View Bazaar branches
Get this repository:
git clone https://git.launchpad.net/ubuntu/+source/gnupg
Members of Ubuntu Server Dev import team can upload to this repository. Log in for directions.

Branches

Name Last Modified Last Commit
importer/ubuntu/dsc 2018-08-09 04:36:56 UTC 2018-08-09
DSC file for 1.4.20-1ubuntu3.3

Author: Ubuntu Git Importer
Author Date: 2018-08-09 04:36:56 UTC

DSC file for 1.4.20-1ubuntu3.3

ubuntu/trusty-security 2018-08-07 01:48:16 UTC 2018-08-07
Import patches-unapplied version 1.4.16-1ubuntu2.6 to ubuntu/trusty-security

Author: Alex Murray
Author Date: 2018-08-06 01:10:15 UTC

Import patches-unapplied version 1.4.16-1ubuntu2.6 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 319efd4db390e69569bb28b2a275fce9e0d6e86d

New changelog entries:
  * SECURITY UPDATE: full RSA key recovery via side-channel attack
    - debian/patches/CVE-2017-7526-1.patch: simplify loop in mpi/mpi-pow.c.
    - debian/patches/CVE-2017-7526-2.patch: use same computation for square
      and multiply in mpi/mpi-pow.c.
    - debian/patches/CVE-2017-7526-3.patch: fix allocation size for mpi_pow
    - debian/patches/CVE-2017-7526-4.patch: add exponent blinding in
      cipher/rsa.c.
    - debian/patches/CVE-2017-7526-5.patch: allow different build directory
    - CVE-2017-7526

applied/ubuntu/xenial-updates 2018-08-07 01:48:16 UTC 2018-08-07
Import patches-applied version 1.4.20-1ubuntu3.3 to applied/ubuntu/xenial-sec...

Author: Alex Murray
Author Date: 2018-08-06 00:29:18 UTC

Import patches-applied version 1.4.20-1ubuntu3.3 to applied/ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 35e30ce7e8e196ca1f16ce289d36d9a700791d69
Unapplied parent: 405a0cb8cd35c2aba03f6a2db5d43b3c864eb71a

New changelog entries:
  * SECURITY UPDATE: full RSA key recovery via side-channel attack
    - debian/patches/CVE-2017-7526-1.patch: simplify loop in mpi/mpi-pow.c.
    - debian/patches/CVE-2017-7526-2.patch: use same computation for square
      and multiply in mpi/mpi-pow.c.
    - debian/patches/CVE-2017-7526-3.patch: fix allocation size for mpi_pow
    - debian/patches/CVE-2017-7526-4.patch: add exponent blinding in
      cipher/rsa.c.
    - debian/patches/CVE-2017-7526-5.patch: allow different build directory
    - CVE-2017-7526

applied/ubuntu/xenial-security 2018-08-07 01:48:16 UTC 2018-08-07
Import patches-applied version 1.4.20-1ubuntu3.3 to applied/ubuntu/xenial-sec...

Author: Alex Murray
Author Date: 2018-08-06 00:29:18 UTC

Import patches-applied version 1.4.20-1ubuntu3.3 to applied/ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 35e30ce7e8e196ca1f16ce289d36d9a700791d69
Unapplied parent: 405a0cb8cd35c2aba03f6a2db5d43b3c864eb71a

New changelog entries:
  * SECURITY UPDATE: full RSA key recovery via side-channel attack
    - debian/patches/CVE-2017-7526-1.patch: simplify loop in mpi/mpi-pow.c.
    - debian/patches/CVE-2017-7526-2.patch: use same computation for square
      and multiply in mpi/mpi-pow.c.
    - debian/patches/CVE-2017-7526-3.patch: fix allocation size for mpi_pow
    - debian/patches/CVE-2017-7526-4.patch: add exponent blinding in
      cipher/rsa.c.
    - debian/patches/CVE-2017-7526-5.patch: allow different build directory
    - CVE-2017-7526

applied/ubuntu/trusty-devel 2018-08-07 01:48:16 UTC 2018-08-07
Import patches-applied version 1.4.16-1ubuntu2.6 to applied/ubuntu/trusty-sec...

Author: Alex Murray
Author Date: 2018-08-06 01:10:15 UTC

Import patches-applied version 1.4.16-1ubuntu2.6 to applied/ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 8d019d958ed21d20d11f7b70c92e081cd42830be
Unapplied parent: 35a85155193a783e66a7b6bf221422503fe6c8b0

New changelog entries:
  * SECURITY UPDATE: full RSA key recovery via side-channel attack
    - debian/patches/CVE-2017-7526-1.patch: simplify loop in mpi/mpi-pow.c.
    - debian/patches/CVE-2017-7526-2.patch: use same computation for square
      and multiply in mpi/mpi-pow.c.
    - debian/patches/CVE-2017-7526-3.patch: fix allocation size for mpi_pow
    - debian/patches/CVE-2017-7526-4.patch: add exponent blinding in
      cipher/rsa.c.
    - debian/patches/CVE-2017-7526-5.patch: allow different build directory
    - CVE-2017-7526

ubuntu/xenial-security 2018-08-07 01:48:16 UTC 2018-08-07
Import patches-unapplied version 1.4.20-1ubuntu3.3 to ubuntu/xenial-security

Author: Alex Murray
Author Date: 2018-08-06 00:29:18 UTC

Import patches-unapplied version 1.4.20-1ubuntu3.3 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 9efb856d1b111b006bdb2d2ba2e584fa5a05ed34

New changelog entries:
  * SECURITY UPDATE: full RSA key recovery via side-channel attack
    - debian/patches/CVE-2017-7526-1.patch: simplify loop in mpi/mpi-pow.c.
    - debian/patches/CVE-2017-7526-2.patch: use same computation for square
      and multiply in mpi/mpi-pow.c.
    - debian/patches/CVE-2017-7526-3.patch: fix allocation size for mpi_pow
    - debian/patches/CVE-2017-7526-4.patch: add exponent blinding in
      cipher/rsa.c.
    - debian/patches/CVE-2017-7526-5.patch: allow different build directory
    - CVE-2017-7526

ubuntu/xenial-devel 2018-08-07 01:48:16 UTC 2018-08-07
Import patches-unapplied version 1.4.20-1ubuntu3.3 to ubuntu/xenial-security

Author: Alex Murray
Author Date: 2018-08-06 00:29:18 UTC

Import patches-unapplied version 1.4.20-1ubuntu3.3 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 9efb856d1b111b006bdb2d2ba2e584fa5a05ed34

New changelog entries:
  * SECURITY UPDATE: full RSA key recovery via side-channel attack
    - debian/patches/CVE-2017-7526-1.patch: simplify loop in mpi/mpi-pow.c.
    - debian/patches/CVE-2017-7526-2.patch: use same computation for square
      and multiply in mpi/mpi-pow.c.
    - debian/patches/CVE-2017-7526-3.patch: fix allocation size for mpi_pow
    - debian/patches/CVE-2017-7526-4.patch: add exponent blinding in
      cipher/rsa.c.
    - debian/patches/CVE-2017-7526-5.patch: allow different build directory
    - CVE-2017-7526

applied/ubuntu/trusty-security 2018-08-07 01:48:16 UTC 2018-08-07
Import patches-applied version 1.4.16-1ubuntu2.6 to applied/ubuntu/trusty-sec...

Author: Alex Murray
Author Date: 2018-08-06 01:10:15 UTC

Import patches-applied version 1.4.16-1ubuntu2.6 to applied/ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 8d019d958ed21d20d11f7b70c92e081cd42830be
Unapplied parent: 35a85155193a783e66a7b6bf221422503fe6c8b0

New changelog entries:
  * SECURITY UPDATE: full RSA key recovery via side-channel attack
    - debian/patches/CVE-2017-7526-1.patch: simplify loop in mpi/mpi-pow.c.
    - debian/patches/CVE-2017-7526-2.patch: use same computation for square
      and multiply in mpi/mpi-pow.c.
    - debian/patches/CVE-2017-7526-3.patch: fix allocation size for mpi_pow
    - debian/patches/CVE-2017-7526-4.patch: add exponent blinding in
      cipher/rsa.c.
    - debian/patches/CVE-2017-7526-5.patch: allow different build directory
    - CVE-2017-7526

ubuntu/trusty-devel 2018-08-07 01:48:16 UTC 2018-08-07
Import patches-unapplied version 1.4.16-1ubuntu2.6 to ubuntu/trusty-security

Author: Alex Murray
Author Date: 2018-08-06 01:10:15 UTC

Import patches-unapplied version 1.4.16-1ubuntu2.6 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 319efd4db390e69569bb28b2a275fce9e0d6e86d

New changelog entries:
  * SECURITY UPDATE: full RSA key recovery via side-channel attack
    - debian/patches/CVE-2017-7526-1.patch: simplify loop in mpi/mpi-pow.c.
    - debian/patches/CVE-2017-7526-2.patch: use same computation for square
      and multiply in mpi/mpi-pow.c.
    - debian/patches/CVE-2017-7526-3.patch: fix allocation size for mpi_pow
    - debian/patches/CVE-2017-7526-4.patch: add exponent blinding in
      cipher/rsa.c.
    - debian/patches/CVE-2017-7526-5.patch: allow different build directory
    - CVE-2017-7526

applied/ubuntu/trusty-updates 2018-08-07 01:48:16 UTC 2018-08-07
Import patches-applied version 1.4.16-1ubuntu2.6 to applied/ubuntu/trusty-sec...

Author: Alex Murray
Author Date: 2018-08-06 01:10:15 UTC

Import patches-applied version 1.4.16-1ubuntu2.6 to applied/ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 8d019d958ed21d20d11f7b70c92e081cd42830be
Unapplied parent: 35a85155193a783e66a7b6bf221422503fe6c8b0

New changelog entries:
  * SECURITY UPDATE: full RSA key recovery via side-channel attack
    - debian/patches/CVE-2017-7526-1.patch: simplify loop in mpi/mpi-pow.c.
    - debian/patches/CVE-2017-7526-2.patch: use same computation for square
      and multiply in mpi/mpi-pow.c.
    - debian/patches/CVE-2017-7526-3.patch: fix allocation size for mpi_pow
    - debian/patches/CVE-2017-7526-4.patch: add exponent blinding in
      cipher/rsa.c.
    - debian/patches/CVE-2017-7526-5.patch: allow different build directory
    - CVE-2017-7526

applied/ubuntu/xenial-devel 2018-08-07 01:48:16 UTC 2018-08-07
Import patches-applied version 1.4.20-1ubuntu3.3 to applied/ubuntu/xenial-sec...

Author: Alex Murray
Author Date: 2018-08-06 00:29:18 UTC

Import patches-applied version 1.4.20-1ubuntu3.3 to applied/ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 35e30ce7e8e196ca1f16ce289d36d9a700791d69
Unapplied parent: 405a0cb8cd35c2aba03f6a2db5d43b3c864eb71a

New changelog entries:
  * SECURITY UPDATE: full RSA key recovery via side-channel attack
    - debian/patches/CVE-2017-7526-1.patch: simplify loop in mpi/mpi-pow.c.
    - debian/patches/CVE-2017-7526-2.patch: use same computation for square
      and multiply in mpi/mpi-pow.c.
    - debian/patches/CVE-2017-7526-3.patch: fix allocation size for mpi_pow
    - debian/patches/CVE-2017-7526-4.patch: add exponent blinding in
      cipher/rsa.c.
    - debian/patches/CVE-2017-7526-5.patch: allow different build directory
    - CVE-2017-7526

ubuntu/xenial-updates 2018-08-07 01:48:16 UTC 2018-08-07
Import patches-unapplied version 1.4.20-1ubuntu3.3 to ubuntu/xenial-security

Author: Alex Murray
Author Date: 2018-08-06 00:29:18 UTC

Import patches-unapplied version 1.4.20-1ubuntu3.3 to ubuntu/xenial-security

Imported using git-ubuntu import.

Changelog parent: 9efb856d1b111b006bdb2d2ba2e584fa5a05ed34

New changelog entries:
  * SECURITY UPDATE: full RSA key recovery via side-channel attack
    - debian/patches/CVE-2017-7526-1.patch: simplify loop in mpi/mpi-pow.c.
    - debian/patches/CVE-2017-7526-2.patch: use same computation for square
      and multiply in mpi/mpi-pow.c.
    - debian/patches/CVE-2017-7526-3.patch: fix allocation size for mpi_pow
    - debian/patches/CVE-2017-7526-4.patch: add exponent blinding in
      cipher/rsa.c.
    - debian/patches/CVE-2017-7526-5.patch: allow different build directory
    - CVE-2017-7526

ubuntu/trusty-updates 2018-08-07 01:48:16 UTC 2018-08-07
Import patches-unapplied version 1.4.16-1ubuntu2.6 to ubuntu/trusty-security

Author: Alex Murray
Author Date: 2018-08-06 01:10:15 UTC

Import patches-unapplied version 1.4.16-1ubuntu2.6 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 319efd4db390e69569bb28b2a275fce9e0d6e86d

New changelog entries:
  * SECURITY UPDATE: full RSA key recovery via side-channel attack
    - debian/patches/CVE-2017-7526-1.patch: simplify loop in mpi/mpi-pow.c.
    - debian/patches/CVE-2017-7526-2.patch: use same computation for square
      and multiply in mpi/mpi-pow.c.
    - debian/patches/CVE-2017-7526-3.patch: fix allocation size for mpi_pow
    - debian/patches/CVE-2017-7526-4.patch: add exponent blinding in
      cipher/rsa.c.
    - debian/patches/CVE-2017-7526-5.patch: allow different build directory
    - CVE-2017-7526

importer/debian/dsc 2018-07-05 16:26:43 UTC 2018-07-05
DSC file for 1.4.18-7+deb8u5

Author: Ubuntu Git Importer
Author Date: 2018-07-05 16:26:43 UTC

DSC file for 1.4.18-7+deb8u5

applied/debian/jessie 2018-06-23 17:12:05 UTC 2018-06-23
Import patches-applied version 1.4.18-7+deb8u5 to applied/debian/jessie

Author: Salvatore Bonaccorso
Author Date: 2018-06-08 19:55:06 UTC

Import patches-applied version 1.4.18-7+deb8u5 to applied/debian/jessie

Imported using git-ubuntu import.

