Navigation:
Home |
Browse by maintainer |
Search |
RSS |
News |
Info |
Contact |
Statistics |
Ports tracker |
Help
security gnupg
CVSweb ] [ 
Homepage ] [ 
RSS feed ]| Version: 1.4.23, Package name: gnupg-1.4.23 |
| Maintained by: The OpenBSD ports mailing-list |
| Master sites: |
Flavors (export FLAVOR=xyz, setenv FLAVOR xyz):
|
| Description GnuPG is a complete and free replacement for PGP. Because it does not use IDEA or RSA it can be used without any restrictions. GnuPG is nearly in compliance with RFC2440 (OpenPGP). Flavors: card - build with OpenPGP card support ldap - build with LDAP keyserver support |
| Filesize: 5096.311 KB |
| Version History (View Complete History) |
|
| 2020-07-05 03:40:19 by Jeremie Courreges-Anglas | Files touched by this commit (1) |
Log message: Drop maintainership Being listed as the maintainer kinda implies that I care, but I don't: I haven't used gpg1 for years. In fact, it's been years since I think this port ought to be removed and the tree should be moved to security/gnupg2. But someone has to do that work. |
| 2020-04-12 12:29:01 by Charlene Wendling | Files touched by this commit (2) |
Log message: gnupg: fix the build on macppc with clang: - add `-fheinous-gnu-extensions' as seen on some other archs - add a patch to remove the `-Wa,-mppc' flag, because clang's integrated assembler was unhappy with it. Proposed by jca@, instead of using `-no-integrated-as'. OK jca@ (maintainer) |
| 2019-07-11 20:16:23 by Visa Hankala | Files touched by this commit (1) |
Log message: Fix build with clang on mips64. OK jca@ |
| 2019-06-22 16:44:07 by Jeremie Courreges-Anglas | Files touched by this commit (19) |
Log message: Move the ports I maintain to PERMIT_PACKAGE |
| 2019-05-20 16:15:31 by Christian Weisgerber | Files touched by this commit (488) |
Log message: Update gettext to 0.20.1. Follow the upstream recommendations for packagers and switch to multi-packages: devel/gettext -> devel/gettext,-runtime devel/gettext-tools -> devel/gettext,-tools (new) devel/gettext,-textstyle |
| 2019-05-17 10:19:41 by Stuart Henderson | Files touched by this commit (86) |
Log message: update curses WANTLIB entries following the change in base libraries to use soname |
| 2018-11-14 13:48:22 by Stuart Henderson | Files touched by this commit (33) |
Log message: bump ports known/suspected to be affected by issue with libedit/libreadline and termcap on lld arches. |
| 2018-11-11 14:14:33 by Christian Weisgerber | Files touched by this commit (2) |
Log message: enable the included PIC assembly code to fix text relocations on i386 |
| 2018-06-13 05:24:01 by Jeremie Courreges-Anglas | Files touched by this commit (2) |
Log message: SECURITY update to gnupg-1.4.23 Fix for CVE-2017-7526 - Sanitize the diagnostic output of the original file name in verbose mode. |
| 2018-06-13 00:20:01 by Jeremie Courreges-Anglas | Files touched by this commit (3) |
Log message: SECURITY update to gnupg-1.4.23 Fix for CVE-2017-7526 - Sanitize the diagnostic output of the original file name in verbose mode. |
| 2018-01-30 08:06:37 by Jeremie Courreges-Anglas | Files touched by this commit (7) |
Log message: Tweak the HOMEPAGE of gnupg.org ports - move to https - use the per-project canonical homepage (reachable thru the main - homepage; pinentry doesn't seem to have such homepage) ok pea@ ajacoutot@ |
| 2018-01-23 06:54:54 by Jeremie Courreges-Anglas | Files touched by this commit (1) |
Log message: Drop unneeded casts in inline asm to fix the build with clang on armv7 Fix from Markus Hennecke (thanks!), similar changes available in upstream libgcrypt. |
| 2017-07-27 14:12:47 by Stuart Henderson | Files touched by this commit (1) |
Log message: fix security/gnupg build on i386+clang with -fheinous-gnu-extensions. from FreeBSD. ok jca@ |
| 2016-11-04 05:35:21 by Stuart Henderson | Files touched by this commit (100) |
