++++++++++++++++++++++++++++ control | 26 - gpgv-win32.dirs | 1 gpgv-win32.install | 1 patches/disable_mlock_test.patch | 22 + patches/init_trustdb.patch | 21 + patches/series | 3 patches/use_agent_default.patch | 25 + rules | 18 - 9 files changed, 607 insertions(+), 29 deletions(-) diff -Nru gnupg-1.4.16/debian/changelog gnupg-1.4.16/debian/changelog --- gnupg-1.4.16/debian/changelog 2014-01-07 10:23:50.000000000 +0000 +++ gnupg-1.4.16/debian/changelog 2014-03-06 15:53:50.000000000 +0000 @@ -1,3 +1,23 @@ +gnupg (1.4.16-1ubuntu2) trusty; urgency=medium + + * Add patch init_trustdb.patch (Closes: #737128) + + -- Brian Murray Thu, 06 Mar 2014 07:53:11 -0800 + +gnupg (1.4.16-1ubuntu1) trusty; urgency=medium + + * Resynchronise with Debian. Remaining changes: + - Disable mlock() test since it fails with ulimit 0 (on buildds). + - Set gpg (or gpg2) and gpgsm to use a passphrase agent by default. + - Only suggest gnupg-curl and libldap; recommendations are pulled into + minimal, and we don't need the keyserver utilities in a minimal Ubuntu + system. + - Remove the Win32 build. + - Build using dh-autoreconf + - Disable inline assembler for ppc64el. + + -- Marc Deslauriers Tue, 28 Jan 2014 13:05:47 -0500 + gnupg (1.4.16-1) unstable; urgency=medium * New upstream release. @@ -15,6 +35,22 @@ -- Thijs Kinkhorst Fri, 20 Dec 2013 15:41:30 +0100 +gnupg (1.4.15-2ubuntu1) trusty; urgency=low + + * Resynchronise with Debian. Remaining changes: + - Disable mlock() test since it fails with ulimit 0 (on buildds). + - Set gpg (or gpg2) and gpgsm to use a passphrase agent by default. + - Only suggest gnupg-curl and libldap; recommendations are pulled into + minimal, and we don't need the keyserver utilities in a minimal Ubuntu + system. + - Remove the Win32 build. + - Build using dh-autoreconf + - Disable inline assembler for ppc64el. + * Moved CVE-2013-4576 patch to the right directory, and added to series + file so it actually gets applied. + + -- Marc Deslauriers Fri, 20 Dec 2013 08:17:09 -0500 + gnupg (1.4.15-2) unstable; urgency=high * Fixed the RSA Key Extraction via Low-Bandwidth Acoustic @@ -26,6 +62,28 @@ -- Thijs Kinkhorst Thu, 12 Dec 2013 20:34:27 +0100 +gnupg (1.4.15-1.1ubuntu2) trusty; urgency=medium + + * Build using dh-autoreconf + * Disable inline assembler for ppc64el. + + -- Matthias Klose Sun, 15 Dec 2013 10:39:38 +0100 + +gnupg (1.4.15-1.1ubuntu1) trusty; urgency=low + + * Resynchronise with Debian. Remaining changes: + - Disable mlock() test since it fails with ulimit 0 (on buildds). + - Set gpg (or gpg2) and gpgsm to use a passphrase agent by default. + - Only suggest gnupg-curl and libldap; recommendations are pulled into + minimal, and we don't need the keyserver utilities in a minimal Ubuntu + system. + - Remove the Win32 build. + * Dropped upstreamed patches: + - debian/patches/CVE-2013-4351.patch + - debian/patches/CVE-2013-4402.patch + + -- Marc Deslauriers Wed, 30 Oct 2013 15:30:58 -0700 + gnupg (1.4.15-1.1) unstable; urgency=high * Non-maintainer upload, by request of Thijs Kinkhorst. @@ -44,6 +102,31 @@ -- Thijs Kinkhorst Mon, 07 Oct 2013 20:05:43 +0200 +gnupg (1.4.14-1ubuntu2) saucy; urgency=low + + * SECURITY UPDATE: incorrect no-usage-permitted flag handling + - debian/patches/CVE-2013-4351.patch: correctly handle empty key flags + in g10/getkey.c, g10/keygen.c, include/cipher.h. + - CVE-2013-4351 + * SECURITY UPDATE: denial of service via infinite recursion + - debian/patches/CVE-2013-4402.patch: set limits on number of filters + and nested packets in util/iobuf.c, g10/mainproc.c. + - CVE-2013-4402 + + -- Marc Deslauriers Tue, 08 Oct 2013 07:40:27 -0400 + +gnupg (1.4.14-1ubuntu1) saucy; urgency=low + + * Resynchronise with Debian. Remaining changes: + - Disable mlock() test since it fails with ulimit 0 (on buildds). + - Set gpg (or gpg2) and gpgsm to use a passphrase agent