cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
99,002 Commits 1 Branch 0 Tags 544 MiB
61d1768e72
Commit Graph

116 Commits

Author SHA1 Message Date
jca
1cbdc38d98 Update to gnupg-1.4.18 and take maintainership. 
* fix regression in --recv-key {multiple keys}
* cap the sizes for automatic key generation

While here, delete unneeded do-test target.

"looks ok" sthen@, ok daniel@
 2015-01-04 22:12:55 +00:00
sthen
472c97a96a unnecessary param.h 2014-10-13 19:21:16 +00:00
sthen
ea3247717b update to gnupg-1.4.17 
http://lists.gnupg.org/pipermail/gnupg-announce/2014q2/000344.html

CVE-2014-4617: DoS due to garbled compressed data packets
 2014-06-26 00:30:15 +00:00
jasper
3ea3febc52 remove m68k-related workarounds 2014-03-19 13:40:59 +00:00
pea
f444d84906 Security update to 1.4.16 (CVE-2013-4576) 
ok jca@, brad@
 2013-12-19 21:22:30 +00:00
jca
6aaefa0357 SECURITY update to gnupg-1.4.15, fixes CVE-2013-4402 (infinite recursion 
parsing compressed packets) and includes the patch we had for
CVE-2013-4242 (Yarom/Falkner flush+reload side-channel attack on RSA
secret keys already had a patch).  Input from and ok sthen@
 2013-11-16 20:29:00 +00:00
jasper
45606ac347 Security fix for CVE-2013-4242 GnuPG side-channel attack on RSA secret keys 
ok pea@ sthen@
 2013-08-06 19:28:57 +00:00
jca
49d9c2c78e Introduce MASTER_SITES_GNUPG and reuse it for various GnuPG 
(sub)projects.  http:// urls first, then the primary ftp
site for ''make peek-ftp'', as suggested by sthen@.
ok sthen@
 2013-07-12 00:49:23 +00:00
espie
6cd28b2069 grumble, thx fgs@ 2013-07-02 16:20:25 +00:00
espie
e9bba84c13 LIB_DEPENDS don't propagate 2013-07-02 08:09:43 +00:00
fgsch
89714f3705 Update mirrors list and move ftp.gnupg.org at the bottom 2013-03-31 19:12:37 +00:00
espie
eae66e4a7b PERMIT_* / REGRESS->TEST sweep 2013-03-11 11:35:43 +00:00
sthen
f5a323c546 Don't use ${FLAVOR:L}, we only support lower-case flavours now. 
OK ajacoutot@ espie@
 2013-02-09 14:49:50 +00:00
bcallah
d38af15ac6 Fix an "elseif if ..." statement, allowing this to build on mips64*. 
ok jasper@
 2013-02-03 14:52:46 +00:00
sthen
872e4d2976 SECURITY update GnuPG to 1.4.13; earlier versions were vulnerable to memory 
access violations and public keyring database corruption when importing
manipulated public keys.  http://seclists.org/bugtraq/2012/Dec/151

Tweaked from a submission from David Hill.
 2012-12-31 16:34:35 +00:00
landry
b1324216b8 Fix on hppa, broken since the PIE switch. 
mpi/hppa1.1/udiv-qrnnd.S is not PIE-safe, let's use mpi/hppa/udiv-qrnnd.S
instead.
with kettenis@
 2012-12-11 21:12:36 +00:00
landry
48209fe2c9 Regen patches 2012-12-11 20:47:45 +00:00
naddy
5e1bcbad44 The American/European/Japanese patents on IDEA have expired. Remove 
the flavor and just include it by default.  ok zinke@
 2012-07-12 16:32:47 +00:00
espie
0322fed35a properly re-conflict gpg1/2. Noticed by naddy@ 
okay ajacoutot@, pea@
 2012-01-31 10:51:48 +00:00
ajacoutot
6973ee7fdc Unbreak the "card" FLAVOR after the libusb->libusb-compat switch, spotted 
by naddy@ (thanks).
 2011-11-13 22:39:50 +00:00
espie
59fa199246 use PKGSPEC, every dependent port uses this 2010-11-26 07:50:07 +00:00
espie
6c283d7e98 new depends 2010-11-20 17:22:40 +00:00
espie
60f17a941b more WANTLIB 2010-11-11 18:34:59 +00:00
pea
12acb9279b Bugfixes update to 1.4.11 
ok benoit@
 2010-10-25 12:57:13 +00:00
espie
2ef1026971 USE_GROFF=Yes 2010-10-18 21:41:44 +00:00
jasper
2d4a122bfb - reset maintainer, requested by reinhard@ 2010-09-22 09:02:42 +00:00
pea
412b3e0b05 Avoid conflict with gnupg2. Like this you can install both in the same time. 
ok aja@, jasper@
 2010-07-08 17:01:57 +00:00
dhill
0533acdfff update to 1.4.10. 
From Pierre-Emmanuel André <pea@raveland.org>