Log message: sync WANTLIB (and in one case, add gettext to LIB_DEPENDS) in dependent ports now that internationalised domain name support has been removed from net/curl |
| 2016-10-01 07:56:26 by Christian Weisgerber | Files touched by this commit (10) |
Log message: rename MASTER_SITES_GNUPG to MASTER_SITE_GNUPG, like all the others |
| 2016-09-28 13:33:37 by Jeremie Courreges-Anglas | Files touched by this commit (6) |
Log message: Drop the gettext module from gnupg.org ports |
| 2016-08-26 09:56:30 by Jeremie Courreges-Anglas | Files touched by this commit (2) |
Log message: SECURITY fix for CVE-2016-6313 (actual fix) I failed to add the patch with the security fix in the previous commit. Spotted by Markus Lude. |
| 2016-08-26 09:47:10 by Jeremie Courreges-Anglas | Files touched by this commit (1) |
Log message: Extra patch that snuck in. Spotted by Markus Lude. |
| 2016-08-26 02:32:28 by Jeremie Courreges-Anglas | Files touched by this commit (2) |
Log message: SECURITY fix for CVE-2016-6313 * Fix critical security bug in the RNG [CVE-2016-6313]. An attacker who obtains 580 bytes from the standard RNG can trivially predict the next 20 bytes of output. Problem detected by Felix Dörre and Vladimir Klebanov, KIT. |
| 2016-08-26 02:30:10 by Jeremie Courreges-Anglas | Files touched by this commit (2) |
Log message: SECURITY fix for CVE-2016-6313 * Fix critical security bug in the RNG [CVE-2016-6313]. An attacker who obtains 580 bytes from the standard RNG can trivially predict the next 20 bytes of output. Problem detected by Felix Dörre and Vladimir Klebanov, KIT. |
| 2016-08-26 02:27:48 by Jeremie Courreges-Anglas | Files touched by this commit (2) |
Log message: SECURITY update to gnupg-1.4.21 CVE-2016-6313: * Fix critical security bug in the RNG [CVE-2016-6313]. An attacker who obtains 580 bytes from the standard RNG can trivially predict the next 20 bytes of output. Problem detected by Felix Dörre and Vladimir Klebanov, KIT. Main behavior changes: - CAST5 -> AES for symmetric encryption - MD5 sigs rejected by default ok danj@ |
| 2016-06-29 10:14:45 by Marc Espie | Files touched by this commit (309) |
Log message: add is-branch to all trivial ports that exist as multiple branches. |
| 2016-03-09 12:52:52 by Christian Weisgerber | Files touched by this commit (1) |
Log message: drop workaround for static linking |
| 2015-11-06 11:30:31 by Stuart Henderson | Files touched by this commit (1) |
Log message: WANTLIB sync, missed from the big batch of curl nghttp2 |
| 2015-03-03 07:09:18 by Jeremie Courreges-Anglas | Files touched by this commit (2) |
Log message: SECURITY backport for gnupg-1.4.17 This merge two fixes from gnupg-1.4.19: * Use ciphertext blinding for Elgamal decryption [CVE-2014-3591]. See http://www.cs.tau.ac.il/~tromer/radioexp/ for details. * Fixed data-dependent timing variations in modular exponentiation [related to CVE-2015-0837, Last-Level Cache Side-Channel Attacks are Practical]. ok jasper@ |
| 2015-03-01 05:12:55 by Jeremie Courreges-Anglas | Files touched by this commit (9) |
Log message: SECURITY update to gnupg-1.4.19 * Use ciphertext blinding for Elgamal decryption [CVE-2014-3591]. See http://www.cs.tau.ac.il/~tromer/radioexp/ for details. * Fixed data-dependent timing variations in modular exponentiation [related to CVE-2015-0837, Last-Level Cache Side-Channel Attacks are Practical]. This update introduces additional fixes and features, see http://lists.gnupg.org/pipermail/gnupg-announce/2015q1/000363.html ok sthen@ |
| 2015-01-04 15:12:55 by Jeremie Courreges-Anglas | Files touched by this commit (2) |
Log message:
Update to gnupg-1.4.18 and take maintainership.
* fix regression in --recv-key {multiple keys}
* cap the sizes for automatic key generation
While here, delete unneeded do-test target.