by default. + - Only suggest gnupg-curl and libldap; recommendations are pulled into + minimal, and we don't need the keyserver utilities in a minimal Ubuntu + system. + - Remove the Win32 build. + + -- Colin Watson Fri, 02 Aug 2013 11:27:51 +0100 + gnupg (1.4.14-1) unstable; urgency=low * New upstream release (closes: #717845). @@ -57,6 +140,19 @@ -- Thijs Kinkhorst Thu, 25 Jul 2013 21:50:32 +0200 +gnupg (1.4.12-7ubuntu1) raring; urgency=low + + * Resynchronise with Debian. Remaining changes: + - Disable mlock() test since it fails with ulimit 0 (on buildds). + - Set gpg (or gpg2) and gpgsm to use a passphrase agent by default. + - Only suggest gnupg-curl and libldap; recommendations are pulled into + minimal, and we don't need the keyserver utilities in a minimal Ubuntu + system. + - Remove the Win32 build. + - Update config.guess/config.sub for aarch64. + + -- Colin Watson Tue, 08 Jan 2013 10:47:07 +0000 + gnupg (1.4.12-7) unstable; urgency=high * Apply upstream patch to fix memory and key database corruption @@ -64,6 +160,23 @@ -- Thijs Kinkhorst Wed, 02 Jan 2013 19:48:36 +0100 +gnupg (1.4.12-6ubuntu1) raring; urgency=low + + * Resynchronise with Debian. Remaining changes: + - Disable mlock() test since it fails with ulimit 0 (on buildds). + - Set gpg (or gpg2) and gpgsm to use a passphrase agent by default. + - Only suggest gnupg-curl and libldap; recommendations are pulled into + minimal, and we don't need the keyserver utilities in a minimal Ubuntu + system. + - Remove the Win32 build. + - Update config.guess/config.sub for aarch64. + * Dropped patches: + - Fix udeb build failure on powerpc, building with -O2 instead of -Os. + (No longer seems to be necessary.) + * Simplify removal of Win32 build, to make this easier to merge in future. + + -- Colin Watson Tue, 04 Dec 2012 22:26:16 +0000 + gnupg (1.4.12-6) unstable; urgency=low * debian/patches/685627_french_translation_update.patch: Adjusted. @@ -125,6 +238,40 @@ -- Thijs Kinkhorst Mon, 20 Feb 2012 21:53:58 +0100 +gnupg (1.4.11-3ubuntu4) quantal; urgency=low + + * Update config.guess,sub for aarch64 + + -- Wookey Mon, 01 Oct 2012 12:56:41 +0100 + +gnupg (1.4.11-3ubuntu3) quantal-proposed; urgency=low + + * debian/patches/long-keyids.dpatch: Use the longest key ID available + when requesting a key from a key server. + + -- Marc Deslauriers Tue, 24 Jul 2012 10:28:39 -0400 + +gnupg (1.4.11-3ubuntu2) precise; urgency=low + + * Mark gnupg, gnupg-curl, and gpgv Multi-Arch: foreign. + + -- Colin Watson Mon, 21 Nov 2011 13:42:07 +0000 + +gnupg (1.4.11-3ubuntu1) natty; urgency=low + + * Resynchronise with Debian (LP: #720905). Remaining changes: + - Disable mlock() test since it fails with ulimit 0 (on buildds). + - Set gpg (or gpg2) and gpgsm to use a passphrase agent by default. + - Fix udeb build failure on powerpc, building with -O2 instead of -Os. + - Only suggest gnupg-curl and libldap; recommendations are pulled into + minimal, and we don't need the keyserver utilities in a minimal Ubuntu + system. + * debian/{control,rules}: Remove the Win32 build (and mingw32 + build-dependency), since mingw32 is in universe, and will remain so for + the forseeable future. + + -- Rico Tzschichholz Tue, 22 Feb 2011 11:00:25 +0100 + gnupg (1.4.11-3) unstable; urgency=low * Install gpg setuid root again on kFreeBSD. We dropped this @@ -167,6 +314,24 @@ -- Thijs Kinkhorst Tue, 26 Oct 2010 20:14:12 +0200 +gnupg (1.4.10-4ubuntu2) natty; urgency=low + + * No-change rebuild to drop upstream changelog. + + -- Martin Pitt Fri, 03 Dec 2010 08:31:25 +0100 + +gnupg (1.4.10-4ubuntu1) natty; urgency=low + + * Resynchronise with Debian. Remaining changes: + - Disable mlock() test since it fails with ulimit 0 (on buildds). + - Set gpg (or gpg2) and gpgsm to use a passphrase agent by default. + - Fix udeb build failure on powerpc, building with -O2 instead of -Os. + - Only suggest gnupg-curl and libldap; recommendations are pulled into + minimal, and we don't need the keyserver utilities in a minimal Ubuntu + system. + + -- Colin Watson Wed, 13 Oct 2010 11:48:06 +0100 + gnupg (1.4.10-4) unstable; urgency=high * debian/patches/mips_gcc4.4: added to fix build failure on @@ -210,6 +375,25 @@ -- Thijs Kinkhorst Mon, 22 Mar 2010 20:12:42 +0100 +gnupg (1.4.10-2ubuntu2) maverick; urgency=low + + * Only suggest gnupg-curl and libldap; recommendations are pulled into + minimal, and we don't need the keyserver utilities in a minimal Ubuntu + system. + + -- Colin Watson Mon, 14 Jun 2010 14:40:00 +0100 + +gnupg (1.4.10-2ubuntu1) lucid; urgency=low + + * Merge from Debian testing (lp: #503064, #477818). Remaining changes: + - Add 'debian/patches/50_disable_mlock_test.dpatch': Disable mlock() test + since it fails with ulimit 0 (on buildds). + - Add 'debian/patches/61_use_agent_default.dpatch': Patch to set gpg + (or gpg2) and gpgsm to use a passphrase agent by default (lp: 15485) + - Fix udeb build failure on powerpc, building with -O2 instead of -Os. + + -- Michael Bienia Mon, 04 Jan 2010 20:06:01 +0100 + gnupg (1.4.10-2) unstable; urgency=low [ Thijs Kinkhorst ] @@ -314,6 +498,64 @@ -- Thijs Kinkhorst Sat, 15 Aug 2009 18:43:03 +0200 +gnupg (1.4.9-4ubuntu7) karmic; urgency=low + + * Fix udeb build failure on powerpc, building with -O2 instead of -Os. + + -- Matthias Klose Sun, 27 Sep 2009 13:49:46 +0200 + +gnupg (1.4.9-4ubuntu6) karmic; urgency=low + + * Build-depend on libreadline-dev instead of libreadline5-dev. + + -- Matthias Klose Sat, 19 Sep 2009 22:52:53 +0200 + +gnupg (1.4.9-4ubuntu5) karmic; urgency=low + + * debian/gnupg.udev: + Add udev rules to set ACLs on SCM smartcard readers. They replace the hal + rules for the same purpose. (LP: #57755) + * debian/rules: + Call dh_installudev. + + -- Michael Bienia Fri, 03 Jul 2009 15:38:40 +0200 + +gnupg (1.4.9-4ubuntu4) karmic; urgency=low + + * Undo the last change. A GnuPG bug with handling multiple keyservers + makes this break + + -- Mackenzie Morgan Sat, 20 Jun 2009 18:04:47 -0400 + +gnupg (1.4.9-4ubuntu3) karmic; urgency=low + + * deian/patches/100_ubuntu_default_keyserver.dpatch: (LP: #380093) + - Add keyserver.ubuntu.com as a default keyserver in g10/options.skel + + -- Mackenzie Morgan Mon, 25 May 2009 13:10:51 -0400 + +gnupg (1.4.9-4ubuntu2) karmic; urgency=low + + * debian/rules: add --enable-noexecstack to configure to avoid needless + executable stacks on i386 (LP: #49323, debian bug 527630). + * debian/rules: fix "nocheck" logic to run tests (debian bug 521884). + + -- Kees Cook Fri, 08 May 2009 09:12:18 -0700 + +gnupg (1.4.9-4ubuntu1) karmic; urgency=low + + * Merge from debian unstable, remaining changes: + - Add 'debian/patches/50_disable_mlock_test.dpatch': Disable mlock() test + since it fails with ulimit 0 (on buildds). + - Add 'debian/patches/61_use_agent_default.dpatch': Patch to set gpg + (or gpg2) and gpgsm to use a passphrase agent by default (lp: 15485) + - Add libcurl4-gnutls-dev to Build-Depends to fix gpg running into a + timeout updating the keyring (lp: 62864) + - Add 'debian/patches/55_curl_typefix.dpatch': Fix a build error with recent + curl and gcc 4.3 + + -- Nicolas Valcárcel Scerpella Tue, 05 May 2009 16:02:14 -0500 + gnupg (1.4.9-4) unstable; urgency=low [ Daniel Leidert (dale) ] @@ -340,6 +582,24 @@ -- Thijs Kinkhorst Mon, 16 Feb 2009 18:35:15 +0100 +gnupg (1.4.9-3ubuntu1) intrepid; urgency=low + + * Merge from debian unstable (lp: #225005), remaining changes: + - Add 'debian/patches/50_disable_mlock_test.dpatch': Disable mlock() test + since it fails with ulimit 0 (on buildds). + - Add 'debian/patches/61_use_agent_default.dpatch': Patch to set gpg + (or gpg2) and gpgsm to use a passphrase agent by default (lp: 15485) + - Add libcurl4-gnutls-dev to Build-Depends