Changelog parent: 1dcf1daf2d133c29c527e5a124d55a8e1b0cfcf7
Unapplied parent: 4527f861eb1eeccab56d9a7f0060fbc8c33f208e

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * gpg: Sanitize diagnostic with the original file name (CVE-2018-12020)

debian/jessie 2018-06-23 17:12:05 UTC 2018-06-23
Import patches-unapplied version 1.4.18-7+deb8u5 to debian/jessie

Author: Salvatore Bonaccorso
Author Date: 2018-06-08 19:55:06 UTC

Import patches-unapplied version 1.4.18-7+deb8u5 to debian/jessie

Imported using git-ubuntu import.

Changelog parent: 1c12c19fa907f030e982a26c200fe697683460b2

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * gpg: Sanitize diagnostic with the original file name (CVE-2018-12020)

importer/ubuntu/pristine-tar 2018-03-06 11:14:56 UTC 2018-03-06
pristine-tar data for gnupg_1.4.20.orig.tar.gz

Author: Ubuntu Git Importer
Author Date: 2018-03-06 11:14:56 UTC

pristine-tar data for gnupg_1.4.20.orig.tar.gz

importer/debian/pristine-tar 2018-03-06 10:21:18 UTC 2018-03-06
pristine-tar data for gnupg_1.4.20.orig.tar.gz

Author: Ubuntu Git Importer
Author Date: 2018-03-06 10:21:18 UTC

pristine-tar data for gnupg_1.4.20.orig.tar.gz

applied/debian/stretch 2016-09-17 17:06:38 UTC 2016-09-17
Import patches-applied version 1.4.18-7+deb8u3 to applied/debian/jessie

Author: Salvatore Bonaccorso
Author Date: 2016-08-18 05:13:19 UTC

Import patches-applied version 1.4.18-7+deb8u3 to applied/debian/jessie

Imported using git-ubuntu import.

Changelog parent: e211ecf66d39521972c94bd50ae75611b669ffd6
Unapplied parent: 1bdd68cab2833d104471690ec140c8ec3c45ba4d

New changelog entries:
  * Non-maintainer with maintainers approval.
  * gpgv: Tweak default options for extra security
  * g10: Fix checking key for signature validation
  * Non-maintainer upload by the Security Team.
  * cipher: Improve readability by using a macro
  * random: Hash continuous areas in the csprng pool (CVE-2016-6313)

debian/sid 2016-09-17 17:06:38 UTC 2016-09-17
Import patches-unapplied version 1.4.18-7+deb8u3 to debian/jessie

Author: Salvatore Bonaccorso
Author Date: 2016-08-18 05:13:19 UTC

Import patches-unapplied version 1.4.18-7+deb8u3 to debian/jessie

Imported using git-ubuntu import.

Changelog parent: 3ab3af44e9090e6d7ba2cc6365e204fbfee37a7f

New changelog entries:
  * Non-maintainer with maintainers approval.
  * gpgv: Tweak default options for extra security
  * g10: Fix checking key for signature validation
  * Non-maintainer upload by the Security Team.
  * cipher: Improve readability by using a macro
  * random: Hash continuous areas in the csprng pool (CVE-2016-6313)

debian/stretch 2016-09-17 17:06:38 UTC 2016-09-17
Import patches-unapplied version 1.4.18-7+deb8u3 to debian/jessie

Author: Salvatore Bonaccorso
Author Date: 2016-08-18 05:13:19 UTC

Import patches-unapplied version 1.4.18-7+deb8u3 to debian/jessie

Imported using git-ubuntu import.

Changelog parent: 3ab3af44e9090e6d7ba2cc6365e204fbfee37a7f

New changelog entries:
  * Non-maintainer with maintainers approval.
  * gpgv: Tweak default options for extra security
  * g10: Fix checking key for signature validation
  * Non-maintainer upload by the Security Team.
  * cipher: Improve readability by using a macro
  * random: Hash continuous areas in the csprng pool (CVE-2016-6313)

applied/debian/sid 2016-09-17 17:06:38 UTC 2016-09-17
Import patches-applied version 1.4.18-7+deb8u3 to applied/debian/jessie

Author: Salvatore Bonaccorso
Author Date: 2016-08-18 05:13:19 UTC

Import patches-applied version 1.4.18-7+deb8u3 to applied/debian/jessie

Imported using git-ubuntu import.

Changelog parent: e211ecf66d39521972c94bd50ae75611b669ffd6
Unapplied parent: 1bdd68cab2833d104471690ec140c8ec3c45ba4d

New changelog entries:
  * Non-maintainer with maintainers approval.
  * gpgv: Tweak default options for extra security
  * g10: Fix checking key for signature validation
  * Non-maintainer upload by the Security Team.
  * cipher: Improve readability by using a macro
  * random: Hash continuous areas in the csprng pool (CVE-2016-6313)

applied/ubuntu/yakkety-devel 2016-08-19 12:44:08 UTC 2016-08-19
Import patches-applied version 1.4.20-6ubuntu1 to applied/ubuntu/yakkety-prop...

Author: Marc Deslauriers
Author Date: 2016-08-19 11:40:34 UTC

Import patches-applied version 1.4.20-6ubuntu1 to applied/ubuntu/yakkety-proposed

Imported using git-ubuntu import.

Changelog parent: bce49386fe5cfe3f24969e836e6dba76ffbc682f
Unapplied parent: 6ae10525a2a19aa647306a5c933667ae8337c83a

New changelog entries:
  * Merge with Debian. Remaining Ubuntu changes:
    - Disable mlock() test since it fails with ulimit 0 (on buildds).
    - Set gpg (or gpg2) and gpgsm to use a passphrase agent by default.
    - Only suggest gnupg-curl and libldap; recommendations are pulled into
      minimal, and we don't need the keyserver utilities in a minimal Ubuntu
      system.
    - Disable inline assembler for ppc64el.
    - Enable SHA-512 support in gpgv-udeb.
    - debian/patches/lp1541925.patch: Make sure directory exists before
      creating the lock.
  * SECURITY UPDATE: random number generator prediction
    - debian/patches/CVE-2016-6313-1.patch: improve readability by using a
      macro in cipher/random.c.
    - debian/patches/CVE-2016-6313-2.patch: hash continuous areas in the
      csprng pool in cipher/random.c.
    - CVE-2016-6313

ubuntu/yakkety-devel 2016-08-19 12:44:08 UTC 2016-08-19
Import patches-unapplied version 1.4.20-6ubuntu1 to ubuntu/yakkety-proposed

Author: Marc Deslauriers
Author Date: 2016-08-19 11:40:34 UTC

Import patches-unapplied version 1.4.20-6ubuntu1 to ubuntu/yakkety-proposed

Imported using git-ubuntu import.

Changelog parent: 395eb77503f3c191e89625e42d5776fbc443b774

New changelog entries:
  * Merge with Debian. Remaining Ubuntu changes:
    - Disable mlock() test since it fails with ulimit 0 (on buildds).
    - Set gpg (or gpg2) and gpgsm to use a passphrase agent by default.
    - Only suggest gnupg-curl and libldap; recommendations are pulled into
      minimal, and we don't need the keyserver utilities in a minimal Ubuntu
      system.
    - Disable inline assembler for ppc64el.
    - Enable SHA-512 support in gpgv-udeb.
    - debian/patches/lp1541925.patch: Make sure directory exists before
      creating the lock.
  * SECURITY UPDATE: random number generator prediction
    - debian/patches/CVE-2016-6313-1.patch: improve readability by using a
      macro in cipher/random.c.
    - debian/patches/CVE-2016-6313-2.patch: hash continuous areas in the
      csprng pool in cipher/random.c.
    - CVE-2016-6313

ubuntu/yakkety 2016-08-19 12:44:08 UTC 2016-08-19
Import patches-unapplied version 1.4.20-6ubuntu1 to ubuntu/yakkety-proposed

Author: Marc Deslauriers
Author Date: 2016-08-19 11:40:34 UTC

Import patches-unapplied version 1.4.20-6ubuntu1 to ubuntu/yakkety-proposed

Imported using git-ubuntu import.

Changelog parent: 395eb77503f3c191e89625e42d5776fbc443b774

New changelog entries:
  * Merge with Debian. Remaining Ubuntu changes:
    - Disable mlock() test since it fails with ulimit 0 (on buildds).
    - Set gpg (or gpg2) and gpgsm to use a passphrase agent by default.
    - Only suggest gnupg-curl and libldap; recommendations are pulled into
      minimal, and we don't need the keyserver utilities in a minimal Ubuntu
      system.
    - Disable inline assembler for ppc64el.
    - Enable SHA-512 support in gpgv-udeb.
    - debian/patches/lp1541925.patch: Make sure directory exists before
      creating the lock.
  * SECURITY UPDATE: random number generator prediction
    - debian/patches/CVE-2016-6313-1.patch: improve readability by using a
      macro in cipher/random.c.
    - debian/patches/CVE-2016-6313-2.patch: hash continuous areas in the
      csprng pool in cipher/random.c.
    - CVE-2016-6313

ubuntu/yakkety-proposed 2016-08-19 12:44:08 UTC 2016-08-19
Import patches-unapplied version 1.4.20-6ubuntu1 to ubuntu/yakkety-proposed

Author: Marc Deslauriers
Author Date: 2016-08-19 11:40:34 UTC

Import patches-unapplied version 1.4.20-6ubuntu1 to ubuntu/yakkety-proposed

Imported using git-ubuntu import.

Changelog parent: 395eb77503f3c191e89625e42d5776fbc443b774

New changelog entries:
  * Merge with Debian. Remaining Ubuntu changes:
    - Disable mlock() test since it fails with ulimit 0 (on buildds).
    - Set gpg (or gpg2) and gpgsm to use a passphrase agent by default.
    - Only suggest gnupg-curl and libldap; recommendations are pulled into
      minimal, and we don't need the keyserver utilities in a minimal Ubuntu
      system.
    - Disable inline assembler for ppc64el.
    - Enable SHA-512 support in gpgv-udeb.
    - debian/patches/lp1541925.patch: Make sure directory exists before
      creating the lock.
  * SECURITY UPDATE: random number generator prediction
    - debian/patches/CVE-2016-6313-1.patch: improve readability by using a
      macro in cipher/random.c.
    - debian/patches/CVE-2016-6313-2.patch: hash continuous areas in the
      csprng pool in cipher/random.c.
    - CVE-2016-6313

ubuntu/devel 2016-08-19 12:44:08 UTC 2016-08-19
Import patches-unapplied version 1.4.20-6ubuntu1 to ubuntu/yakkety-proposed

Author: Marc Deslauriers
Author Date: 2016-08-19 11:40:34 UTC

Import patches-unapplied version 1.4.20-6ubuntu1 to ubuntu/yakkety-proposed

Imported using git-ubuntu import.

Changelog parent: 395eb77503f3c191e89625e42d5776fbc443b774

New changelog entries:
  * Merge with Debian. Remaining Ubuntu changes:
    - Disable mlock() test since it fails with ulimit 0 (on buildds).
    - Set gpg (or gpg2) and gpgsm to use a passphrase agent by default.
    - Only suggest gnupg-curl and libldap; recommendations are pulled into
      minimal, and we don't need the keyserver utilities in a minimal Ubuntu
      system.
    - Disable inline assembler for ppc64el.
    - Enable SHA-512 support in gpgv-udeb.
    - debian/patches/lp1541925.patch: Make sure directory exists before
      creating the lock.
  * SECURITY UPDATE: random number generator prediction
    - debian/patches/CVE-2016-6313-1.patch: improve readability by using a
      macro in cipher/random.c.
    - debian/patches/CVE-2016-6313-2.patch: hash continuous areas in the
      csprng pool in cipher/random.c.
    - CVE-2016-6313

applied/ubuntu/devel 2016-08-19 12:44:08 UTC 2016-08-19
Import patches-applied version 1.4.20-6ubuntu1 to applied/ubuntu/yakkety-prop...

Author: Marc Deslauriers
Author Date: 2016-08-19 11:40:34 UTC

Import patches-applied version 1.4.20-6ubuntu1 to applied/ubuntu/yakkety-proposed

Imported using git-ubuntu import.