"looks ok" sthen@, ok daniel@
|
| 2010-11-26 00:50:07 by Marc Espie | Files touched by this commit (1) |
Log message: use PKGSPEC, every dependent port uses this |
| 2010-11-20 10:22:46 by Marc Espie | Files touched by this commit (296) |
Log message: new depends |
| 2010-11-11 11:34:59 by Marc Espie | Files touched by this commit (19) |
Log message: more WANTLIB |
| 2010-10-25 06:57:13 by Pierre-Emmanuel Andre | Files touched by this commit (5) |
Log message: Bugfixes update to 1.4.11 ok benoit@ |
| 2010-10-18 15:41:48 by Marc Espie | Files touched by this commit (144) |
Log message: USE_GROFF=Yes |
| 2010-09-22 03:02:42 by Jasper Lievisse Adriaanse | Files touched by this commit (6) |
Log message: - reset maintainer, requested by reinhard@ |
| 2010-07-08 11:01:57 by Pierre-Emmanuel Andre | Files touched by this commit (2) |
Log message: Avoid conflict with gnupg2. Like this you can install both in the same time. ok aja@, jasper@ |
| 2009-09-15 07:44:41 by David Hill | Files touched by this commit (4) |
Log message: update to 1.4.10. From Pierre-Emmanuel Andri <pea@raveland.org> OK reinhard@ |
| 2008-04-03 04:13:00 by Jasper Lievisse Adriaanse | Files touched by this commit (2) |
Log message: SECURITY UPDATE to gnupg 1.4.9 http://secunia.com/advisories/29568/ tested by many, thanks! |
| 2008-01-30 13:18:10 by Bernd Ahlers | Files touched by this commit (9) |
Log message: Update to gnupg-1.4.8. (GPLv3 now) ok steven@ |
| 2007-09-15 17:30:01 by Michael Erdely | Files touched by this commit (170) |
Log message: Remove surrounding quotes in NO_REGRESS/COMMENT*/PERMIT_* From Darrin Chandler |
| 2007-05-15 09:09:12 by Christian Weisgerber | Files touched by this commit (9) |
Log message: chase wantlib changes after curl update |
| 2007-05-10 05:38:28 by Steven Mestdagh | Files touched by this commit (6) |
Log message: update to 1.4.7 feedback and ok bernd@ |
| 2007-04-05 11:26:27 by Marc Espie | Files touched by this commit (815) |
Log message: more base64 checksums |
| 2007-02-21 17:17:09 by Steven Mestdagh | Files touched by this commit (3) |
Log message: adjust another texinfo file so it does not leave entries behind. rerun makesum while here. from Moritz Grimm <mlist at scapa.dnsalias.net> ok espie@ |
| 2007-01-16 02:50:36 by Bernd Ahlers | Files touched by this commit (11) |
Log message: Update to gnupg-1.4.6. ok steven@ |
| 2006-12-07 15:12:47 by Nikolay Sturm | Files touched by this commit (2) |
Log message: MFC: Security fix: remotely controllable function pointer [CVE-2006-6235] from Werner Koch via fsf announce |
| 2006-12-07 14:23:58 by Nikolay Sturm | Files touched by this commit (2) |
Log message: MFC: Security fix: remotely controllable function pointer [CVE-2006-6235] from Werner Koch via fsf announce |
| 2006-12-06 16:11:58 by Deanna Phillips | Files touched by this commit (2) |
Log message: Security fix: remotely controllable function pointer [CVE-2006-6235] from Werner Koch via fsf announce ok steven |
| 2006-11-30 14:59:12 by Nikolay Sturm | Files touched by this commit (2) |
Log message: MFC: Security fix for a buffer overflow when running gnupg in interactive mode. More info: http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000241.html |
| 2006-11-30 13:49:29 by Nikolay Sturm | Files touched by this commit (2) |
Log message: MFC: Security fix for a buffer overflow when running gnupg in interactive mode. More info: http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000241.html |
| 2006-11-28 03:18:49 by Bernd Ahlers | Files touched by this commit (2) |
Log message: Security fix for a buffer overflow when running gnupg in interactive mode. More info: http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000241.html |
| 2006-08-09 14:47:19 by Nikolay Sturm | Files touched by this commit (2) |
