diffstat for gnupg2-2.1.11 gnupg2-2.1.11 changelog | 60 ++++++++++ control | 3 gnupg2.udev | 12 ++ gpg-agent.user-session.upstart | 29 ++++ no-pinentry-gnome3.user-session.upstart | 14 ++ patches/0006-tests-openpgp-Fake-the-system-time-for-the-tofu-test.patch | 53 ++++++++ patches/CVE-2018-12020.patch | 44 +++++++ patches/series | 2 rules | 4 9 files changed, 220 insertions(+), 1 deletion(-) diff -Nru gnupg2-2.1.11/debian/changelog gnupg2-2.1.11/debian/changelog --- gnupg2-2.1.11/debian/changelog 2016-03-01 08:38:46.000000000 +0000 +++ gnupg2-2.1.11/debian/changelog 2018-06-14 19:11:51.000000000 +0000 @@ -1,3 +1,42 @@ +gnupg2 (2.1.11-6ubuntu2.1) xenial-security; urgency=medium + + * SECURITY UPDATE: missing sanitization of verbose output + - debian/patches/CVE-2018-12020.patch: Sanitize diagnostic with + the original file name. + - CVE-2018-12020 + * backport patch to handle the tofu tests expiring in 2016 + - d/p/0006-tests-openpgp-Fake-the-system-time-for-the-tofu-test.patch + + -- Steve Beattie Thu, 14 Jun 2018 10:41:36 -0700 + +gnupg2 (2.1.11-6ubuntu2) xenial; urgency=medium + + * Fix upstart user-session integration with new pinentry: + - restart gpg-agent, once dbus is started, such that agent has DBUS + session environemnt set and can connect to the pinentry-gnome3 Closes: + #790316 Closes: #795368 LP: #1566928 + - use gpgconf to launch/kill gpg-agent and to check settings + + -- Dimitri John Ledkov Fri, 08 Apr 2016 08:55:10 +0100 + +gnupg2 (2.1.11-6ubuntu1) xenial; urgency=medium + + * Adds support for --pinentry= argument for gpgme1.0 (LP: #1564234) + * Merge with debian, remaining changes: + - Add udev rules to give gpg access to some smartcard readers; + Debian #543217. + - debian/gnupg2.udev: udev rules to set ACLs on SCM smartcard readers. + - Add upstart user job for gpg-agent. + * Dropped no longer applicable changes in merge: + - Drop sh prefix from openpgp test environment as it leads to exec + invocations of sh /bin/bash leading to syntax errors from sh. Fixes + FTBFS detected in Ubuntu saucy archive rebuild. + - debian/control: drop dirmngr to Suggests as it is in universe. + - gcc5-fix.patch: add upstream fix for an optimization issue when + compiling with gcc 5. + + -- Mario Limonciello Wed, 30 Mar 2016 23:20:09 -0500 + gnupg2 (2.1.11-6) unstable; urgency=medium * avoid FTBFS with patch from upstream (Closes: #814842) @@ -202,6 +241,27 @@ -- Daniel Kahn Gillmor Wed, 29 Oct 2014 17:53:06 -0400 +gnupg2 (2.0.28-3ubuntu2) xenial; urgency=medium + + * debian/gcc5-fix.patch: add upstream fix for an optimization issue when + compiling with gcc 5. (LP: #1501634) + + -- Marc Deslauriers Tue, 09 Feb 2016 16:11:42 -0500 + +gnupg2 (2.0.28-3ubuntu1) wily; urgency=low + + * Merge from Debian, remaining changes: + - Drop sh prefix from openpgp test environment as it leads to exec + invocations of sh /bin/bash leading to syntax errors from sh. Fixes + FTBFS detected in