Changelog parent: bce49386fe5cfe3f24969e836e6dba76ffbc682f
Unapplied parent: 6ae10525a2a19aa647306a5c933667ae8337c83a

New changelog entries:
  * Merge with Debian. Remaining Ubuntu changes:
    - Disable mlock() test since it fails with ulimit 0 (on buildds).
    - Set gpg (or gpg2) and gpgsm to use a passphrase agent by default.
    - Only suggest gnupg-curl and libldap; recommendations are pulled into
      minimal, and we don't need the keyserver utilities in a minimal Ubuntu
      system.
    - Disable inline assembler for ppc64el.
    - Enable SHA-512 support in gpgv-udeb.
    - debian/patches/lp1541925.patch: Make sure directory exists before
      creating the lock.
  * SECURITY UPDATE: random number generator prediction
    - debian/patches/CVE-2016-6313-1.patch: improve readability by using a
      macro in cipher/random.c.
    - debian/patches/CVE-2016-6313-2.patch: hash continuous areas in the
      csprng pool in cipher/random.c.
    - CVE-2016-6313

applied/ubuntu/yakkety-proposed 2016-08-19 12:44:08 UTC 2016-08-19
Import patches-applied version 1.4.20-6ubuntu1 to applied/ubuntu/yakkety-prop...

Author: Marc Deslauriers
Author Date: 2016-08-19 11:40:34 UTC

Import patches-applied version 1.4.20-6ubuntu1 to applied/ubuntu/yakkety-proposed

Imported using git-ubuntu import.

Changelog parent: bce49386fe5cfe3f24969e836e6dba76ffbc682f
Unapplied parent: 6ae10525a2a19aa647306a5c933667ae8337c83a

New changelog entries:
  * Merge with Debian. Remaining Ubuntu changes:
    - Disable mlock() test since it fails with ulimit 0 (on buildds).
    - Set gpg (or gpg2) and gpgsm to use a passphrase agent by default.
    - Only suggest gnupg-curl and libldap; recommendations are pulled into
      minimal, and we don't need the keyserver utilities in a minimal Ubuntu
      system.
    - Disable inline assembler for ppc64el.
    - Enable SHA-512 support in gpgv-udeb.
    - debian/patches/lp1541925.patch: Make sure directory exists before
      creating the lock.
  * SECURITY UPDATE: random number generator prediction
    - debian/patches/CVE-2016-6313-1.patch: improve readability by using a
      macro in cipher/random.c.
    - debian/patches/CVE-2016-6313-2.patch: hash continuous areas in the
      csprng pool in cipher/random.c.
    - CVE-2016-6313

applied/ubuntu/yakkety 2016-08-19 12:44:08 UTC 2016-08-19
Import patches-applied version 1.4.20-6ubuntu1 to applied/ubuntu/yakkety-prop...

Author: Marc Deslauriers
Author Date: 2016-08-19 11:40:34 UTC

Import patches-applied version 1.4.20-6ubuntu1 to applied/ubuntu/yakkety-proposed

Imported using git-ubuntu import.

Changelog parent: bce49386fe5cfe3f24969e836e6dba76ffbc682f
Unapplied parent: 6ae10525a2a19aa647306a5c933667ae8337c83a

New changelog entries:
  * Merge with Debian. Remaining Ubuntu changes:
    - Disable mlock() test since it fails with ulimit 0 (on buildds).
    - Set gpg (or gpg2) and gpgsm to use a passphrase agent by default.
    - Only suggest gnupg-curl and libldap; recommendations are pulled into
      minimal, and we don't need the keyserver utilities in a minimal Ubuntu
      system.
    - Disable inline assembler for ppc64el.
    - Enable SHA-512 support in gpgv-udeb.
    - debian/patches/lp1541925.patch: Make sure directory exists before
      creating the lock.
  * SECURITY UPDATE: random number generator prediction
    - debian/patches/CVE-2016-6313-1.patch: improve readability by using a
      macro in cipher/random.c.
    - debian/patches/CVE-2016-6313-2.patch: hash continuous areas in the
      csprng pool in cipher/random.c.
    - CVE-2016-6313

applied/ubuntu/precise-updates 2016-08-18 18:49:20 UTC 2016-08-18
Import patches-applied version 1.4.11-3ubuntu2.10 to applied/ubuntu/precise-s...

Author: Marc Deslauriers
Author Date: 2016-08-17 17:37:00 UTC

Import patches-applied version 1.4.11-3ubuntu2.10 to applied/ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 1dd05988852e02bc1c44aea35d4dc7006c43a233
Unapplied parent: 2df3acf4c7719b2503df53cea944b5bbbc890075

New changelog entries:
  * SECURITY UPDATE: random number generator prediction
    - debian/patches/CVE-2016-6313.dpatch: improve readability by using a
      macro and hash continuous areas in the csprng pool in
      cipher/random.c.
    - CVE-2016-6313

applied/ubuntu/precise-security 2016-08-18 18:49:20 UTC 2016-08-18
Import patches-applied version 1.4.11-3ubuntu2.10 to applied/ubuntu/precise-s...

Author: Marc Deslauriers
Author Date: 2016-08-17 17:37:00 UTC

Import patches-applied version 1.4.11-3ubuntu2.10 to applied/ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 1dd05988852e02bc1c44aea35d4dc7006c43a233
Unapplied parent: 2df3acf4c7719b2503df53cea944b5bbbc890075

New changelog entries:
  * SECURITY UPDATE: random number generator prediction
    - debian/patches/CVE-2016-6313.dpatch: improve readability by using a
      macro and hash continuous areas in the csprng pool in
      cipher/random.c.
    - CVE-2016-6313

applied/ubuntu/precise-devel 2016-08-18 18:49:20 UTC 2016-08-18
Import patches-applied version 1.4.11-3ubuntu2.10 to applied/ubuntu/precise-s...

Author: Marc Deslauriers
Author Date: 2016-08-17 17:37:00 UTC

Import patches-applied version 1.4.11-3ubuntu2.10 to applied/ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 1dd05988852e02bc1c44aea35d4dc7006c43a233
Unapplied parent: 2df3acf4c7719b2503df53cea944b5bbbc890075

New changelog entries:
  * SECURITY UPDATE: random number generator prediction
    - debian/patches/CVE-2016-6313.dpatch: improve readability by using a
      macro and hash continuous areas in the csprng pool in
      cipher/random.c.
    - CVE-2016-6313

ubuntu/precise-updates 2016-08-18 18:49:20 UTC 2016-08-18
Import patches-unapplied version 1.4.11-3ubuntu2.10 to ubuntu/precise-security

Author: Marc Deslauriers
Author Date: 2016-08-17 17:37:00 UTC

Import patches-unapplied version 1.4.11-3ubuntu2.10 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 4ea9330fa8d86ff2bf27b878e10476381026d01c

New changelog entries:
  * SECURITY UPDATE: random number generator prediction
    - debian/patches/CVE-2016-6313.dpatch: improve readability by using a
      macro and hash continuous areas in the csprng pool in
      cipher/random.c.
    - CVE-2016-6313

ubuntu/precise-security 2016-08-18 18:49:20 UTC 2016-08-18
Import patches-unapplied version 1.4.11-3ubuntu2.10 to ubuntu/precise-security

Author: Marc Deslauriers
Author Date: 2016-08-17 17:37:00 UTC

Import patches-unapplied version 1.4.11-3ubuntu2.10 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 4ea9330fa8d86ff2bf27b878e10476381026d01c

New changelog entries:
  * SECURITY UPDATE: random number generator prediction
    - debian/patches/CVE-2016-6313.dpatch: improve readability by using a
      macro and hash continuous areas in the csprng pool in
      cipher/random.c.
    - CVE-2016-6313

ubuntu/precise-devel 2016-08-18 18:49:20 UTC 2016-08-18
Import patches-unapplied version 1.4.11-3ubuntu2.10 to ubuntu/precise-security

Author: Marc Deslauriers
Author Date: 2016-08-17 17:37:00 UTC

Import patches-unapplied version 1.4.11-3ubuntu2.10 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 4ea9330fa8d86ff2bf27b878e10476381026d01c

New changelog entries:
  * SECURITY UPDATE: random number generator prediction
    - debian/patches/CVE-2016-6313.dpatch: improve readability by using a
      macro and hash continuous areas in the csprng pool in
      cipher/random.c.
    - CVE-2016-6313

applied/debian/experimental 2016-04-22 10:10:15 UTC 2016-04-22
Import patches-applied version 1.4.20-6+exp2 to applied/debian/experimental

Author: dkg
Author Date: 2016-04-22 04:06:39 UTC

Import patches-applied version 1.4.20-6+exp2 to applied/debian/experimental

Imported using git-ubuntu import.

Changelog parent: e6b06abe87b569f7ae854ff03dfb7a104befafdd
Unapplied parent: da2df48ec284b028ad199cd6d8fd52bd4f6ccf22

New changelog entries:
  * corrected Conflicts with older gnupg binaries (Closes: #821910)

debian/experimental 2016-04-22 10:10:15 UTC 2016-04-22
Import patches-unapplied version 1.4.20-6+exp2 to debian/experimental

Author: dkg
Author Date: 2016-04-22 04:06:39 UTC

Import patches-unapplied version 1.4.20-6+exp2 to debian/experimental

Imported using git-ubuntu import.

Changelog parent: 3c09ca482d16bdf0febce5714e2e5a01958ce4cf

New changelog entries:
  * corrected Conflicts with older gnupg binaries (Closes: #821910)

ubuntu/xenial-proposed 2016-02-12 13:09:22 UTC 2016-02-12
Import patches-unapplied version 1.4.20-1ubuntu3 to ubuntu/xenial-proposed

Author: Marc Deslauriers
Author Date: 2016-02-12 12:19:26 UTC

Import patches-unapplied version 1.4.20-1ubuntu3 to ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: fda3b7f8e5e13ca3786126c7597b286298b17f8d

New changelog entries:
  * debian/patches/lp1541925.patch: switch to final upstream commit.

applied/ubuntu/xenial-proposed 2016-02-12 13:09:22 UTC 2016-02-12
Import patches-applied version 1.4.20-1ubuntu3 to applied/ubuntu/xenial-proposed

Author: Marc Deslauriers
Author Date: 2016-02-12 12:19:26 UTC

Import patches-applied version 1.4.20-1ubuntu3 to applied/ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: 4193b555fe74040036890f4b2ad49290d5613160
Unapplied parent: 96ffd0f118d831be05ce913aad4cc0ca6420aa26

New changelog entries:
  * debian/patches/lp1541925.patch: switch to final upstream commit.

applied/ubuntu/xenial 2016-02-12 13:09:22 UTC 2016-02-12
Import patches-applied version 1.4.20-1ubuntu3 to applied/ubuntu/xenial-proposed

Author: Marc Deslauriers
Author Date: 2016-02-12 12:19:26 UTC

Import patches-applied version 1.4.20-1ubuntu3 to applied/ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: 4193b555fe74040036890f4b2ad49290d5613160
Unapplied parent: 96ffd0f118d831be05ce913aad4cc0ca6420aa26

New changelog entries:
  * debian/patches/lp1541925.patch: switch to final upstream commit.

ubuntu/xenial 2016-02-12 13:09:22 UTC 2016-02-12
Import patches-unapplied version 1.4.20-1ubuntu3 to ubuntu/xenial-proposed

Author: Marc Deslauriers
Author Date: 2016-02-12 12:19:26 UTC

Import patches-unapplied version 1.4.20-1ubuntu3 to ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: fda3b7f8e5e13ca3786126c7597b286298b17f8d

New changelog entries:
  * debian/patches/lp1541925.patch: switch to final upstream commit.

applied/debian/wheezy 2015-09-05 16:54:47 UTC 2015-09-05
Import patches-applied version 1.4.12-7+deb7u7 to applied/debian/wheezy

Author: Alessandro Ghedini
Author Date: 2015-03-04 17:46:34 UTC

Import patches-applied version 1.4.12-7+deb7u7 to applied/debian/wheezy

Imported using git-ubuntu import.

Changelog parent: 728ccb750b61356fa4ce00129ddcbde2f70f0be3
Unapplied parent: d9df54b12c271d07b8c7b3417b5a43e230f6defc

New changelog entries:
  * Use ciphertext blinding for Elgamal decryption to counteract a
    side-channel attack as per CVE-2014-3591
  * Fix data-dependent timing variations in the modular exponentiation
    function that could be used to mount a side-channel attack as per
    CVE-2015-0837
  * Fix a use-after-free when importing a garbled keyring file
    as per CVE-2015-1606 (Closes: #778652)

debian/wheezy 2015-09-05 16:54:47 UTC 2015-09-05
Import patches-unapplied version 1.4.12-7+deb7u7 to debian/wheezy

Author: Alessandro Ghedini
Author Date: 2015-03-04 17:46:34 UTC

Import patches-unapplied version 1.4.12-7+deb7u7 to debian/wheezy

Imported using git-ubuntu import.