Log message: backport from gnupg 1.4.5 which fixes a denial of service vulnerability (CVE-2006-3746) For more information see: http://secunia.com/advisories/21297/ http://lists.gnupg.org/pipermail/gnupg-announce/2006q3/000229.html |
| 2006-08-09 14:17:02 by Nikolay Sturm | Files touched by this commit (2) |
Log message: backport from gnupg 1.4.5 which fixes a denial of service vulnerability (CVE-2006-3746) For more information see: http://secunia.com/advisories/21297/ http://lists.gnupg.org/pipermail/gnupg-announce/2006q3/000229.html |
| 2006-08-07 13:59:20 by Bernd Ahlers | Files touched by this commit (9) |
Log message: Security update to gnupg-1.4.5. (CVE-2006-3746) This fixes a denial of service vulnerability. For more information see: http://secunia.com/advisories/21297/ http://lists.gnupg.org/pipermail/gnupg-announce/2006q3/000229.html okay espie@ |
| 2006-08-03 17:28:12 by Marc Espie | Files touched by this commit (43) |
Log message: new lib specs |
| 2006-07-13 07:11:29 by Bernd Ahlers | Files touched by this commit (3) |
Log message: Update to gnupg-1.4.4. ok reinhard@ (MAINTAINER), "looks good" steven@ |
| 2006-06-25 08:38:23 by Nikolay Sturm | Files touched by this commit (3) |
Log message: MFC: Security update! Fixes an integer overflow. (CVE-2006-3082) Detailed information: http://secunia.com/advisories/20783/ Diff from gnupg CVS. |
| 2006-06-25 08:38:02 by Nikolay Sturm | Files touched by this commit (3) |
Log message: MFC: Security update! Fixes an integer overflow. (CVE-2006-3082) Detailed information: http://secunia.com/advisories/20783/ Diff from gnupg CVS. |
| 2006-06-23 05:35:36 by Bernd Ahlers | Files touched by this commit (2) |
Log message: Security update! Fixes an integer overflow. (CVE-2006-3082) Detailed information: http://secunia.com/advisories/20783/ Diff from gnupg CVS. ok sturm@ |
| 2006-05-01 02:42:46 by Nikolay Sturm | Files touched by this commit (1) |
Log message: security update to gnupg-1.4.2.2 from gnupg.org: Signature verification of non-detached signatures may give a positive result but when extracting the signed data, this data may be prepended or appended with extra data not covered by the signature. Thus it is possible for an attacker to take any signed message and inject extra arbitrary data. |
| 2006-04-12 03:55:24 by Bernd Ahlers | Files touched by this commit (12) |
Log message: - Update to gnupg-1.4.3 - Add ldap FLAVOR - Describe the FLAVORs in pkg/DESCR ok steven@ |
| 2006-03-11 09:48:28 by Nikolay Sturm | Files touched by this commit (1) |
Log message: MFC: security update to gnupg-1.4.2.2 from gnupg.org: Signature verification of non-detached signatures may give a positive result but when extracting the signed data, this data may be prepended or appended with extra data not covered by the signature. Thus it is possible for an attacker to take any signed message and inject extra arbitrary data. |
| 2006-03-11 09:47:53 by Nikolay Sturm | Files touched by this commit (1) |
Log message: MFC: security update to gnupg-1.4.2.2 from gnupg.org: Signature verification of non-detached signatures may give a positive result but when extracting the signed data, this data may be prepended or appended with extra data not covered by the signature. Thus it is possible for an attacker to take any signed message and inject extra arbitrary data. |
| 2006-03-10 13:57:50 by Steven Mestdagh | Files touched by this commit (2) |
Log message: security update to gnupg-1.4.2.2 from gnupg.org: Signature verification of non-detached signatures may give a positive result but when extracting the signed data, this data may be prepended or appended with extra data not covered by the signature. Thus it is possible for an attacker to take any signed message and inject extra arbitrary data. |
| 2006-02-22 14:20:00 by Nikolay Sturm | Files touched by this commit (1) |