Ubuntu saucy archive rebuild. + - Add udev rules to give gpg access to some smartcard readers; + Debian #543217. + - debian/gnupg2.udev: udev rules to set ACLs on SCM smartcard readers. + - Add upstart user job for gpg-agent. + - debian/control: drop dirmngr to Suggests as it is in universe. + + -- Iain Lane Mon, 13 Jul 2015 13:18:38 +0100 + gnupg2 (2.0.28-3) unstable; urgency=medium * pass DBUS_SESION_BUS_ADDRESS to the agent for gnome3. diff -Nru gnupg2-2.1.11/debian/control gnupg2-2.1.11/debian/control --- gnupg2-2.1.11/debian/control 2016-03-01 08:38:33.000000000 +0000 +++ gnupg2-2.1.11/debian/control 2016-04-08 08:00:14.000000000 +0000 @@ -1,7 +1,8 @@ Source: gnupg2 Section: utils Priority: optional -Maintainer: Debian GnuPG Maintainers +Maintainer: Ubuntu Developers +XSBC-Original-Maintainer: Debian GnuPG Maintainers Uploaders: Eric Dorland , Daniel Kahn Gillmor Standards-Version: 3.9.7 diff -Nru gnupg2-2.1.11/debian/gnupg2.udev gnupg2-2.1.11/debian/gnupg2.udev --- gnupg2-2.1.11/debian/gnupg2.udev 1970-01-01 00:00:00.000000000 +0000 +++ gnupg2-2.1.11/debian/gnupg2.udev 2015-05-05 12:01:05.000000000 +0000 @@ -0,0 +1,12 @@ +# do not edit this file, it will be overwritten on update + +SUBSYSTEM!="usb", GOTO="gnupg_rules_end" +ACTION!="add", GOTO="gnupg_rules_end" + +# USB SmartCard Readers +## SCM readers (SCR335, SPR532, & Co) +ATTR{idVendor}=="04e6", ATTR{idProduct}=="e001", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg" +ATTR{idVendor}=="04e6", ATTR{idProduct}=="e003", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg" +ATTR{idVendor}=="04e6", ATTR{idProduct}=="5115", ENV{ID_SMARTCARD_READER}="1", ENV{ID_SMARTCARD_READER_DRIVER}="gnupg" + +LABEL="gnupg_rules_end" diff -Nru gnupg2-2.1.11/debian/gpg-agent.user-session.upstart gnupg2-2.1.11/debian/gpg-agent.user-session.upstart --- gnupg2-2.1.11/debian/gpg-agent.user-session.upstart 1970-01-01 00:00:00.000000000 +0000 +++ gnupg2-2.1.11/debian/gpg-agent.user-session.upstart 2016-04-08 08:01:08.000000000 +0000 @@ -0,0 +1,29 @@ +description "GPG Agent" +author "Stéphane Graber " + +start on starting xsession-init and (no-pinentry-gnome3 or started dbus) + +pre-start script + GNUPGHOME=$HOME/.gnupg + [ -d $GNUPGHOME ] || { stop; exit 0; } + + # /etc/X11/Xsession.d/90gpg-agent starts the agent without DBUS, + # thus can't use pinentry-gnome3 + # but we know we have dbus now, restart gpg-agent + gpgconf --kill gpg-agent + gpgconf --launch gpg-agent + initctl set-env --global GPG_AGENT_INFO=$GNUPGHOME/S.gpg-agent:0:1 + + if [ -n "$(gpgconf --list-options gpg-agent | awk -F: '/^enable-ssh-support:/{ print $10 }')" ]; then + initctl set-env --global SSH_AUTH_SOCK=$GNUPGHOME/S.gpg-agent.ssh + fi +end script + +post-stop script + gpgconf --kill gpg-agent + initctl unset-env --global GPG_AGENT_INFO + + if [ -n "$(gpgconf --list-options gpg-agent | awk -F: '/^enable-ssh-support:/{ print $10 }')" ]; then + initctl unset-env --global