Changelog parent: 6d7a711a7f11948346568d32984c9550247b48ec

New changelog entries:
  * Use ciphertext blinding for Elgamal decryption to counteract a
    side-channel attack as per CVE-2014-3591
  * Fix data-dependent timing variations in the modular exponentiation
    function that could be used to mount a side-channel attack as per
    CVE-2015-0837
  * Fix a use-after-free when importing a garbled keyring file
    as per CVE-2015-1606 (Closes: #778652)

ubuntu/utopic-devel 2015-04-01 13:43:50 UTC 2015-04-01
Import patches-unapplied version 1.4.16-1.2ubuntu1.2 to ubuntu/utopic-security

Author: Marc Deslauriers
Author Date: 2015-03-27 12:21:50 UTC

Import patches-unapplied version 1.4.16-1.2ubuntu1.2 to ubuntu/utopic-security

Imported using git-ubuntu import.

Changelog parent: 04b4c87f9999db2582bbf8bd38152b625619f9c2

New changelog entries:
  * Screen responses from keyservers (LP: #1409117)
    - d/p/0001-Screen-keyserver-responses.patch
    - d/p/0002-Make-screening-of-keyserver-result-work-with-multi-k.patch
    - d/p/0003-Add-kbnode_t-for-easier-backporting.patch
    - d/p/0004-gpg-Fix-regression-due-to-the-keyserver-import-filte.patch
  * Fix large key size regression from CVE-2014-5270 changes (LP: #1371766)
    - d/p/Add-build-and-runtime-support-for-larger-RSA-key.patch
    - debian/rules: build with --enable-large-secmem
  * SECURITY UPDATE: sidechannel attack on Elgamal
    - debian/patches/CVE-2014-3591.patch: use ciphertext blinding in
      cipher/elgamal.c.
    - CVE-2014-3591
  * SECURITY UPDATE: sidechannel attack via timing variations in mpi_powm
    - debian/patches/CVE-2015-0837.patch: avoid timing variations in
      include/mpi.h, mpi/mpi-pow.c, mpi/mpiutil.c.
    - CVE-2015-0837
  * SECURITY UPDATE: invalid memory read via invalid keyring
    - debian/patches/CVE-2015-1606.patch: skip all packets not allowed in
      a keyring in g10/keyring.c.
    - CVE-2015-1606
  * SECURITY UPDATE: memcpy with overlapping ranges
    - debian/patches/CVE-2015-1607.patch: use inline functions to convert
      buffer data to scalars in g10/apdu.c, g10/app-openpgp.c,
      g10/build-packet.c, g10/ccid-driver.c, g10/getkey.c, g10/keygen.c,
      g10/keyid.c, g10/misc.c, g10/parse-packet.c, g10/tdbio.c,
      g10/trustdb.c, include/host2net.h.
    - CVE-2015-1607

applied/ubuntu/lucid-updates 2015-04-01 13:43:50 UTC 2015-04-01
Import patches-applied version 1.4.10-2ubuntu1.8 to applied/ubuntu/lucid-secu...

Author: Marc Deslauriers
Author Date: 2015-03-25 18:34:25 UTC

Import patches-applied version 1.4.10-2ubuntu1.8 to applied/ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: d5e14e3874fcae6c125f8e177fde8bd2c2f38fe5
Unapplied parent: b10533ba680258e530a245e58bdbd841359b5e20

New changelog entries:
  * SECURITY UPDATE: sidechannel attack on Elgamal
    - debian/patches/CVE-2014-3591.dpatch: use ciphertext blinding in
      cipher/elgamal.c.
    - CVE-2014-3591
  * SECURITY UPDATE: sidechannel attack via timing variations in mpi_powm
    - debian/patches/CVE-2015-0837.dpatch: avoid timing variations in
      include/mpi.h, mpi/mpi-pow.c, mpi/mpiutil.c.
    - CVE-2015-0837
  * SECURITY UPDATE: invalid memory read via invalid keyring
    - debian/patches/CVE-2015-1606.dpatch: skip all packets not allowed in
      a keyring in g10/keyring.c.
    - CVE-2015-1606
  * SECURITY UPDATE: memcpy with overlapping ranges
    - debian/patches/CVE-2015-1607.dpatch: use inline functions to convert
      buffer data to scalars in g10/apdu.c, g10/app-openpgp.c,
      g10/build-packet.c, g10/ccid-driver.c, g10/getkey.c, g10/keygen.c,
      g10/keyid.c, g10/misc.c, g10/parse-packet.c, g10/tdbio.c,
      g10/trustdb.c, include/host2net.h.
    - CVE-2015-1607

applied/ubuntu/utopic-updates 2015-04-01 13:43:50 UTC 2015-04-01
Import patches-applied version 1.4.16-1.2ubuntu1.2 to applied/ubuntu/utopic-s...

Author: Marc Deslauriers
Author Date: 2015-03-27 12:21:50 UTC

Import patches-applied version 1.4.16-1.2ubuntu1.2 to applied/ubuntu/utopic-security

Imported using git-ubuntu import.

Changelog parent: 27860740f31d81cf8200e4dc8f67f516fc72c6f8
Unapplied parent: 66868235cd67a11e560a310c0f06e9c7ed215e4a

New changelog entries:
  * Screen responses from keyservers (LP: #1409117)
    - d/p/0001-Screen-keyserver-responses.patch
    - d/p/0002-Make-screening-of-keyserver-result-work-with-multi-k.patch
    - d/p/0003-Add-kbnode_t-for-easier-backporting.patch
    - d/p/0004-gpg-Fix-regression-due-to-the-keyserver-import-filte.patch
  * Fix large key size regression from CVE-2014-5270 changes (LP: #1371766)
    - d/p/Add-build-and-runtime-support-for-larger-RSA-key.patch
    - debian/rules: build with --enable-large-secmem
  * SECURITY UPDATE: sidechannel attack on Elgamal
    - debian/patches/CVE-2014-3591.patch: use ciphertext blinding in
      cipher/elgamal.c.
    - CVE-2014-3591
  * SECURITY UPDATE: sidechannel attack via timing variations in mpi_powm
    - debian/patches/CVE-2015-0837.patch: avoid timing variations in
      include/mpi.h, mpi/mpi-pow.c, mpi/mpiutil.c.
    - CVE-2015-0837
  * SECURITY UPDATE: invalid memory read via invalid keyring
    - debian/patches/CVE-2015-1606.patch: skip all packets not allowed in
      a keyring in g10/keyring.c.
    - CVE-2015-1606
  * SECURITY UPDATE: memcpy with overlapping ranges
    - debian/patches/CVE-2015-1607.patch: use inline functions to convert
      buffer data to scalars in g10/apdu.c, g10/app-openpgp.c,
      g10/build-packet.c, g10/ccid-driver.c, g10/getkey.c, g10/keygen.c,
      g10/keyid.c, g10/misc.c, g10/parse-packet.c, g10/tdbio.c,
      g10/trustdb.c, include/host2net.h.
    - CVE-2015-1607

applied/ubuntu/utopic-security 2015-04-01 13:43:50 UTC 2015-04-01
Import patches-applied version 1.4.16-1.2ubuntu1.2 to applied/ubuntu/utopic-s...

Author: Marc Deslauriers
Author Date: 2015-03-27 12:21:50 UTC

Import patches-applied version 1.4.16-1.2ubuntu1.2 to applied/ubuntu/utopic-security

Imported using git-ubuntu import.

Changelog parent: 27860740f31d81cf8200e4dc8f67f516fc72c6f8
Unapplied parent: 66868235cd67a11e560a310c0f06e9c7ed215e4a

New changelog entries:
  * Screen responses from keyservers (LP: #1409117)
    - d/p/0001-Screen-keyserver-responses.patch
    - d/p/0002-Make-screening-of-keyserver-result-work-with-multi-k.patch
    - d/p/0003-Add-kbnode_t-for-easier-backporting.patch
    - d/p/0004-gpg-Fix-regression-due-to-the-keyserver-import-filte.patch
  * Fix large key size regression from CVE-2014-5270 changes (LP: #1371766)
    - d/p/Add-build-and-runtime-support-for-larger-RSA-key.patch
    - debian/rules: build with --enable-large-secmem
  * SECURITY UPDATE: sidechannel attack on Elgamal
    - debian/patches/CVE-2014-3591.patch: use ciphertext blinding in
      cipher/elgamal.c.
    - CVE-2014-3591
  * SECURITY UPDATE: sidechannel attack via timing variations in mpi_powm
    - debian/patches/CVE-2015-0837.patch: avoid timing variations in
      include/mpi.h, mpi/mpi-pow.c, mpi/mpiutil.c.
    - CVE-2015-0837
  * SECURITY UPDATE: invalid memory read via invalid keyring
    - debian/patches/CVE-2015-1606.patch: skip all packets not allowed in
      a keyring in g10/keyring.c.
    - CVE-2015-1606
  * SECURITY UPDATE: memcpy with overlapping ranges
    - debian/patches/CVE-2015-1607.patch: use inline functions to convert
      buffer data to scalars in g10/apdu.c, g10/app-openpgp.c,
      g10/build-packet.c, g10/ccid-driver.c, g10/getkey.c, g10/keygen.c,
      g10/keyid.c, g10/misc.c, g10/parse-packet.c, g10/tdbio.c,
      g10/trustdb.c, include/host2net.h.
    - CVE-2015-1607

ubuntu/utopic-security 2015-04-01 13:43:50 UTC 2015-04-01
Import patches-unapplied version 1.4.16-1.2ubuntu1.2 to ubuntu/utopic-security

Author: Marc Deslauriers
Author Date: 2015-03-27 12:21:50 UTC

Import patches-unapplied version 1.4.16-1.2ubuntu1.2 to ubuntu/utopic-security

Imported using git-ubuntu import.

Changelog parent: 04b4c87f9999db2582bbf8bd38152b625619f9c2

New changelog entries:
  * Screen responses from keyservers (LP: #1409117)
    - d/p/0001-Screen-keyserver-responses.patch
    - d/p/0002-Make-screening-of-keyserver-result-work-with-multi-k.patch
    - d/p/0003-Add-kbnode_t-for-easier-backporting.patch
    - d/p/0004-gpg-Fix-regression-due-to-the-keyserver-import-filte.patch
  * Fix large key size regression from CVE-2014-5270 changes (LP: #1371766)
    - d/p/Add-build-and-runtime-support-for-larger-RSA-key.patch
    - debian/rules: build with --enable-large-secmem
  * SECURITY UPDATE: sidechannel attack on Elgamal
    - debian/patches/CVE-2014-3591.patch: use ciphertext blinding in
      cipher/elgamal.c.
    - CVE-2014-3591
  * SECURITY UPDATE: sidechannel attack via timing variations in mpi_powm
    - debian/patches/CVE-2015-0837.patch: avoid timing variations in
      include/mpi.h, mpi/mpi-pow.c, mpi/mpiutil.c.
    - CVE-2015-0837
  * SECURITY UPDATE: invalid memory read via invalid keyring
    - debian/patches/CVE-2015-1606.patch: skip all packets not allowed in
      a keyring in g10/keyring.c.
    - CVE-2015-1606
  * SECURITY UPDATE: memcpy with overlapping ranges
    - debian/patches/CVE-2015-1607.patch: use inline functions to convert
      buffer data to scalars in g10/apdu.c, g10/app-openpgp.c,
      g10/build-packet.c, g10/ccid-driver.c, g10/getkey.c, g10/keygen.c,
      g10/keyid.c, g10/misc.c, g10/parse-packet.c, g10/tdbio.c,
      g10/trustdb.c, include/host2net.h.
    - CVE-2015-1607

ubuntu/lucid-updates 2015-04-01 13:43:50 UTC 2015-04-01
Import patches-unapplied version 1.4.10-2ubuntu1.8 to ubuntu/lucid-security

Author: Marc Deslauriers
Author Date: 2015-03-25 18:34:25 UTC

Import patches-unapplied version 1.4.10-2ubuntu1.8 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: 7a348dd5f030ba517554b8215eeb6961aac85775

New changelog entries:
  * SECURITY UPDATE: sidechannel attack on Elgamal
    - debian/patches/CVE-2014-3591.dpatch: use ciphertext blinding in
      cipher/elgamal.c.
    - CVE-2014-3591
  * SECURITY UPDATE: sidechannel attack via timing variations in mpi_powm
    - debian/patches/CVE-2015-0837.dpatch: avoid timing variations in
      include/mpi.h, mpi/mpi-pow.c, mpi/mpiutil.c.
    - CVE-2015-0837
  * SECURITY UPDATE: invalid memory read via invalid keyring
    - debian/patches/CVE-2015-1606.dpatch: skip all packets not allowed in
      a keyring in g10/keyring.c.
    - CVE-2015-1606
  * SECURITY UPDATE: memcpy with overlapping ranges
    - debian/patches/CVE-2015-1607.dpatch: use inline functions to convert
      buffer data to scalars in g10/apdu.c, g10/app-openpgp.c,
      g10/build-packet.c, g10/ccid-driver.c, g10/getkey.c, g10/keygen.c,
      g10/keyid.c, g10/misc.c, g10/parse-packet.c, g10/tdbio.c,
      g10/trustdb.c, include/host2net.h.
    - CVE-2015-1607

applied/ubuntu/lucid-security 2015-04-01 13:43:50 UTC 2015-04-01
Import patches-applied version 1.4.10-2ubuntu1.8 to applied/ubuntu/lucid-secu...