to fix gpg running into a + timeout updating the keyring (lp: 62864) + * Dropped Ubuntu patches, applied upstream: + - 50_show_primary_only.dpatch + - 60_install_options_skel.dpatch + * Add 'debian/patches/55_curl_typefix.dpatch': Fix a build error with recent + curl and gcc 4.3 (lp: #247679). Patch taken from upstream: + http://lists.gnupg.org/pipermail/gnupg-devel/2008-April/024344.html + + -- Michael Bienia Mon, 21 Jul 2008 02:02:14 +0200 + gnupg (1.4.9-3) unstable; urgency=low * Add Package-Type: udeb to μdebs. @@ -432,6 +692,56 @@ -- Bastian Blank Sat, 23 Feb 2008 19:59:18 +0100 +gnupg (1.4.6-2ubuntu5) hardy; urgency=low + + * No-change rebuild against libldap-2.4-2. + + -- Steve Langasek Wed, 23 Jan 2008 10:49:38 +0000 + +gnupg (1.4.6-2ubuntu4) gutsy; urgency=low + + * debian/patches/70_trust_error.dpatch: Removed as it broke setting the + trust level to 1 (LP: #147343). + + -- Michael Bienia Mon, 01 Oct 2007 21:52:52 +0200 + +gnupg (1.4.6-2ubuntu3) gutsy; urgency=low + + [ Scott Kitterman ] + * Add 'debian/patches/60_install_options_skel.dpatch': Patch to + install options file from upstream (LP: #76983) + * Add 'debian/patches/61_use_agent_default.dpatch': Patch to set gpg + (or gpg2) and gpgsm to use a passphrase agent by default (LP: #15485) + * Add 'debian/patches/70_trust_error.dpatch': Patch to disallow illegal + zero response for trust level changes (LP: #39459) + + [ Michael Bienia ] + * Add libcurl4-gnutls-dev to Build-Depends to fix gpg running into a timeout + updating the keyring (LP: #62864) + + -- Michael Bienia Fri, 06 Jul 2007 20:56:05 +0200 + +gnupg (1.4.6-2ubuntu2) gutsy; urgency=low + + * Add 'debian/patches/50_show_primary_only.dpatch': add + 'show-primary-uid-only' to verify options, to suppress 'aka' output + in key verifications, backported from 1.4.7 upstream. + + -- Kees Cook Tue, 15 May 2007 12:09:41 -0700 + +gnupg (1.4.6-2ubuntu1) gutsy; urgency=low + + * Merge from debian unstable, remaining changes: + - config.h.in: Disable mlock() test since it fails with ulimit 0 (on + buildds). + - debian/rules: + + Do not install gpg as suid root, since that is not necessary with + kernels 2.6.8+. + + Make the build fail if the test suite fails. + - debian/control: Maintainer field update. + + -- Kees Cook Tue, 08 May 2007 02:21:26 -0700 + gnupg (1.4.6-2) unstable; urgency=medium * 28_multiple_message.dpatch: new patch from upstream to fix problems @@ -440,6 +750,28 @@ -- James Troup Wed, 7 Mar 2007 21:47:35 +0000 +gnupg (1.4.6-1ubuntu2) feisty; urgency=low + + * SECURITY UPDATE: without --status-fd, forged inline sigs can appear valid. + * debian/patches/50_stop_multiple_messages.dpatch: upstream patch. + * References + ftp://ftp.gnupg.org/gcrypt/gnupg/patches/gnupg-1.4.6-multiple-message.patch + CVE-2007-1263 + + -- Kees Cook Wed, 7 Mar 2007 11:53:20 -0800 + +gnupg (1.4.6-1ubuntu1) feisty; urgency=low + + * Merge from debian unstable, remaining changes: + - config.h.in: Disable mlock() test since it fails with ulimit 0 (on + buildds). + - debian/rules: + + Do not install gpg as suid root, since that is not necessary with + kernels 2.6.8+. + + Make the build fail if the test suite fails. + + -- Kees Cook Tue, 12 Dec 2006 15:56:56 -0800 + gnupg (1.4.6-1) unstable; urgency=high * New upstream release. @@ -458,6 +790,29 @@ -- James Troup Thu, 7 Dec 2006 02:54:51 +0000 +gnupg (1.4.5-3ubuntu2) feisty; urgency=low + + * SECURITY UPDATE: unwound stack data use, leading to arbitrary code + execution. + * Add debian/patches/29_dxf_context_stack.dpatch: upstream patch, use heap + for allocation instead. + * References + CVE-2006-6235 + + -- Kees Cook Wed, 6 Dec 2006 11:46:44 -0800 + +gnupg (1.4.5-3ubuntu1) feisty; urgency=low + + * Merge to Debian unstable. Remaining Ubuntu changes: + - config.h.in: Disable mlock() test since it fails with ulimit 0 (on + buildds). + - debian/rules: + + Do not install gpg as suid root, since that is not necessary with + kernels 2.6.8+. + + Make the build fail if the test suite fails. + + -- Martin Pitt Tue, 28 Nov 2006 19:06:47 +0100 + gnupg (1.4.5-3) unstable; urgency=high * 27_filename_overflow.dpatch: new patch from upstream to fix buffer @@ -465,6 +820,18 @@ -- James Troup Mon, 27 Nov 2006 21:23:37 +0000 +gnupg (1.4.5-2ubuntu1) feisty; urgency=low + + * Merge to Debian unstable. Remaining Ubuntu changes: + - config.h.in: Disable mlock() test since it fails with ulimit 0 (on + buildds). + - debian/rules: + + Do not install gpg as suid root, since that is not necessary with + kernels 2.6.8+. + + Make the build fail if the test suite fails. + + -- Martin Pitt Fri, 3 Nov 2006 09:18:26 +0100 + gnupg (1.4.5-2) unstable; urgency=low * debian/control: add gpgv package. Make gnupg package depend on it. @@ -488,6 +855,42 @@ -- James Troup Tue, 1 Aug 2006 22:50:09 +0100 +gnupg (1.4.3-2ubuntu3) edgy; urgency=low + + * SECURITY UPDATE: Local arbitrary code execution. + * Add debian/patches/27_comment_control_overflow.dpatch: + - Fix buffer overflows in parse_comment() and parse_gpg_control(). + - Patch extracted from stable 1.4.5 release. + - Reproducer: + perl -e 'print "\xfd\xff\xff\xff\xff\xfe"'| gpg --no-armor + - Credit: Evgeny Legerov + - CVE-2006-3746 + + -- Martin Pitt Thu, 3 Aug 2006 08:11:46 +0200 + +gnupg (1.4.3-2ubuntu2) edgy; urgency=low + + * Rebuild with current zlib1g-dev to fix udeb shlibdeps. Thanks to Evan + Dandrea for noticing. + + -- Colin Watson Mon, 31 Jul 2006 11:21:55 +0100 + +gnupg (1.4.3-2ubuntu1) edgy; urgency=low + + * Sync with Debian: + Remaining Ubuntu changes: + + config.h.in: Disable mlock() test since it fails with ulimit 0 (on + buildds). + + debian/patches/20_no_tty_fix.dpatch: + - dropped, upstream now + + debian/rules: + - don't use the included gettext + - Don't install gpg as suid root, since that is not necessary with + kernels 2.6.8+ + - Make the build fail if the test suite fails + + -- Sebastian Dröge Wed, 28 Jun 2006 21:11:14 +0200 + gnupg (1.4.3-2) unstable; urgency=low * 26_user_id_overflow.dpatch: new patch pulled from upstream SVN to fix @@ -553,6 +956,32 @@ -- James Troup Wed, 5 Apr 2006 02:45:56 +0100 +gnupg (1.4.2.2-1ubuntu2) dapper; urgency=low + + * debian/rules: + - Remove --with-included-gettext configure option; use libc's gettext to + get language pack support. Closes: LP#25609 + - rm'ing locale.alias is not necessary with this change, so change it to + rm -f to not break the build. + + -- Martin Pitt Mon, 3 Apr 2006 18:21:19 +0200 + +gnupg (1.4.2.2-1ubuntu1) dapper; urgency=low + + * Resynchronize with Debian, UVF exception approved by Matt. 1.4.2.2 only + contains a security fix, updated test cases, and updated translations. + * For reference and to ease future merges, these are the remaining Ubuntu + changes: + - debian/rules: Make the build fail if the test suite fails. + - debian/changelog: Add missing CVE number. + - Don't install gpg as suid root, since that is not necessary with kernels + 2.6.8+. + - config.h.in: Disable mlock() test since it fails with ulimit 0 (on + buildds). + - debian/patches/20_no_tty_fix.dpatch: Malone #5570 + + -- Martin Pitt Mon, 13 Mar 2006 12:42:00 +0100 + gnupg (1.4.2.2-1) unstable; urgency=low * New upstream release. @@ -561,6 +990,41 @@ -- James Troup Fri, 10 Mar 2006 04:27:12 +0000 +gnupg (1.4.2.1-0ubuntu1) dapper; urgency=low + + * New upstream security bugfix release, only contains the following changes: + - Security fix for a verification weakness in gpgv. Some input + could lead to gpgv exiting with 0 even if the detached signature + file did not carry any signature. This is not as fatal as it + might seem because the suggestion as always been not to rely on + th exit code but to parse the --status-fd messages. However it + is