SSH_AUTH_SOCK + fi +end script diff -Nru gnupg2-2.1.11/debian/no-pinentry-gnome3.user-session.upstart gnupg2-2.1.11/debian/no-pinentry-gnome3.user-session.upstart --- gnupg2-2.1.11/debian/no-pinentry-gnome3.user-session.upstart 1970-01-01 00:00:00.000000000 +0000 +++ gnupg2-2.1.11/debian/no-pinentry-gnome3.user-session.upstart 2015-07-03 11:23:37.000000000 +0000 @@ -0,0 +1,14 @@ +description "Don't make gpg-agent require dbus" +author "Iain Lane " + +start on startup + +emits no-pinenty-gnome3 + +task + +script + if [ ! -L "/usr/bin/pinentry" ] || [ "$(readlink -f /usr/bin/pinentry)" != "/usr/bin/pinentry-gnome3" ]; then + initctl --no-wait emit no-pinentry-gnome3 + fi +end script diff -Nru gnupg2-2.1.11/debian/patches/0006-tests-openpgp-Fake-the-system-time-for-the-tofu-test.patch gnupg2-2.1.11/debian/patches/0006-tests-openpgp-Fake-the-system-time-for-the-tofu-test.patch --- gnupg2-2.1.11/debian/patches/0006-tests-openpgp-Fake-the-system-time-for-the-tofu-test.patch 1970-01-01 00:00:00.000000000 +0000 +++ gnupg2-2.1.11/debian/patches/0006-tests-openpgp-Fake-the-system-time-for-the-tofu-test.patch 2018-06-14 19:10:12.000000000 +0000 @@ -0,0 +1,53 @@ +From e584d6468a2e72cd01e55f46104f9f96b56c0b66 Mon Sep 17 00:00:00 2001 +From: Justus Winter +Date: Thu, 23 Jun 2016 17:24:23 +0200 +Subject: [PATCH] tests/openpgp: Fake the system time for the tofu test. + +The keys in the tofu test are set to expire on 2016-09-17. Fake the +system time for this test. + +This commit includes changes to the old test as well, for those who +need to backport it. + +* tests/openpgp/gpg-agent.conf.tmpl: Drop trailing newlines. +* tests/openpgp/tofu.scm: Fake system time. +* tests/openpgp/tofu.test: Likewise. + +GnuPG-bug-id: 2393 +Signed-off-by: Justus Winter + +[Ubuntu note: backported to old test, dropping scheme version changes. + -- sbeattie] + +--- + tests/openpgp/gpg-agent.conf.tmpl | 2 -- + tests/openpgp/tofu.scm | 4 +++- + tests/openpgp/tofu.test | 3 +++ + 3 files changed, 6 insertions(+), 3 deletions(-) + +diff --git a/tests/openpgp/gpg-agent.conf.tmpl b/tests/openpgp/gpg-agent.conf.tmpl +index b3cb54f09..70e163317 100644 +--- a/tests/openpgp/gpg-agent.conf.tmpl ++++ b/tests/openpgp/gpg-agent.conf.tmpl +@@ -1,4 +1,2 @@ + allow-preset-passphrase + no-grab +- +- +diff --git a/tests/openpgp/tofu.test b/tests/openpgp/tofu.test +index 18c17562c..0d34af409 100755 +--- a/tests/openpgp/tofu.test ++++ b/tests/openpgp/tofu.test +@@ -4,6 +4,9 @@ + + # set -x + ++# Redefine GPG with a fixed time. ++GPG="$GPG --faked-system-time=1466684990" ++ + KEYS="2183839A BC15C85A EE37CF96" + + # Make sure $srcdir is set. +-- +2.17.1 + diff -Nru gnupg2-2.1.11/debian/patches/CVE-2018-12020.patch gnupg2-2.1.11/debian/patches/CVE-2018-12020.patch --- gnupg2-2.1.11/debian/patches/CVE-2018-12020.patch 1970-01-01 00:00:00.000000000 +0000 +++ gnupg2-2.1.11/debian/patches/CVE-2018-12020.patch 2018-06-14 17:41:25.000000000 +0000 @@ -0,0 +1,44 @@ +From 210e402acd3e284b32db1901e43bf1470e659e49 Mon Sep 17 00:00:00 2001 +From: Werner Koch +Date: Fri, 8 Jun 2018 10:45:21 +0200 +Subject: [PATCH] gpg: Sanitize diagnostic with the original file name. + +* g10/mainproc.c (proc_plaintext): Sanitize verbose output. +-- + +This fixes a forgotten sanitation of user supplied data in a verbose +mode diagnostic. The mention CVE is about using this to inject +status-fd lines into the stderr output. Other harm good as well be +done. Note that GPGME based applications are not affected because +GPGME does not fold status output into stderr. + +CVE-id: CVE-2018-12020 +GnuPG-bug-id: 4012 +(cherry picked from commit 13f135c7a252cc46cff96e75968d92b6dc8dce1b) +--- + g10/mainproc.c | 9 ++++++++- + 1 file changed, 8 insertions(+), 1 deletion(-) + +diff --git a/g10/mainproc.c b/g10/mainproc.c +index 116b72a6b..72b0dd828 100644 +--- a/g10/mainproc.c ++++ b/g10/mainproc.c +@@ -758,7 +758,14 @@ proc_plaintext( CTX c, PACKET *pkt ) + if (pt->namelen == 8 && !memcmp( pt->name, "_CONSOLE", 8)) + log_info (_("Note: sender requested \"for-your-eyes-only\"\n")); + else if (opt.verbose) +- log_info (_("original file name='%.*s'\n"), pt->namelen, pt->name); ++ { ++ /* We don't use print_utf8_buffer because that would require a ++ * string change which we don't want in 2.2. It is also not ++ * clear whether the filename is always utf-8 encoded. */ ++ char *tmp = make_printable_string (pt->name, pt->namelen, 0); ++ log_info (_("original file name='%.*s'\n"), (int)strlen (tmp), tmp); ++ xfree (tmp); ++ } + + free_md_filter_context (&c->mfx); + if (gcry_md_open (&c->mfx.md, 0, 0)) +-- +2.17.1 + diff -Nru gnupg2-2.1.11/debian/patches/series gnupg2-2.1.11/debian/patches/series --- gnupg2-2.1.11/debian/patches/series 2016-03-01 08:36:05.000000000 +0000 +++ gnupg2-2.1.11/debian/patches/series 2018-06-14 19:10:52.000000000 +0000 @@ -3,3 +3,5 @@ 0003-Avoid-simple-memory-dumps-via-ptrace.patch 0004-avoid-gpgtar.test-when-disable-gpgtar-is-configured.patch 0005-common-Change-simple_query-to-ignore-status-messages.patch +0006-tests-openpgp-Fake-the-system-time-for-the-tofu-test.patch +CVE-2018-12020.patch diff -Nru gnupg2-2.1.11/debian/rules gnupg2-2.1.11/debian/rules --- gnupg2-2.1.11/debian/rules 2016-03-01 08:32:12.000000000 +0000 +++ gnupg2-2.1.11/debian/rules 2016-03-31 04:18:58.000000000 +0000 @@ -48,6 +48,10 @@ install -m 644 debian/gnupg-agent.xsession \ debian/gnupg-agent/etc/X11/Xsession.d/90gpg-agent + # Upstart user job (only used under user sessions) + install -p -m 644 -D debian/gpg-agent.user-session.upstart debian/gnupg-agent/usr/share/upstart/sessions/gpg-agent.conf + install -p -m 644 -D debian/no-pinentry-gnome3.user-session.upstart debian/gnupg-agent/usr/share/upstart/sessions/no-pinentry-gnome3.conf + override_dh_installman: help2man --no-info -n "List, export, import Keybox data" \ debian/tmp/usr/bin/kbxutil > debian/kbxutil.1