Author: Marc Deslauriers
Author Date: 2015-03-25 18:34:25 UTC

Import patches-applied version 1.4.10-2ubuntu1.8 to applied/ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: d5e14e3874fcae6c125f8e177fde8bd2c2f38fe5
Unapplied parent: b10533ba680258e530a245e58bdbd841359b5e20

New changelog entries:
  * SECURITY UPDATE: sidechannel attack on Elgamal
    - debian/patches/CVE-2014-3591.dpatch: use ciphertext blinding in
      cipher/elgamal.c.
    - CVE-2014-3591
  * SECURITY UPDATE: sidechannel attack via timing variations in mpi_powm
    - debian/patches/CVE-2015-0837.dpatch: avoid timing variations in
      include/mpi.h, mpi/mpi-pow.c, mpi/mpiutil.c.
    - CVE-2015-0837
  * SECURITY UPDATE: invalid memory read via invalid keyring
    - debian/patches/CVE-2015-1606.dpatch: skip all packets not allowed in
      a keyring in g10/keyring.c.
    - CVE-2015-1606
  * SECURITY UPDATE: memcpy with overlapping ranges
    - debian/patches/CVE-2015-1607.dpatch: use inline functions to convert
      buffer data to scalars in g10/apdu.c, g10/app-openpgp.c,
      g10/build-packet.c, g10/ccid-driver.c, g10/getkey.c, g10/keygen.c,
      g10/keyid.c, g10/misc.c, g10/parse-packet.c, g10/tdbio.c,
      g10/trustdb.c, include/host2net.h.
    - CVE-2015-1607

applied/ubuntu/utopic-devel 2015-04-01 13:43:50 UTC 2015-04-01
Import patches-applied version 1.4.16-1.2ubuntu1.2 to applied/ubuntu/utopic-s...

Author: Marc Deslauriers
Author Date: 2015-03-27 12:21:50 UTC

Import patches-applied version 1.4.16-1.2ubuntu1.2 to applied/ubuntu/utopic-security

Imported using git-ubuntu import.

Changelog parent: 27860740f31d81cf8200e4dc8f67f516fc72c6f8
Unapplied parent: 66868235cd67a11e560a310c0f06e9c7ed215e4a

New changelog entries:
  * Screen responses from keyservers (LP: #1409117)
    - d/p/0001-Screen-keyserver-responses.patch
    - d/p/0002-Make-screening-of-keyserver-result-work-with-multi-k.patch
    - d/p/0003-Add-kbnode_t-for-easier-backporting.patch
    - d/p/0004-gpg-Fix-regression-due-to-the-keyserver-import-filte.patch
  * Fix large key size regression from CVE-2014-5270 changes (LP: #1371766)
    - d/p/Add-build-and-runtime-support-for-larger-RSA-key.patch
    - debian/rules: build with --enable-large-secmem
  * SECURITY UPDATE: sidechannel attack on Elgamal
    - debian/patches/CVE-2014-3591.patch: use ciphertext blinding in
      cipher/elgamal.c.
    - CVE-2014-3591
  * SECURITY UPDATE: sidechannel attack via timing variations in mpi_powm
    - debian/patches/CVE-2015-0837.patch: avoid timing variations in
      include/mpi.h, mpi/mpi-pow.c, mpi/mpiutil.c.
    - CVE-2015-0837
  * SECURITY UPDATE: invalid memory read via invalid keyring
    - debian/patches/CVE-2015-1606.patch: skip all packets not allowed in
      a keyring in g10/keyring.c.
    - CVE-2015-1606
  * SECURITY UPDATE: memcpy with overlapping ranges
    - debian/patches/CVE-2015-1607.patch: use inline functions to convert
      buffer data to scalars in g10/apdu.c, g10/app-openpgp.c,
      g10/build-packet.c, g10/ccid-driver.c, g10/getkey.c, g10/keygen.c,
      g10/keyid.c, g10/misc.c, g10/parse-packet.c, g10/tdbio.c,
      g10/trustdb.c, include/host2net.h.
    - CVE-2015-1607

applied/ubuntu/lucid-devel 2015-04-01 13:43:50 UTC 2015-04-01
Import patches-applied version 1.4.10-2ubuntu1.8 to applied/ubuntu/lucid-secu...

Author: Marc Deslauriers
Author Date: 2015-03-25 18:34:25 UTC

Import patches-applied version 1.4.10-2ubuntu1.8 to applied/ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: d5e14e3874fcae6c125f8e177fde8bd2c2f38fe5
Unapplied parent: b10533ba680258e530a245e58bdbd841359b5e20

New changelog entries:
  * SECURITY UPDATE: sidechannel attack on Elgamal
    - debian/patches/CVE-2014-3591.dpatch: use ciphertext blinding in
      cipher/elgamal.c.
    - CVE-2014-3591
  * SECURITY UPDATE: sidechannel attack via timing variations in mpi_powm
    - debian/patches/CVE-2015-0837.dpatch: avoid timing variations in
      include/mpi.h, mpi/mpi-pow.c, mpi/mpiutil.c.
    - CVE-2015-0837
  * SECURITY UPDATE: invalid memory read via invalid keyring
    - debian/patches/CVE-2015-1606.dpatch: skip all packets not allowed in
      a keyring in g10/keyring.c.
    - CVE-2015-1606
  * SECURITY UPDATE: memcpy with overlapping ranges
    - debian/patches/CVE-2015-1607.dpatch: use inline functions to convert
      buffer data to scalars in g10/apdu.c, g10/app-openpgp.c,
      g10/build-packet.c, g10/ccid-driver.c, g10/getkey.c, g10/keygen.c,
      g10/keyid.c, g10/misc.c, g10/parse-packet.c, g10/tdbio.c,
      g10/trustdb.c, include/host2net.h.
    - CVE-2015-1607

ubuntu/utopic-updates 2015-04-01 13:43:50 UTC 2015-04-01
Import patches-unapplied version 1.4.16-1.2ubuntu1.2 to ubuntu/utopic-security

Author: Marc Deslauriers
Author Date: 2015-03-27 12:21:50 UTC

Import patches-unapplied version 1.4.16-1.2ubuntu1.2 to ubuntu/utopic-security

Imported using git-ubuntu import.

Changelog parent: 04b4c87f9999db2582bbf8bd38152b625619f9c2

New changelog entries:
  * Screen responses from keyservers (LP: #1409117)
    - d/p/0001-Screen-keyserver-responses.patch
    - d/p/0002-Make-screening-of-keyserver-result-work-with-multi-k.patch
    - d/p/0003-Add-kbnode_t-for-easier-backporting.patch
    - d/p/0004-gpg-Fix-regression-due-to-the-keyserver-import-filte.patch
  * Fix large key size regression from CVE-2014-5270 changes (LP: #1371766)
    - d/p/Add-build-and-runtime-support-for-larger-RSA-key.patch
    - debian/rules: build with --enable-large-secmem
  * SECURITY UPDATE: sidechannel attack on Elgamal
    - debian/patches/CVE-2014-3591.patch: use ciphertext blinding in
      cipher/elgamal.c.
    - CVE-2014-3591
  * SECURITY UPDATE: sidechannel attack via timing variations in mpi_powm
    - debian/patches/CVE-2015-0837.patch: avoid timing variations in
      include/mpi.h, mpi/mpi-pow.c, mpi/mpiutil.c.
    - CVE-2015-0837
  * SECURITY UPDATE: invalid memory read via invalid keyring
    - debian/patches/CVE-2015-1606.patch: skip all packets not allowed in
      a keyring in g10/keyring.c.
    - CVE-2015-1606
  * SECURITY UPDATE: memcpy with overlapping ranges
    - debian/patches/CVE-2015-1607.patch: use inline functions to convert
      buffer data to scalars in g10/apdu.c, g10/app-openpgp.c,
      g10/build-packet.c, g10/ccid-driver.c, g10/getkey.c, g10/keygen.c,
      g10/keyid.c, g10/misc.c, g10/parse-packet.c, g10/tdbio.c,
      g10/trustdb.c, include/host2net.h.
    - CVE-2015-1607

ubuntu/lucid-security 2015-04-01 13:43:50 UTC 2015-04-01
Import patches-unapplied version 1.4.10-2ubuntu1.8 to ubuntu/lucid-security

Author: Marc Deslauriers
Author Date: 2015-03-25 18:34:25 UTC

Import patches-unapplied version 1.4.10-2ubuntu1.8 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: 7a348dd5f030ba517554b8215eeb6961aac85775

New changelog entries:
  * SECURITY UPDATE: sidechannel attack on Elgamal
    - debian/patches/CVE-2014-3591.dpatch: use ciphertext blinding in
      cipher/elgamal.c.
    - CVE-2014-3591
  * SECURITY UPDATE: sidechannel attack via timing variations in mpi_powm
    - debian/patches/CVE-2015-0837.dpatch: avoid timing variations in
      include/mpi.h, mpi/mpi-pow.c, mpi/mpiutil.c.
    - CVE-2015-0837
  * SECURITY UPDATE: invalid memory read via invalid keyring
    - debian/patches/CVE-2015-1606.dpatch: skip all packets not allowed in
      a keyring in g10/keyring.c.
    - CVE-2015-1606
  * SECURITY UPDATE: memcpy with overlapping ranges
    - debian/patches/CVE-2015-1607.dpatch: use inline functions to convert
      buffer data to scalars in g10/apdu.c, g10/app-openpgp.c,
      g10/build-packet.c, g10/ccid-driver.c, g10/getkey.c, g10/keygen.c,
      g10/keyid.c, g10/misc.c, g10/parse-packet.c, g10/tdbio.c,
      g10/trustdb.c, include/host2net.h.
    - CVE-2015-1607

ubuntu/lucid-devel 2015-04-01 13:43:50 UTC 2015-04-01
Import patches-unapplied version 1.4.10-2ubuntu1.8 to ubuntu/lucid-security

Author: Marc Deslauriers
Author Date: 2015-03-25 18:34:25 UTC

Import patches-unapplied version 1.4.10-2ubuntu1.8 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: 7a348dd5f030ba517554b8215eeb6961aac85775

New changelog entries:
  * SECURITY UPDATE: sidechannel attack on Elgamal
    - debian/patches/CVE-2014-3591.dpatch: use ciphertext blinding in
      cipher/elgamal.c.
    - CVE-2014-3591
  * SECURITY UPDATE: sidechannel attack via timing variations in mpi_powm
    - debian/patches/CVE-2015-0837.dpatch: avoid timing variations in
      include/mpi.h, mpi/mpi-pow.c, mpi/mpiutil.c.
    - CVE-2015-0837
  * SECURITY UPDATE: invalid memory read via invalid keyring
    - debian/patches/CVE-2015-1606.dpatch: skip all packets not allowed in
      a keyring in g10/keyring.c.
    - CVE-2015-1606
  * SECURITY UPDATE: memcpy with overlapping ranges
    - debian/patches/CVE-2015-1607.dpatch: use inline functions to convert
      buffer data to scalars in g10/apdu.c, g10/app-openpgp.c,
      g10/build-packet.c, g10/ccid-driver.c, g10/getkey.c, g10/keygen.c,
      g10/keyid.c, g10/misc.c, g10/parse-packet.c, g10/tdbio.c,
      g10/trustdb.c, include/host2net.h.
    - CVE-2015-1607

ubuntu/vivid-proposed 2015-03-08 09:43:31 UTC 2015-03-08
Import patches-unapplied version 1.4.18-7ubuntu1 to ubuntu/vivid-proposed

Author: Colin Watson
Author Date: 2015-03-08 09:26:02 UTC

Import patches-unapplied version 1.4.18-7ubuntu1 to ubuntu/vivid-proposed

Imported using git-ubuntu import.

Changelog parent: 9ddbd4347f45780c654339733b60b507b2c8075c

New changelog entries:
  * Resynchronise with Debian. Remaining changes:
    - Disable mlock() test since it fails with ulimit 0 (on buildds).
    - Set gpg (or gpg2) and gpgsm to use a passphrase agent by default.
    - Only suggest gnupg-curl and libldap; recommendations are pulled into
      minimal, and we don't need the keyserver utilities in a minimal Ubuntu
      system.
    - Remove the Win32 build.
    - Build using dh-autoreconf.
    - Disable inline assembler for ppc64el.
    - Enable SHA-512 support in gpgv-udeb.

applied/ubuntu/wily 2015-03-08 09:43:31 UTC 2015-03-08
Import patches-applied version 1.4.18-7ubuntu1 to applied/ubuntu/vivid-proposed

Author: Colin Watson
Author Date: 2015-03-08 09:26:02 UTC

Import patches-applied version 1.4.18-7ubuntu1 to applied/ubuntu/vivid-proposed

Imported using git-ubuntu import.

Changelog parent: 439590bdc7fe73de0b848e72d69712a37ecedb3e
Unapplied parent: e4e5d5e079d3a7c8f1e20a134fbbf7b059e4245e

New changelog entries:
  * Resynchronise with Debian. Remaining changes:
    - Disable mlock() test since it fails with ulimit 0 (on buildds).
    - Set gpg (or gpg2) and gpgsm to use a passphrase agent by default.
    - Only suggest gnupg-curl and libldap; recommendations are pulled into
      minimal, and we don't need the keyserver utilities in a minimal Ubuntu
      system.
    - Remove the Win32 build.
    - Build using dh-autoreconf.
    - Disable inline assembler for ppc64el.
    - Enable SHA-512 support in gpgv-udeb.

ubuntu/wily 2015-03-08 09:43:31 UTC 2015-03-08
Import patches-unapplied version 1.4.18-7ubuntu1 to ubuntu/vivid-proposed

Author: Colin Watson
Author Date: 2015-03-08 09:26:02 UTC

Import patches-unapplied version 1.4.18-7ubuntu1 to ubuntu/vivid-proposed

Imported using git-ubuntu import.