Log message: MFC: security update to 1.4.2.1 The security issue is caused due to "gpgv" exiting with a return code of 0 even if the detached signature file did not carry any signature. This may result in certain scripts that use "gpgv" to conclude that the signature is correctly verified. More info: http://secunia.com/advisories/18845/ |
| 2006-02-22 14:19:15 by Nikolay Sturm | Files touched by this commit (2) |
Log message: MFC: security update to 1.4.2.1 The security issue is caused due to "gpgv" exiting with a return code of 0 even if the detached signature file did not carry any signature. This may result in certain scripts that use "gpgv" to conclude that the signature is correctly verified. More info: http://secunia.com/advisories/18845/ |
| 2006-02-22 05:30:52 by Steven Mestdagh | Files touched by this commit (3) |
Log message: security update to 1.4.2.1 The security issue is caused due to "gpgv" exiting with a return code of 0 even if the detached signature file did not carry any signature. This may result in certain scripts that use "gpgv" to conclude that the signature is correctly verified. More info: http://secunia.com/advisories/18845/ ok bernd@ pvalchev@ |
| 2006-02-06 14:57:56 by Bernd Ahlers | Files touched by this commit (9) |
Log message: Since we have swap encryption on OpenBSD, only warn about insecure memory if swap encryption is disabled. (It's enabled by default.) This supersedes pkg/MESSAGE. Regen patches with update-patches while I'm here. Bump PKGNAME. idea and ok espie@ |
| 2005-10-29 08:59:08 by Nikolay Sturm | Files touched by this commit (2) |
Log message: sync MESSAGE with reality from Antoine Jacoutot <ajacoutot at lphp.org> maintainer timeout |
| 2005-05-23 16:08:31 by Robert Nagy | Files touched by this commit (3) |
Log message: SECURITY: update to 1.4.1 fix a openpgp protocol vulnerability http://www.vuxml.org/openbsd/be6057f4-9ecf-11d9-82a1-00065bd5b0b6.html ok brad@ |
| 2005-05-17 09:08:34 by Martin Reindl | Files touched by this commit (1) |
Log message: don't build the homegrown assembler modules on m68k platforms |
| 2005-04-17 02:18:46 by Robert Nagy | Files touched by this commit (4) |
Log message: SECURITY: update to 1.4.1; fix a openpgp protocol vulnerability http://www.vuxml.org/openbsd/be6057f4-9ecf-11d9-82a1-00065bd5b0b6.html ok brad@ |
| 2005-04-17 02:16:06 by Robert Nagy | Files touched by this commit (4) |
Log message: SECURITY: update to 1.4.1; fix a openpgp protocol vulnerability http://www.vuxml.org/openbsd/be6057f4-9ecf-11d9-82a1-00065bd5b0b6.html ok brad@ |
| 2005-04-09 06:43:09 by Marc Espie | Files touched by this commit (1) |
Log message: minor dependency nits (make sure we don't pick libusb, and readline now pulls in termcap and not ncurses) |
| 2005-03-27 08:16:07 by Robert Nagy | Files touched by this commit (4) |
Log message: SECURITY: update to 1.4.1; fix a openpgp protocol vulnerability http://www.vuxml.org/openbsd/be6057f4-9ecf-11d9-82a1-00065bd5b0b6.html |
| 2005-02-19 05:10:03 by Aleksander Piotrowski | Files touched by this commit (6) |
Log message: - Add bzip2 to dependency list (from Okan Demirmen <okan@demirmen.com>) - Fix libintl/libiconv linking - Don't include bundled libintl headers - Update WANTLIB marker - Bump PKGNAME help & go ahead espie@ |
| 2005-02-15 18:40:24 by Kevin Lo | Files touched by this commit (1) |
Log message: don't use gnupg's own iconv library |
| 2005-01-29 12:27:18 by Nikolay Sturm | Files touched by this commit (13) |
Log message: update to GnuPG 1.4, new FLAVOR "card" to support usb card readers initial version from Chris K. Young <cky at pobox.com>, adapted to -current by Alec Berryman <alec at thened.net> ok maintainer reinhard@ |
| 2005-01-05 12:45:26 by Christian Weisgerber | Files touched by this commit (2) |
Log message: proper SUPDISTFILES, restore checksums |
| 2005-01-05 10:26:49 by Christian Weisgerber | Files touched by this commit (129) |
Log message: SIZE |