likely that gpgv is used in that simplified way and thus we + do this release. Same problem with "gpg --verify" but nobody + should have used this for signature verification without + checking the status codes anyway. [CVE-2006-0455] + - Added a test case for above vulnerability. + * debian/rules: Call the test suite during build. (Will fail the build + if the test suite fails.) + + -- Martin Pitt Fri, 17 Feb 2006 11:18:27 +0100 + +gnupg (1.4.2-2ubuntu2) dapper; urgency=low + + * Add 20_no_tty_fix.dpatch: + - Do not open /dev/tty if --no-tty is specified, since this breaks + programs like seahorse. + - Patch also accepted upstream. + - Thanks to Ryan Lortie for the patch. + - Malone #5570 + + -- Martin Pitt Fri, 16 Dec 2005 16:57:39 +0100 + +gnupg (1.4.2-2ubuntu1) dapper; urgency=low + + * Resynchronise with Debian. + + -- Martin Pitt Thu, 10 Nov 2005 16:13:10 -0500 + gnupg (1.4.2-2) unstable; urgency=low * 22_zero_length_mpi_fix.dpatch: new patch; pull in upstream patch to @@ -580,6 +1044,20 @@ -- James Troup Sat, 24 Sep 2005 03:31:37 +0100 +gnupg (1.4.1-1ubuntu2) dapper; urgency=low + + * debian/rules: Stop calling pkgstriptranslations, we now get it + for free with the new and improved dpkg-deb diversion hack. + + -- Adam Conrad Wed, 26 Oct 2005 10:42:17 +1000 + +gnupg (1.4.1-1ubuntu1) breezy; urgency=low + + * Resynchronise with Debian, fixing changelog ordering. + * Added CAN number to previous changelog entry. + + -- Martin Pitt Fri, 10 Jun 2005 10:36:38 +0200 + gnupg (1.4.1-1) unstable; urgency=low * New upstream release. Closes: #307203 @@ -593,6 +1071,12 @@ -- James Troup Mon, 9 May 2005 23:41:50 +0100 +gnupg (1.4.0-3ubuntu1) breezy; urgency=low + + * Merge Debian changes (#9358). + + -- Martin Pitt Fri, 15 Apr 2005 09:35:41 +0200 + gnupg (1.4.0-3) unstable; urgency=low * debian/rules (binary-arch): move Russian manpage to correct (FHS) @@ -653,6 +1137,41 @@ -- Colin Watson Fri, 24 Dec 2004 13:42:23 +0000 +gnupg (1.2.5-3ubuntu5) hoary; urgency=low + + * debian/rules: Call pkgstriptranslations if present (the package does not + use debhelper, thus it does not happen automatically). + + -- Martin Pitt Fri, 18 Mar 2005 13:04:50 +0000 + +gnupg (1.2.5-3ubuntu4) hoary; urgency=low + + * debian/control, debian/rules: Build gpgv-udeb, containing just + /usr/bin/gpgv built without bzip2 support and with -Os, for use in the + installer. + + -- Colin Watson Wed, 12 Jan 2005 14:52:51 +0000 + +gnupg (1.2.5-3ubuntu3) hoary; urgency=low + + * Disable HAVE_BROKEN_MLOCK, since the test fails if ulimit -l 0. + + -- LaMont Jones Tue, 30 Nov 2004 22:35:20 -0700 + +gnupg (1.2.5-3ubuntu2) hoary; urgency=low + + * No-change upload to get mlock test correct. + + -- LaMont Jones Tue, 30 Nov 2004 21:25:26 -0700 + +gnupg (1.2.5-3ubuntu1) hoary; urgency=low + + * Resynced to Debian; automatic sync result was a mess, redid from scratch. + * Do not install gnupg as suid root since the Ubuntu kernel now supports + calling mlock() as user. + + -- Martin Pitt Thu, 11 Nov 2004 11:08:42 +0100 + gnupg (1.2.5-3) unstable; urgency=low * debian/rules (build): drop --with-capabilites for now. diff -Nru gnupg-1.4.16/debian/control gnupg-1.4.16/debian/control --- gnupg-1.4.16/debian/control 2013-12-12 20:24:06.000000000 +0000 +++ gnupg-1.4.16/debian/control 2014-01-28 18:05:18.000000000 +0000 @@ -1,16 +1,17 @@ Source: gnupg Section: utils Priority: important -Maintainer: Debian GnuPG-Maintainers +Maintainer: Ubuntu Developers +XSBC-Original-Maintainer: Debian GnuPG-Maintainers Uploaders: Sune Vuorela , Daniel Leidert , Thijs Kinkhorst Standards-Version: 3.9.5 Build-Depends: debhelper (>> 7), libz-dev, libldap2-dev, libbz2-dev, + dh-autoreconf, libusb-dev [!hurd-i386], libreadline-dev, file, gettext, libcurl4-gnutls-dev -Build-Depends-Indep: mingw-w64 Homepage: http://www.gnupg.org Vcs-Browser: http://anonscm.debian.org/viewvc/pkg-gnupg/gnupg/ Vcs-Svn: svn://anonscm.debian.org/pkg-gnupg/gnupg/trunk/ @@ -19,8 +20,7 @@ Architecture: any Multi-Arch: foreign Depends: ${shlibs:Depends}, ${misc:Depends}, gpgv -Recommends: ${shlibs:Recommends}, gnupg-curl -Suggests: gnupg-doc, xloadimage | imagemagick | eog, libpcsclite1 +Suggests: ${shlibs:Suggests}, gnupg-curl, gnupg-doc, xloadimage | imagemagick | eog, libpcsclite1 Description: GNU privacy guard - a free PGP replacement GnuPG is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. @@ -40,7 +40,7 @@ Priority: optional Architecture: any Multi-Arch: foreign -Depends: ${shlibs:Depends}, ${shlibs:Recommends}, ${misc:Depends}, gnupg +Depends: ${shlibs:Depends}, ${shlibs:Suggests}, ${misc:Depends}, gnupg Description: GNU privacy guard - a free PGP replacement (cURL) GnuPG is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. @@ -92,19 +92,3 @@ . This is GnuPG's signature verification tool, gpgv, packaged in minimal form for use in debian-installer. - -Package: gpgv-win32 -Architecture: all -Priority: extra -Depends: ${misc:Depends} -Suggests: wine -Description: GNU privacy guard - signature verification tool (win32 build) - GnuPG is GNU's tool for secure communication and data storage. - . - gpgv is a stripped-down version of gnupg which is only able to check - signatures. It is smaller than the full-blown gnupg and uses a - different (and simpler) way to check that the public keys used to - make the signature are trustworthy. - . - This is a win32 version of gpgv. It's meant to be used by the win32-loader - component of Debian-Installer. diff -Nru gnupg-1.4.16/debian/gpgv-win32.dirs gnupg-1.4.16/debian/gpgv-win32.dirs --- gnupg-1.4.16/debian/gpgv-win32.dirs 2013-07-25 19:49:31.000000000 +0000 +++ gnupg-1.4.16/debian/gpgv-win32.dirs 2014-01-28 18:05:18.000000000 +0000 @@ -1 +0,0 @@ -usr/share/win32 diff -Nru gnupg-1.4.16/debian/gpgv-win32.install gnupg-1.4.16/debian/gpgv-win32.install --- gnupg-1.4.16/debian/gpgv-win32.install 2013-07-25 19:49:31.000000000 +0000 +++ gnupg-1.4.16/debian/gpgv-win32.install 2014-01-28 18:05:18.000000000 +0000 @@ -1 +0,0 @@ -build-win32/g10/gpgv.exe usr/share/win32/ diff -Nru gnupg-1.4.16/debian/patches/disable_mlock_test.patch gnupg-1.4.16/debian/patches/disable_mlock_test.patch --- gnupg-1.4.16/debian/patches/disable_mlock_test.patch 1970-01-01 00:00:00.000000000 +0000 +++ gnupg-1.4.16/debian/patches/disable_mlock_test.patch 2014-01-28 18:05:18.000000000 +0000 @@ -0,0 +1,22 @@ +Description: Disable mlock() test since it fails with ulimit 0 + This happens on Ubuntu buildds. +Author: Michael Bienia +Forwarded: no +Last-Update: 2012-12-04 + +Index: b/config.h.in +=================================================================== +--- a/config.h.in ++++ b/config.h.in +@@ -82,8 +82,11 @@ + /* Define if `gethrtime(2)' does not work correctly i.e. issues a SIGILL. */ + #undef HAVE_BROKEN_GETHRTIME + ++/* Test doesn't work, since ulimit is sometimes 0... */ ++#if 0 + /* Defined if the mlock() call does not work */ + #undef HAVE_BROKEN_MLOCK ++#endif + + /* Define to 1 if the compiler understands __builtin_expect. */ + #undef HAVE_BUILTIN_EXPECT diff -Nru gnupg-1.4.16/debian/patches/init_trustdb.patch gnupg-1.4.16/debian/patches/init_trustdb.patch --- gnupg-1.4.16/debian/patches/init_trustdb.patch 1970-01-01 00:00:00.000000000 +0000 +++ gnupg-1.4.16/debian/patches/init_trustdb.patch 2014-03-06 16:09:53.000000000 +0000 @@ -0,0 +1,21 @@ +Description: init_trustdb() for import + * g10/trustdb.c (clear_ownertrusts): Init trustdb. + This is actually a hack to fix a bug introduced with commit 2528178. + Debian uses it and thus we should do too. + +Origin: upstream, http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=23191d7851eae2217ecdac6484349849a24fd94a +Bug: https://bugs.g10code.com/gnupg/issue1622 +Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737128 + +Index: gnupg-1.4.16/g10/trustdb.c +=================================================================== +--- gnupg-1.4.16.orig/g10/trustdb.c 2013-12-12 23:28:22.000000000 -0800 ++++ gnupg-1.4.16/g10/trustdb.c 2014-03-06 08:09:50.605164819 -0800 +@@ -927,6 +927,7 @@ + TRUSTREC rec; + int rc; + ++ init_trustdb (); + if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS) + return 0; + diff -Nru gnupg-1.4.16/debian/patches/series gnupg-1.4.16/debian/patches/series --- gnupg-1.4.16/debian/patches/series 2014-01-07 08:40:45.000000000 +0000 +++ gnupg-1.4.16/debian/patches/series 2014-03-06 15:47:29.000000000 +0000 @@ -0,0 +1,3 @@ +disable_mlock_test.patch +use_agent_default.patch +init_trustdb.patch diff -Nru gnupg-1.4.16/debian/patches/use_agent_default.patch gnupg-1.4.16/debian/patches/use_agent_default.patch --- gnupg-1.4.16/debian/patches/use_agent_default.patch 1970-01-01 00:00:00.000000000 +0000 +++ gnupg-1.4.16/debian/patches/use_agent_default.patch 2014-01-28 18:05:18.000000000 +0000 @@ -0,0 +1,25 @@ +Description: Use agent by default +Author: Scott Kitterman +Bug-Ubuntu: https://bugs.launchpad.net/bugs/15485 +Forwarded: no +Last-Update: 2012-12-04 + +Index: b/g10/options.skel +=================================================================== +--- a/g10/options.skel ++++ b/g10/options.skel +@@ -199,8 +199,12 @@ + # at ftp.gnupg.org/gcrypt/alpha/aegypten/). To make use of the agent, + # you have to run an agent as daemon and use the option + # +-# use-agent +-# ++# For Ubuntu we now use-agent by default to support more automatic ++# use of GPG and S/MIME encryption by GUI programs. Depending on the ++# program, users may still have to manually decide to install gnupg-agent. ++ ++use-agent ++ + # which tries to use the agent but will fallback to the regular mode + # if there is a problem connecting to the agent. The normal way to + # locate the agent is by looking at the environment variable diff -Nru gnupg-1.4.16/debian/rules gnupg-1.4.16/debian/rules --- gnupg-1.4.16/debian/rules 2014-01-07 10:23:45.000000000 +0000 +++ gnupg-1.4.16/debian/rules 2014-01-28 18:05:18.000000000 +0000 @@ -26,7 +26,7 @@ HOSTARG += --host=$(DEB_HOST_GNU_TYPE) endif -ifeq ($(DEB_BUILD_ARCH),ppc64) +ifneq (,$(filter $(DEB_BUILD_ARCH),ppc64 ppc64el)) CONFARGS += --disable-asm endif @@ -38,23 +38,28 @@ ################################### configure ################################ -build-deb/config.status: +auto-stamp: + dh_testdir + dh_autoreconf + touch $@ + +build-deb/config.status: auto-stamp dh_testdir (mkdir -p $(@D); cd $(@D); \ ../configure LDFLAGS="$(LDFLAGS)" CPPFLAGS="$(CPPFLAGS_DEF)" CFLAGS="$(CFLAGS_DEF)" $(CONFARGS) $(HOSTARG) --without-libcurl) -build-deb-curl/config.status: +build-deb-curl/config.status: auto-stamp dh_testdir (mkdir -p $(@D); cd $(@D); \ ../configure LDFLAGS="$(LDFLAGS)" CPPFLAGS="$(CPPFLAGS_DEF)" CFLAGS="$(CFLAGS_DEF)" $(CONFARGS) $(HOSTARG)) -build-udeb/config.status: +build-udeb/config.status: auto-stamp dh_testdir (mkdir -p $(@D); cd $(@D); CFLAGS="-g -Os" \ ../configure $(CONFARGS) $(HOSTARG) \ --without-bzip2 --without-readline --without-libcurl) -build-win32/config.status: +build-win32/config.status: auto-stamp dh_testdir (mkdir -p $(@D); cd $(@D); CFLAGS="-g -Os" \ ../configure $(CONFARGS) --host i686-w64-mingw32 \ @@ -90,7 +95,7 @@ build: build-arch build-arch: build-deb-stamp build-deb-curl-stamp build-udeb-stamp -build-indep: build-win32-stamp +build-indep: ##################################### clean ################################## @@ -99,6 +104,7 @@ dh_testroot rm -rf build-udeb/ build-deb-curl/ build-deb/ build-win32/ # find . -name \*~ | xargs rm -vf + dh_autoreconf_clean dh_clean build-deb-stamp build-deb-curl-stamp build-udeb-stamp build-win32-stamp #################################### install #################################