Changelog parent: 9ddbd4347f45780c654339733b60b507b2c8075c

New changelog entries:
  * Resynchronise with Debian. Remaining changes:
    - Disable mlock() test since it fails with ulimit 0 (on buildds).
    - Set gpg (or gpg2) and gpgsm to use a passphrase agent by default.
    - Only suggest gnupg-curl and libldap; recommendations are pulled into
      minimal, and we don't need the keyserver utilities in a minimal Ubuntu
      system.
    - Remove the Win32 build.
    - Build using dh-autoreconf.
    - Disable inline assembler for ppc64el.
    - Enable SHA-512 support in gpgv-udeb.

ubuntu/wily-devel 2015-03-08 09:43:31 UTC 2015-03-08
Import patches-unapplied version 1.4.18-7ubuntu1 to ubuntu/vivid-proposed

Author: Colin Watson
Author Date: 2015-03-08 09:26:02 UTC

Import patches-unapplied version 1.4.18-7ubuntu1 to ubuntu/vivid-proposed

Imported using git-ubuntu import.

Changelog parent: 9ddbd4347f45780c654339733b60b507b2c8075c

New changelog entries:
  * Resynchronise with Debian. Remaining changes:
    - Disable mlock() test since it fails with ulimit 0 (on buildds).
    - Set gpg (or gpg2) and gpgsm to use a passphrase agent by default.
    - Only suggest gnupg-curl and libldap; recommendations are pulled into
      minimal, and we don't need the keyserver utilities in a minimal Ubuntu
      system.
    - Remove the Win32 build.
    - Build using dh-autoreconf.
    - Disable inline assembler for ppc64el.
    - Enable SHA-512 support in gpgv-udeb.

applied/ubuntu/vivid-proposed 2015-03-08 09:43:31 UTC 2015-03-08
Import patches-applied version 1.4.18-7ubuntu1 to applied/ubuntu/vivid-proposed

Author: Colin Watson
Author Date: 2015-03-08 09:26:02 UTC

Import patches-applied version 1.4.18-7ubuntu1 to applied/ubuntu/vivid-proposed

Imported using git-ubuntu import.

Changelog parent: 439590bdc7fe73de0b848e72d69712a37ecedb3e
Unapplied parent: e4e5d5e079d3a7c8f1e20a134fbbf7b059e4245e

New changelog entries:
  * Resynchronise with Debian. Remaining changes:
    - Disable mlock() test since it fails with ulimit 0 (on buildds).
    - Set gpg (or gpg2) and gpgsm to use a passphrase agent by default.
    - Only suggest gnupg-curl and libldap; recommendations are pulled into
      minimal, and we don't need the keyserver utilities in a minimal Ubuntu
      system.
    - Remove the Win32 build.
    - Build using dh-autoreconf.
    - Disable inline assembler for ppc64el.
    - Enable SHA-512 support in gpgv-udeb.

applied/ubuntu/vivid-devel 2015-03-08 09:43:31 UTC 2015-03-08
Import patches-applied version 1.4.18-7ubuntu1 to applied/ubuntu/vivid-proposed

Author: Colin Watson
Author Date: 2015-03-08 09:26:02 UTC

Import patches-applied version 1.4.18-7ubuntu1 to applied/ubuntu/vivid-proposed

Imported using git-ubuntu import.

Changelog parent: 439590bdc7fe73de0b848e72d69712a37ecedb3e
Unapplied parent: e4e5d5e079d3a7c8f1e20a134fbbf7b059e4245e

New changelog entries:
  * Resynchronise with Debian. Remaining changes:
    - Disable mlock() test since it fails with ulimit 0 (on buildds).
    - Set gpg (or gpg2) and gpgsm to use a passphrase agent by default.
    - Only suggest gnupg-curl and libldap; recommendations are pulled into
      minimal, and we don't need the keyserver utilities in a minimal Ubuntu
      system.
    - Remove the Win32 build.
    - Build using dh-autoreconf.
    - Disable inline assembler for ppc64el.
    - Enable SHA-512 support in gpgv-udeb.

applied/ubuntu/vivid 2015-03-08 09:43:31 UTC 2015-03-08
Import patches-applied version 1.4.18-7ubuntu1 to applied/ubuntu/vivid-proposed

Author: Colin Watson
Author Date: 2015-03-08 09:26:02 UTC

Import patches-applied version 1.4.18-7ubuntu1 to applied/ubuntu/vivid-proposed

Imported using git-ubuntu import.

Changelog parent: 439590bdc7fe73de0b848e72d69712a37ecedb3e
Unapplied parent: e4e5d5e079d3a7c8f1e20a134fbbf7b059e4245e

New changelog entries:
  * Resynchronise with Debian. Remaining changes:
    - Disable mlock() test since it fails with ulimit 0 (on buildds).
    - Set gpg (or gpg2) and gpgsm to use a passphrase agent by default.
    - Only suggest gnupg-curl and libldap; recommendations are pulled into
      minimal, and we don't need the keyserver utilities in a minimal Ubuntu
      system.
    - Remove the Win32 build.
    - Build using dh-autoreconf.
    - Disable inline assembler for ppc64el.
    - Enable SHA-512 support in gpgv-udeb.

ubuntu/vivid 2015-03-08 09:43:31 UTC 2015-03-08
Import patches-unapplied version 1.4.18-7ubuntu1 to ubuntu/vivid-proposed

Author: Colin Watson
Author Date: 2015-03-08 09:26:02 UTC

Import patches-unapplied version 1.4.18-7ubuntu1 to ubuntu/vivid-proposed

Imported using git-ubuntu import.

Changelog parent: 9ddbd4347f45780c654339733b60b507b2c8075c

New changelog entries:
  * Resynchronise with Debian. Remaining changes:
    - Disable mlock() test since it fails with ulimit 0 (on buildds).
    - Set gpg (or gpg2) and gpgsm to use a passphrase agent by default.
    - Only suggest gnupg-curl and libldap; recommendations are pulled into
      minimal, and we don't need the keyserver utilities in a minimal Ubuntu
      system.
    - Remove the Win32 build.
    - Build using dh-autoreconf.
    - Disable inline assembler for ppc64el.
    - Enable SHA-512 support in gpgv-udeb.

applied/ubuntu/wily-devel 2015-03-08 09:43:31 UTC 2015-03-08
Import patches-applied version 1.4.18-7ubuntu1 to applied/ubuntu/vivid-proposed

Author: Colin Watson
Author Date: 2015-03-08 09:26:02 UTC

Import patches-applied version 1.4.18-7ubuntu1 to applied/ubuntu/vivid-proposed

Imported using git-ubuntu import.

Changelog parent: 439590bdc7fe73de0b848e72d69712a37ecedb3e
Unapplied parent: e4e5d5e079d3a7c8f1e20a134fbbf7b059e4245e

New changelog entries:
  * Resynchronise with Debian. Remaining changes:
    - Disable mlock() test since it fails with ulimit 0 (on buildds).
    - Set gpg (or gpg2) and gpgsm to use a passphrase agent by default.
    - Only suggest gnupg-curl and libldap; recommendations are pulled into
      minimal, and we don't need the keyserver utilities in a minimal Ubuntu
      system.
    - Remove the Win32 build.
    - Build using dh-autoreconf.
    - Disable inline assembler for ppc64el.
    - Enable SHA-512 support in gpgv-udeb.

ubuntu/vivid-devel 2015-03-08 09:43:31 UTC 2015-03-08
Import patches-unapplied version 1.4.18-7ubuntu1 to ubuntu/vivid-proposed

Author: Colin Watson
Author Date: 2015-03-08 09:26:02 UTC

Import patches-unapplied version 1.4.18-7ubuntu1 to ubuntu/vivid-proposed

Imported using git-ubuntu import.

Changelog parent: 9ddbd4347f45780c654339733b60b507b2c8075c

New changelog entries:
  * Resynchronise with Debian. Remaining changes:
    - Disable mlock() test since it fails with ulimit 0 (on buildds).
    - Set gpg (or gpg2) and gpgsm to use a passphrase agent by default.
    - Only suggest gnupg-curl and libldap; recommendations are pulled into
      minimal, and we don't need the keyserver utilities in a minimal Ubuntu
      system.
    - Remove the Win32 build.
    - Build using dh-autoreconf.
    - Disable inline assembler for ppc64el.
    - Enable SHA-512 support in gpgv-udeb.

ubuntu/utopic-proposed 2014-06-26 19:48:34 UTC 2014-06-26
Import patches-unapplied version 1.4.16-1.2ubuntu1 to ubuntu/utopic-proposed

Author: Marc Deslauriers
Author Date: 2014-06-26 18:41:40 UTC

Import patches-unapplied version 1.4.16-1.2ubuntu1 to ubuntu/utopic-proposed

Imported using git-ubuntu import.

Changelog parent: 6f6d7398e7145e0ed37bea323e026fd080163203

New changelog entries:
  * Resynchronise with Debian. Remaining changes:
    - Disable mlock() test since it fails with ulimit 0 (on buildds).
    - Set gpg (or gpg2) and gpgsm to use a passphrase agent by default.
    - Only suggest gnupg-curl and libldap; recommendations are pulled into
      minimal, and we don't need the keyserver utilities in a minimal Ubuntu
      system.
    - Remove the Win32 build.
    - Build using dh-autoreconf
    - Disable inline assembler for ppc64el.

ubuntu/utopic 2014-06-26 19:48:34 UTC 2014-06-26
Import patches-unapplied version 1.4.16-1.2ubuntu1 to ubuntu/utopic-proposed

Author: Marc Deslauriers
Author Date: 2014-06-26 18:41:40 UTC

Import patches-unapplied version 1.4.16-1.2ubuntu1 to ubuntu/utopic-proposed

Imported using git-ubuntu import.

Changelog parent: 6f6d7398e7145e0ed37bea323e026fd080163203

New changelog entries:
  * Resynchronise with Debian. Remaining changes:
    - Disable mlock() test since it fails with ulimit 0 (on buildds).
    - Set gpg (or gpg2) and gpgsm to use a passphrase agent by default.
    - Only suggest gnupg-curl and libldap; recommendations are pulled into
      minimal, and we don't need the keyserver utilities in a minimal Ubuntu
      system.
    - Remove the Win32 build.
    - Build using dh-autoreconf
    - Disable inline assembler for ppc64el.

applied/ubuntu/utopic-proposed 2014-06-26 19:48:34 UTC 2014-06-26
Import patches-applied version 1.4.16-1.2ubuntu1 to applied/ubuntu/utopic-pro...

Author: Marc Deslauriers
Author Date: 2014-06-26 18:41:40 UTC

Import patches-applied version 1.4.16-1.2ubuntu1 to applied/ubuntu/utopic-proposed

Imported using git-ubuntu import.

Changelog parent: b36bba61f7d87ebf437114f7a83f508078db1f2a
Unapplied parent: 7907081267ab999bfc5d02d5d9c8ff3e87e77d03

New changelog entries:
  * Resynchronise with Debian. Remaining changes:
    - Disable mlock() test since it fails with ulimit 0 (on buildds).
    - Set gpg (or gpg2) and gpgsm to use a passphrase agent by default.
    - Only suggest gnupg-curl and libldap; recommendations are pulled into
      minimal, and we don't need the keyserver utilities in a minimal Ubuntu
      system.
    - Remove the Win32 build.
    - Build using dh-autoreconf
    - Disable inline assembler for ppc64el.

applied/ubuntu/utopic 2014-06-26 19:48:34 UTC 2014-06-26
Import patches-applied version 1.4.16-1.2ubuntu1 to applied/ubuntu/utopic-pro...

Author: Marc Deslauriers
Author Date: 2014-06-26 18:41:40 UTC

Import patches-applied version 1.4.16-1.2ubuntu1 to applied/ubuntu/utopic-proposed

Imported using git-ubuntu import.

Changelog parent: b36bba61f7d87ebf437114f7a83f508078db1f2a
Unapplied parent: 7907081267ab999bfc5d02d5d9c8ff3e87e77d03

New changelog entries:
  * Resynchronise with Debian. Remaining changes:
    - Disable mlock() test since it fails with ulimit 0 (on buildds).
    - Set gpg (or gpg2) and gpgsm to use a passphrase agent by default.
    - Only suggest gnupg-curl and libldap; recommendations are pulled into
      minimal, and we don't need the keyserver utilities in a minimal Ubuntu
      system.
    - Remove the Win32 build.
    - Build using dh-autoreconf
    - Disable inline assembler for ppc64el.

ubuntu/saucy-devel 2014-06-26 17:53:54 UTC 2014-06-26
Import patches-unapplied version 1.4.14-1ubuntu2.2 to ubuntu/saucy-security

Author: Marc Deslauriers
Author Date: 2014-06-26 12:28:58 UTC

Import patches-unapplied version 1.4.14-1ubuntu2.2 to ubuntu/saucy-security

Imported using git-ubuntu import.

