Branches for Raring

Author: Colin Watson
Revision Date: 2013-01-08 10:47:07 UTC

* Resynchronise with Debian. Remaining changes:
  - Disable mlock() test since it fails with ulimit 0 (on buildds).
  - Set gpg (or gpg2) and gpgsm to use a passphrase agent by default.
  - Only suggest gnupg-curl and libldap; recommendations are pulled into
    minimal, and we don't need the keyserver utilities in a minimal Ubuntu
    system.
  - Remove the Win32 build.
  - Update config.guess/config.sub for aarch64.

Author: Marc Deslauriers
Revision Date: 2013-12-18 11:14:22 UTC

* SECURITY UPDATE: RSA Key Extraction via Low-Bandwidth Acoustic
  Cryptanalysis attack
  - debian/patches/CVE-2013-4576.patch: Use blinding for the RSA secret
    operation in cipher/random.*, cipher/rsa.c, g10/gpgv.c. Normalize the
    MPIs used as input to secret key functions in cipher/dsa.c,
    cipher/elgamal.c, cipher/rsa.c.
  - CVE-2013-4576

Author: Marc Deslauriers
Revision Date: 2013-12-18 11:14:22 UTC

* SECURITY UPDATE: RSA Key Extraction via Low-Bandwidth Acoustic
  Cryptanalysis attack
  - debian/patches/CVE-2013-4576.patch: Use blinding for the RSA secret
    operation in cipher/random.*, cipher/rsa.c, g10/gpgv.c. Normalize the
    MPIs used as input to secret key functions in cipher/dsa.c,
    cipher/elgamal.c, cipher/rsa.c.
  - CVE-2013-4576

Author: Colin Watson
Revision Date: 2013-01-08 10:47:07 UTC

* Resynchronise with Debian. Remaining changes:
  - Disable mlock() test since it fails with ulimit 0 (on buildds).
  - Set gpg (or gpg2) and gpgsm to use a passphrase agent by default.
  - Only suggest gnupg-curl and libldap; recommendations are pulled into
    minimal, and we don't need the keyserver utilities in a minimal Ubuntu
    system.
  - Remove the Win32 build.
  - Update config.guess/config.sub for aarch64.