OK reinhard@
 2009-09-15 13:44:41 +00:00
jasper
275e22e63b SECURITY UPDATE to gnupg 1.4.9 
http://secunia.com/advisories/29568/

tested by many, thanks!
 2008-04-03 10:13:00 +00:00
bernd
5e84793fd4 Update to gnupg-1.4.8. (GPLv3 now) 
ok steven@
 2008-01-30 20:18:09 +00:00
merdely
1997c75349 Remove surrounding quotes in NO_REGRESS/COMMENT*/PERMIT_* 
From Darrin Chandler
 2007-09-15 23:29:57 +00:00
naddy
a220ed62dc chase wantlib changes after curl update 2007-05-15 15:09:12 +00:00
steven
66d8f55f87 update to 1.4.7 
feedback and ok bernd@
 2007-05-10 11:38:28 +00:00
espie
d4ebcd974d more base64 checksums 2007-04-05 17:26:05 +00:00
steven
d540626c47 adjust another texinfo file so it does not leave entries behind. 
rerun makesum while here.

from Moritz Grimm <mlist at scapa.dnsalias.net>

ok espie@
 2007-02-22 00:17:09 +00:00
bernd
0435472660 Update to gnupg-1.4.6. 
ok steven@
 2007-01-16 09:50:36 +00:00
deanna
b750309ac5 Security fix: 
remotely controllable function pointer [CVE-2006-6235]
from Werner Koch via fsf announce
ok steven
 2006-12-06 23:11:58 +00:00
bernd
8ebe3474a5 Security fix for a buffer overflow when running gnupg in interactive mode. 
More info:
http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000241.html
 2006-11-28 10:18:49 +00:00
bernd
f557a7e653 Security update to gnupg-1.4.5. (CVE-2006-3746) 
This fixes a denial of service vulnerability.

For more information see:
http://secunia.com/advisories/21297/
http://lists.gnupg.org/pipermail/gnupg-announce/2006q3/000229.html

okay espie@
 2006-08-07 19:59:20 +00:00
espie
444cc3c520 new lib specs 2006-08-03 23:28:11 +00:00
bernd
044eebec20 Update to gnupg-1.4.4. 
ok reinhard@ (MAINTAINER), "looks good" steven@
 2006-07-13 13:11:28 +00:00
bernd
2cfe636d68 Security update! Fixes an integer overflow. (CVE-2006-3082) 
Detailed information: http://secunia.com/advisories/20783/

Diff from gnupg CVS.

ok sturm@
 2006-06-23 11:35:36 +00:00
bernd
edebdd2694 - Update to gnupg-1.4.3 
- Add ldap FLAVOR
- Describe the FLAVORs in pkg/DESCR

ok steven@
 2006-04-12 09:55:24 +00:00
steven
771e8d8886 security update to gnupg-1.4.2.2 
from gnupg.org:
Signature verification of non-detached signatures may give a positive
result but when extracting the signed data, this data may be prepended
or appended with extra data not covered by the signature.  Thus it is
possible for an attacker to take any signed message and inject extra
arbitrary data.
 2006-03-10 20:57:50 +00:00
steven
04c4c5f7e5 security update to 1.4.2.1 
The security issue is caused due to "gpgv" exiting with a return code
of 0 even if the detached signature file did not carry any signature.
This may result in certain scripts that use "gpgv" to conclude that
the signature is correctly verified.

More info: http://secunia.com/advisories/18845/

ok bernd@ pvalchev@
 2006-02-22 12:30:52 +00:00
bernd
bcee2da2fc Since we have swap encryption on OpenBSD, only warn about insecure 
memory if swap encryption is disabled. (It's enabled by default.)

This supersedes pkg/MESSAGE.

Regen patches with update-patches while I'm here. Bump PKGNAME.

idea and ok espie@
 2006-02-06 21:57:56 +00:00
sturm
4a1aae3a0f sync MESSAGE with reality 
from Antoine Jacoutot <ajacoutot at lphp.org>
maintainer timeout
 2005-10-29 14:59:08 +00:00
martin
71d71fa971 don't build the homegrown assembler modules on m68k platforms 2005-05-17 15:08:34 +00:00
espie
84d7a482c5 minor dependency nits (make sure we don't pick libusb, and readline 
now pulls in termcap and not ncurses)
 2005-04-09 12:43:08 +00:00
robert
57c713e689 SECURITY: 
update to 1.4.1; fix a openpgp protocol vulnerability
http://www.vuxml.org/openbsd/be6057f4-9ecf-11d9-82a1-00065bd5b0b6.html
 2005-03-27 15:16:07 +00:00