Changelog parent: a41726ace41cf4123fa579a8aff4a409c30d50bc

New changelog entries:
  * SECURITY UPDATE: denial of service via uncompressing garbled packets
    - debian/patches/CVE-2014-4617.patch: limit number of extra bytes in
      g10/compress.c.
    - CVE-2014-4617

ubuntu/saucy-security 2014-06-26 17:53:54 UTC 2014-06-26
Import patches-unapplied version 1.4.14-1ubuntu2.2 to ubuntu/saucy-security

Author: Marc Deslauriers
Author Date: 2014-06-26 12:28:58 UTC

Import patches-unapplied version 1.4.14-1ubuntu2.2 to ubuntu/saucy-security

Imported using git-ubuntu import.

Changelog parent: a41726ace41cf4123fa579a8aff4a409c30d50bc

New changelog entries:
  * SECURITY UPDATE: denial of service via uncompressing garbled packets
    - debian/patches/CVE-2014-4617.patch: limit number of extra bytes in
      g10/compress.c.
    - CVE-2014-4617

applied/ubuntu/saucy-updates 2014-06-26 17:53:54 UTC 2014-06-26
Import patches-applied version 1.4.14-1ubuntu2.2 to applied/ubuntu/saucy-secu...

Author: Marc Deslauriers
Author Date: 2014-06-26 12:28:58 UTC

Import patches-applied version 1.4.14-1ubuntu2.2 to applied/ubuntu/saucy-security

Imported using git-ubuntu import.

Changelog parent: 74b2c5828f245e3fc15c030de61839f8b923a295
Unapplied parent: f545da68bfcbacb0bdae875d40a2a8f19b58f226

New changelog entries:
  * SECURITY UPDATE: denial of service via uncompressing garbled packets
    - debian/patches/CVE-2014-4617.patch: limit number of extra bytes in
      g10/compress.c.
    - CVE-2014-4617

applied/ubuntu/saucy-security 2014-06-26 17:53:54 UTC 2014-06-26
Import patches-applied version 1.4.14-1ubuntu2.2 to applied/ubuntu/saucy-secu...

Author: Marc Deslauriers
Author Date: 2014-06-26 12:28:58 UTC

Import patches-applied version 1.4.14-1ubuntu2.2 to applied/ubuntu/saucy-security

Imported using git-ubuntu import.

Changelog parent: 74b2c5828f245e3fc15c030de61839f8b923a295
Unapplied parent: f545da68bfcbacb0bdae875d40a2a8f19b58f226

New changelog entries:
  * SECURITY UPDATE: denial of service via uncompressing garbled packets
    - debian/patches/CVE-2014-4617.patch: limit number of extra bytes in
      g10/compress.c.
    - CVE-2014-4617

applied/ubuntu/saucy-devel 2014-06-26 17:53:54 UTC 2014-06-26
Import patches-applied version 1.4.14-1ubuntu2.2 to applied/ubuntu/saucy-secu...

Author: Marc Deslauriers
Author Date: 2014-06-26 12:28:58 UTC

Import patches-applied version 1.4.14-1ubuntu2.2 to applied/ubuntu/saucy-security

Imported using git-ubuntu import.

Changelog parent: 74b2c5828f245e3fc15c030de61839f8b923a295
Unapplied parent: f545da68bfcbacb0bdae875d40a2a8f19b58f226

New changelog entries:
  * SECURITY UPDATE: denial of service via uncompressing garbled packets
    - debian/patches/CVE-2014-4617.patch: limit number of extra bytes in
      g10/compress.c.
    - CVE-2014-4617

ubuntu/saucy-updates 2014-06-26 17:53:54 UTC 2014-06-26
Import patches-unapplied version 1.4.14-1ubuntu2.2 to ubuntu/saucy-security

Author: Marc Deslauriers
Author Date: 2014-06-26 12:28:58 UTC

Import patches-unapplied version 1.4.14-1ubuntu2.2 to ubuntu/saucy-security

Imported using git-ubuntu import.

Changelog parent: a41726ace41cf4123fa579a8aff4a409c30d50bc

New changelog entries:
  * SECURITY UPDATE: denial of service via uncompressing garbled packets
    - debian/patches/CVE-2014-4617.patch: limit number of extra bytes in
      g10/compress.c.
    - CVE-2014-4617

ubuntu/trusty-proposed 2014-03-06 16:49:56 UTC 2014-03-06
Import patches-unapplied version 1.4.16-1ubuntu2 to ubuntu/trusty-proposed

Author: Brian Murray
Author Date: 2014-03-06 15:53:11 UTC

Import patches-unapplied version 1.4.16-1ubuntu2 to ubuntu/trusty-proposed

Imported using git-ubuntu import.

Changelog parent: 632474e5c3f5700a0c2376b26555873d5f303422

New changelog entries:
  * Add patch init_trustdb.patch (Closes: #737128)

ubuntu/trusty 2014-03-06 16:49:56 UTC 2014-03-06
Import patches-unapplied version 1.4.16-1ubuntu2 to ubuntu/trusty-proposed

Author: Brian Murray
Author Date: 2014-03-06 15:53:11 UTC

Import patches-unapplied version 1.4.16-1ubuntu2 to ubuntu/trusty-proposed

Imported using git-ubuntu import.

Changelog parent: 632474e5c3f5700a0c2376b26555873d5f303422

New changelog entries:
  * Add patch init_trustdb.patch (Closes: #737128)

applied/ubuntu/trusty-proposed 2014-03-06 16:49:56 UTC 2014-03-06
Import patches-applied version 1.4.16-1ubuntu2 to applied/ubuntu/trusty-proposed

Author: Brian Murray
Author Date: 2014-03-06 15:53:11 UTC

Import patches-applied version 1.4.16-1ubuntu2 to applied/ubuntu/trusty-proposed

Imported using git-ubuntu import.

Changelog parent: 036325ae8e3f6d7851ba5a64442cc2330f760d54
Unapplied parent: b5dec1833bbd0ff6f93db367d7f7e505028e6564

New changelog entries:
  * Add patch init_trustdb.patch (Closes: #737128)

applied/ubuntu/trusty 2014-03-06 16:49:56 UTC 2014-03-06
Import patches-applied version 1.4.16-1ubuntu2 to applied/ubuntu/trusty-proposed

Author: Brian Murray
Author Date: 2014-03-06 15:53:11 UTC

Import patches-applied version 1.4.16-1ubuntu2 to applied/ubuntu/trusty-proposed

Imported using git-ubuntu import.

Changelog parent: 036325ae8e3f6d7851ba5a64442cc2330f760d54
Unapplied parent: b5dec1833bbd0ff6f93db367d7f7e505028e6564

New changelog entries:
  * Add patch init_trustdb.patch (Closes: #737128)

applied/debian/squeeze 2014-02-15 16:44:31 UTC 2014-02-15
Import patches-applied version 1.4.10-4+squeeze4 to applied/debian/squeeze

Author: Thijs Kinkhorst
Author Date: 2013-12-14 07:28:15 UTC

Import patches-applied version 1.4.10-4+squeeze4 to applied/debian/squeeze

Imported using git-ubuntu import.

Changelog parent: 312db3e84f22e52e26fe6f24d64263b890d7155d
Unapplied parent: 08a9ea2c4b8f265d623303bd9033692098a1bed0

New changelog entries:
  * Fixed the RSA Key Extraction via Low-Bandwidth Acoustic
    Cryptanalysis attack as described by Genkin, Shamir, and Tromer.
    See <http://www.cs.tau.ac.il/~tromer/acoustic/>. [CVE-2013-4576]

debian/squeeze 2014-02-15 16:44:31 UTC 2014-02-15
Import patches-unapplied version 1.4.10-4+squeeze4 to debian/squeeze

Author: Thijs Kinkhorst
Author Date: 2013-12-14 07:28:15 UTC

Import patches-unapplied version 1.4.10-4+squeeze4 to debian/squeeze

Imported using git-ubuntu import.

Changelog parent: bb24aa8ac4920eb44672528f063e630e13a8e919

New changelog entries:
  * Fixed the RSA Key Extraction via Low-Bandwidth Acoustic
    Cryptanalysis attack as described by Genkin, Shamir, and Tromer.
    See <http://www.cs.tau.ac.il/~tromer/acoustic/>. [CVE-2013-4576]

applied/ubuntu/quantal-devel 2013-12-18 19:33:26 UTC 2013-12-18
Import patches-applied version 1.4.11-3ubuntu4.4 to applied/ubuntu/quantal-se...

Author: Marc Deslauriers
Author Date: 2013-12-18 16:15:37 UTC

Import patches-applied version 1.4.11-3ubuntu4.4 to applied/ubuntu/quantal-security

Imported using git-ubuntu import.

Changelog parent: 3ad643ece815a6538a39d68e9f42c184b895acc7
Unapplied parent: e28521a88d9864a6239c57474efa9ca063fc73b4

New changelog entries:
  * SECURITY UPDATE: RSA Key Extraction via Low-Bandwidth Acoustic
    Cryptanalysis attack
    - debian/patches/CVE-2013-4576.dpatch: Use blinding for the RSA secret
      operation in cipher/random.*, cipher/rsa.c, g10/gpgv.c. Normalize the
      MPIs used as input to secret key functions in cipher/dsa.c,
      cipher/elgamal.c, cipher/rsa.c.
    - CVE-2013-4576

ubuntu/quantal-devel 2013-12-18 19:33:26 UTC 2013-12-18
Import patches-unapplied version 1.4.11-3ubuntu4.4 to ubuntu/quantal-security

Author: Marc Deslauriers
Author Date: 2013-12-18 16:15:37 UTC

Import patches-unapplied version 1.4.11-3ubuntu4.4 to ubuntu/quantal-security

Imported using git-ubuntu import.

Changelog parent: c497da3b043cd6d9967fa07251cba659dc3d30d8

New changelog entries:
  * SECURITY UPDATE: RSA Key Extraction via Low-Bandwidth Acoustic
    Cryptanalysis attack
    - debian/patches/CVE-2013-4576.dpatch: Use blinding for the RSA secret
      operation in cipher/random.*, cipher/rsa.c, g10/gpgv.c. Normalize the
      MPIs used as input to secret key functions in cipher/dsa.c,
      cipher/elgamal.c, cipher/rsa.c.
    - CVE-2013-4576

ubuntu/quantal-security 2013-12-18 19:33:26 UTC 2013-12-18
Import patches-unapplied version 1.4.11-3ubuntu4.4 to ubuntu/quantal-security

Author: Marc Deslauriers
Author Date: 2013-12-18 16:15:37 UTC

Import patches-unapplied version 1.4.11-3ubuntu4.4 to ubuntu/quantal-security

Imported using git-ubuntu import.

Changelog parent: c497da3b043cd6d9967fa07251cba659dc3d30d8

New changelog entries:
  * SECURITY UPDATE: RSA Key Extraction via Low-Bandwidth Acoustic
    Cryptanalysis attack
    - debian/patches/CVE-2013-4576.dpatch: Use blinding for the RSA secret
      operation in cipher/random.*, cipher/rsa.c, g10/gpgv.c. Normalize the
      MPIs used as input to secret key functions in cipher/dsa.c,
      cipher/elgamal.c, cipher/rsa.c.
    - CVE-2013-4576

ubuntu/raring-devel 2013-12-18 19:33:26 UTC 2013-12-18
Import patches-unapplied version 1.4.12-7ubuntu1.3 to ubuntu/raring-security

Author: Marc Deslauriers
Author Date: 2013-12-18 16:14:22 UTC

Import patches-unapplied version 1.4.12-7ubuntu1.3 to ubuntu/raring-security

Imported using git-ubuntu import.

Changelog parent: 03a10ccde0f401f8cad359055674dad2280d6c36

New changelog entries:
  * SECURITY UPDATE: RSA Key Extraction via Low-Bandwidth Acoustic
    Cryptanalysis attack
    - debian/patches/CVE-2013-4576.patch: Use blinding for the RSA secret
      operation in cipher/random.*, cipher/rsa.c, g10/gpgv.c. Normalize the
      MPIs used as input to secret key functions in cipher/dsa.c,
      cipher/elgamal.c, cipher/rsa.c.
    - CVE-2013-4576

ubuntu/raring-security 2013-12-18 19:33:26 UTC 2013-12-18
Import patches-unapplied version 1.4.12-7ubuntu1.3 to ubuntu/raring-security

Author: Marc Deslauriers
Author Date: 2013-12-18 16:14:22 UTC

Import patches-unapplied version 1.4.12-7ubuntu1.3 to ubuntu/raring-security

Imported using git-ubuntu import.