| 2004-12-27 06:28:36 by Aleksander Piotrowski | Files touched by this commit (76) |
Log message: Add WANTLIB markers |
| 2004-09-15 12:36:03 by Marc Espie | Files touched by this commit (133) |
Log message: new plists. gnutls depends on lzo. |
| 2004-08-10 03:26:14 by Xavier Santolaria | Files touched by this commit (10) |
Log message: new-style MODULES. |
| 2004-08-04 08:51:31 by Christian Weisgerber | Files touched by this commit (9) |
Log message: fix up MODGNU_CONFIG_GUESS_DIRS |
| 2004-02-24 12:48:16 by Christian Weisgerber | Files touched by this commit (8) |
Log message: remove workaround for gcc2.95/sparc64 optimizer bug: sha1.c compiles fine now |
| 2003-12-16 12:52:23 by Christian Weisgerber | Files touched by this commit (4) |
Log message: @dirrm shared directories |
| 2003-12-15 14:55:58 by Christian Weisgerber | Files touched by this commit (479) |
Log message: remove WWW lines |
| 2003-12-12 20:50:23 by Margarida Sequeira | Files touched by this commit (2) |
Log message: MFC: Security fix: Add workaround for GnuPG's ElGamal signing keys bug. URL: http://lists.gnupg.org/pipermail/gnupg-announce/2003q4/000276.html |
| 2003-12-12 20:30:24 by Margarida Sequeira | Files touched by this commit (2) |
Log message: MFC: Security fix: Add workaround for GnuPG's ElGamal signing keys bug. URL: http://lists.gnupg.org/pipermail/gnupg-announce/2003q4/000276.html |
| 2003-12-12 20:22:16 by Margarida Sequeira | Files touched by this commit (3) |
Log message: Security fix: Add workaround for GnuPG's ElGamal signing keys bug. URL: http://lists.gnupg.org/pipermail/gnupg-announce/2003q4/000276.html |
| 2003-07-10 17:26:18 by Brad Smith | Files touched by this commit (4) |
Log message: MFC: upgrade to gnupg 1.2.2 A bug was discovered in the key validation code. This bug causes keys with more than one user ID to give all user IDs on the key the amount of validity given to the most-valid key. http://marc.theaimsgroup.com/?l=bugtraq&m=105215110111174&w=2 |
| 2003-06-09 11:24:47 by Brad Smith | Files touched by this commit (2) |
Log message: run these tests as part of the regression target. |
| 2003-06-04 10:03:59 by Brad Smith | Files touched by this commit (2) |
Log message: A bug was discovered in the key validation code. This bug causes keys with more than one user ID to give all user IDs on the key the amount of validity given to the most-valid key. http://marc.theaimsgroup.com/?l=bugtraq&m=105215110111174&w=2 |
| 2003-06-03 04:21:33 by Markus Friedl | Files touched by this commit (2) |
Log message: re-add IDEA flavor; ok sturm@ |
| 2003-05-27 08:54:43 by Brad Smith | Files touched by this commit (10) |
Log message: upgrade to gnupg 1.2.2 A bug was discovered in the key validation code. This bug causes keys with more than one user ID to give all user IDs on the key the amount of validity given to the most-valid key. http://marc.theaimsgroup.com/?l=bugtraq&m=105215110111174&w=2 -- MAINTAINER ok |
| 2003-04-17 02:24:03 by Peter Valchev | Files touched by this commit (1) |
Log message: adapt to new gas syntax for i386's switch to ELF |
| 2003-02-14 05:25:32 by Reinhard J. Sammer | Files touched by this commit (2) |
Log message: no longer used idea flavour patches |
| 2003-02-05 11:35:04 by Reinhard J. Sammer | Files touched by this commit (1) |
Log message: update MASTER_SITES; inspired by Xavier Santolaria <xsa@ucmb.ulb.ac.be> |
| 2002-12-28 16:29:13 by Peter Valchev | Files touched by this commit (12) |
Log message: cast NULL sentinel to void * so it is 64bit on alpha & sparc64 |
| 2002-11-15 22:02:21 by Mark Grimes | Files touched by this commit (10) |
Log message: gnupg-1.2.1 update tested on macppc, i386 ok reinhard@ |
| 2002-09-29 18:31:30 by Dale Rahn | Files touched by this commit (3) |
Log message: powerpc does require pic flags when building shared library, do not remove them during config. ok pvalchev@ |