Changelog parent: 03a10ccde0f401f8cad359055674dad2280d6c36

New changelog entries:
  * SECURITY UPDATE: RSA Key Extraction via Low-Bandwidth Acoustic
    Cryptanalysis attack
    - debian/patches/CVE-2013-4576.patch: Use blinding for the RSA secret
      operation in cipher/random.*, cipher/rsa.c, g10/gpgv.c. Normalize the
      MPIs used as input to secret key functions in cipher/dsa.c,
      cipher/elgamal.c, cipher/rsa.c.
    - CVE-2013-4576

ubuntu/quantal-updates 2013-12-18 19:33:26 UTC 2013-12-18
Import patches-unapplied version 1.4.11-3ubuntu4.4 to ubuntu/quantal-security

Author: Marc Deslauriers
Author Date: 2013-12-18 16:15:37 UTC

Import patches-unapplied version 1.4.11-3ubuntu4.4 to ubuntu/quantal-security

Imported using git-ubuntu import.

Changelog parent: c497da3b043cd6d9967fa07251cba659dc3d30d8

New changelog entries:
  * SECURITY UPDATE: RSA Key Extraction via Low-Bandwidth Acoustic
    Cryptanalysis attack
    - debian/patches/CVE-2013-4576.dpatch: Use blinding for the RSA secret
      operation in cipher/random.*, cipher/rsa.c, g10/gpgv.c. Normalize the
      MPIs used as input to secret key functions in cipher/dsa.c,
      cipher/elgamal.c, cipher/rsa.c.
    - CVE-2013-4576

applied/ubuntu/raring-updates 2013-12-18 19:33:26 UTC 2013-12-18
Import patches-applied version 1.4.12-7ubuntu1.3 to applied/ubuntu/raring-sec...

Author: Marc Deslauriers
Author Date: 2013-12-18 16:14:22 UTC

Import patches-applied version 1.4.12-7ubuntu1.3 to applied/ubuntu/raring-security

Imported using git-ubuntu import.

Changelog parent: 893f8e298dfc09537b0f36a94e3b5782a1d090de
Unapplied parent: b3da4f90fef603235bcd78eb3dde59f0e5f1b290

New changelog entries:
  * SECURITY UPDATE: RSA Key Extraction via Low-Bandwidth Acoustic
    Cryptanalysis attack
    - debian/patches/CVE-2013-4576.patch: Use blinding for the RSA secret
      operation in cipher/random.*, cipher/rsa.c, g10/gpgv.c. Normalize the
      MPIs used as input to secret key functions in cipher/dsa.c,
      cipher/elgamal.c, cipher/rsa.c.
    - CVE-2013-4576

ubuntu/raring-updates 2013-12-18 19:33:26 UTC 2013-12-18
Import patches-unapplied version 1.4.12-7ubuntu1.3 to ubuntu/raring-security

Author: Marc Deslauriers
Author Date: 2013-12-18 16:14:22 UTC

Import patches-unapplied version 1.4.12-7ubuntu1.3 to ubuntu/raring-security

Imported using git-ubuntu import.

Changelog parent: 03a10ccde0f401f8cad359055674dad2280d6c36

New changelog entries:
  * SECURITY UPDATE: RSA Key Extraction via Low-Bandwidth Acoustic
    Cryptanalysis attack
    - debian/patches/CVE-2013-4576.patch: Use blinding for the RSA secret
      operation in cipher/random.*, cipher/rsa.c, g10/gpgv.c. Normalize the
      MPIs used as input to secret key functions in cipher/dsa.c,
      cipher/elgamal.c, cipher/rsa.c.
    - CVE-2013-4576

applied/ubuntu/raring-security 2013-12-18 19:33:26 UTC 2013-12-18
Import patches-applied version 1.4.12-7ubuntu1.3 to applied/ubuntu/raring-sec...

Author: Marc Deslauriers
Author Date: 2013-12-18 16:14:22 UTC

Import patches-applied version 1.4.12-7ubuntu1.3 to applied/ubuntu/raring-security

Imported using git-ubuntu import.

Changelog parent: 893f8e298dfc09537b0f36a94e3b5782a1d090de
Unapplied parent: b3da4f90fef603235bcd78eb3dde59f0e5f1b290

New changelog entries:
  * SECURITY UPDATE: RSA Key Extraction via Low-Bandwidth Acoustic
    Cryptanalysis attack
    - debian/patches/CVE-2013-4576.patch: Use blinding for the RSA secret
      operation in cipher/random.*, cipher/rsa.c, g10/gpgv.c. Normalize the
      MPIs used as input to secret key functions in cipher/dsa.c,
      cipher/elgamal.c, cipher/rsa.c.
    - CVE-2013-4576

applied/ubuntu/raring-devel 2013-12-18 19:33:26 UTC 2013-12-18
Import patches-applied version 1.4.12-7ubuntu1.3 to applied/ubuntu/raring-sec...

Author: Marc Deslauriers
Author Date: 2013-12-18 16:14:22 UTC

Import patches-applied version 1.4.12-7ubuntu1.3 to applied/ubuntu/raring-security

Imported using git-ubuntu import.

Changelog parent: 893f8e298dfc09537b0f36a94e3b5782a1d090de
Unapplied parent: b3da4f90fef603235bcd78eb3dde59f0e5f1b290

New changelog entries:
  * SECURITY UPDATE: RSA Key Extraction via Low-Bandwidth Acoustic
    Cryptanalysis attack
    - debian/patches/CVE-2013-4576.patch: Use blinding for the RSA secret
      operation in cipher/random.*, cipher/rsa.c, g10/gpgv.c. Normalize the
      MPIs used as input to secret key functions in cipher/dsa.c,
      cipher/elgamal.c, cipher/rsa.c.
    - CVE-2013-4576

applied/ubuntu/quantal-updates 2013-12-18 19:33:26 UTC 2013-12-18
Import patches-applied version 1.4.11-3ubuntu4.4 to applied/ubuntu/quantal-se...

Author: Marc Deslauriers
Author Date: 2013-12-18 16:15:37 UTC

Import patches-applied version 1.4.11-3ubuntu4.4 to applied/ubuntu/quantal-security

Imported using git-ubuntu import.

Changelog parent: 3ad643ece815a6538a39d68e9f42c184b895acc7
Unapplied parent: e28521a88d9864a6239c57474efa9ca063fc73b4

New changelog entries:
  * SECURITY UPDATE: RSA Key Extraction via Low-Bandwidth Acoustic
    Cryptanalysis attack
    - debian/patches/CVE-2013-4576.dpatch: Use blinding for the RSA secret
      operation in cipher/random.*, cipher/rsa.c, g10/gpgv.c. Normalize the
      MPIs used as input to secret key functions in cipher/dsa.c,
      cipher/elgamal.c, cipher/rsa.c.
    - CVE-2013-4576

applied/ubuntu/quantal-security 2013-12-18 19:33:26 UTC 2013-12-18
Import patches-applied version 1.4.11-3ubuntu4.4 to applied/ubuntu/quantal-se...

Author: Marc Deslauriers
Author Date: 2013-12-18 16:15:37 UTC

Import patches-applied version 1.4.11-3ubuntu4.4 to applied/ubuntu/quantal-security

Imported using git-ubuntu import.

Changelog parent: 3ad643ece815a6538a39d68e9f42c184b895acc7
Unapplied parent: e28521a88d9864a6239c57474efa9ca063fc73b4

New changelog entries:
  * SECURITY UPDATE: RSA Key Extraction via Low-Bandwidth Acoustic
    Cryptanalysis attack
    - debian/patches/CVE-2013-4576.dpatch: Use blinding for the RSA secret
      operation in cipher/random.*, cipher/rsa.c, g10/gpgv.c. Normalize the
      MPIs used as input to secret key functions in cipher/dsa.c,
      cipher/elgamal.c, cipher/rsa.c.
    - CVE-2013-4576

ubuntu/saucy 2013-10-08 15:43:18 UTC 2013-10-08
Import patches-unapplied version 1.4.14-1ubuntu2 to ubuntu/saucy-proposed

Author: Marc Deslauriers
Author Date: 2013-10-08 11:40:27 UTC

Import patches-unapplied version 1.4.14-1ubuntu2 to ubuntu/saucy-proposed

Imported using git-ubuntu import.

Changelog parent: 5de035aa6cb2bbd3d873e6e523dd2a30e8fb35fe

New changelog entries:
  * SECURITY UPDATE: incorrect no-usage-permitted flag handling
    - debian/patches/CVE-2013-4351.patch: correctly handle empty key flags
      in g10/getkey.c, g10/keygen.c, include/cipher.h.
    - CVE-2013-4351
  * SECURITY UPDATE: denial of service via infinite recursion
    - debian/patches/CVE-2013-4402.patch: set limits on number of filters
      and nested packets in util/iobuf.c, g10/mainproc.c.
    - CVE-2013-4402

ubuntu/saucy-proposed 2013-10-08 15:43:18 UTC 2013-10-08
Import patches-unapplied version 1.4.14-1ubuntu2 to ubuntu/saucy-proposed

Author: Marc Deslauriers
Author Date: 2013-10-08 11:40:27 UTC

Import patches-unapplied version 1.4.14-1ubuntu2 to ubuntu/saucy-proposed

Imported using git-ubuntu import.

Changelog parent: 5de035aa6cb2bbd3d873e6e523dd2a30e8fb35fe

New changelog entries:
  * SECURITY UPDATE: incorrect no-usage-permitted flag handling
    - debian/patches/CVE-2013-4351.patch: correctly handle empty key flags
      in g10/getkey.c, g10/keygen.c, include/cipher.h.
    - CVE-2013-4351
  * SECURITY UPDATE: denial of service via infinite recursion
    - debian/patches/CVE-2013-4402.patch: set limits on number of filters
      and nested packets in util/iobuf.c, g10/mainproc.c.
    - CVE-2013-4402

applied/ubuntu/saucy-proposed 2013-10-08 15:43:18 UTC 2013-10-08
Import patches-applied version 1.4.14-1ubuntu2 to applied/ubuntu/saucy-proposed

Author: Marc Deslauriers
Author Date: 2013-10-08 11:40:27 UTC

Import patches-applied version 1.4.14-1ubuntu2 to applied/ubuntu/saucy-proposed

Imported using git-ubuntu import.

Changelog parent: 198922dc62ee4d6273a63f22f2ee5cc90b687f9b
Unapplied parent: da14eab4ae38e10e46fc7a652497f04bae15f47d

New changelog entries:
  * SECURITY UPDATE: incorrect no-usage-permitted flag handling
    - debian/patches/CVE-2013-4351.patch: correctly handle empty key flags
      in g10/getkey.c, g10/keygen.c, include/cipher.h.
    - CVE-2013-4351
  * SECURITY UPDATE: denial of service via infinite recursion
    - debian/patches/CVE-2013-4402.patch: set limits on number of filters
      and nested packets in util/iobuf.c, g10/mainproc.c.
    - CVE-2013-4402

applied/ubuntu/saucy 2013-10-08 15:43:18 UTC 2013-10-08
Import patches-applied version 1.4.14-1ubuntu2 to applied/ubuntu/saucy-proposed

Author: Marc Deslauriers
Author Date: 2013-10-08 11:40:27 UTC

Import patches-applied version 1.4.14-1ubuntu2 to applied/ubuntu/saucy-proposed

Imported using git-ubuntu import.

Changelog parent: 198922dc62ee4d6273a63f22f2ee5cc90b687f9b
Unapplied parent: da14eab4ae38e10e46fc7a652497f04bae15f47d

New changelog entries:
  * SECURITY UPDATE: incorrect no-usage-permitted flag handling
    - debian/patches/CVE-2013-4351.patch: correctly handle empty key flags
      in g10/getkey.c, g10/keygen.c, include/cipher.h.
    - CVE-2013-4351
  * SECURITY UPDATE: denial of service via infinite recursion
    - debian/patches/CVE-2013-4402.patch: set limits on number of filters
      and nested packets in util/iobuf.c, g10/mainproc.c.
    - CVE-2013-4402

ubuntu/hardy-devel 2013-01-09 20:03:19 UTC 2013-01-09
Import patches-unapplied version 1.4.6-2ubuntu5.2 to ubuntu/hardy-security

Author: Marc Deslauriers
Author Date: 2013-01-08 15:57:13 UTC

Import patches-unapplied version 1.4.6-2ubuntu5.2 to ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: 2b50d0f38d8c33c3810103d1236f77ae42d5dac5

New changelog entries:
  * SECURITY UPDATE: keyring corruption via malformed key import
    - debian/patches/CVE-2012-6085.dpatch: validate PKTTYPE in g10/import.c.
    - CVE-2012-6085

applied/ubuntu/hardy-updates 2013-01-09 20:03:19 UTC 2013-01-09
Import patches-applied version 1.4.6-2ubuntu5.2 to applied/ubuntu/hardy-security

Author: Marc Deslauriers
Author Date: 2013-01-08 15:57:13 UTC

Import patches-applied version 1.4.6-2ubuntu5.2 to applied/ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: 1edcdf0a897b2c643305c04d5c242367f2014c17
Unapplied parent: 817a42908b5d4581501b91afaa412c25fa3d5c2f

New changelog entries:
  * SECURITY UPDATE: keyring corruption via malformed key import
    - debian/patches/CVE-2012-6085.dpatch: validate PKTTYPE in g10/import.c.
    - CVE-2012-6085

1100 of 206 results

Other repositories

Name Last Modified
lp:~ddstreet/ubuntu/+source/gnupg 2019-04-22
lp:ubuntu/+source/gnupg 2018-08-09
12 of 2 results
You can't create new repositories for gnupg in Ubuntu.