New changelog entries:
* SECURITY UPDATE: missing sanitization of verbose output
- debian/patches/from-master/CVE-2018-12020.patch: Sanitize diagnostic with
the original file name.
- CVE-2018-12020
* SECURITY UPDATE: certify public keys without a certify key present
when using a smartcard.
- debian/patches/from-master/CVE-2018-9234-1.patch,
- debian/patches/from-master/CVE-2018-9234-2.patch: Check that a key
may do certifications.
- CVE-2018-9234
* Always use MDC encryption mode regardless of the cipher algorithm
or any preferences. The --rfc2440 option can be used to create
a message without an MDC.
- debian/patches/from-master/0003-gpg-Remove-MDC-options.patch
* Decryption of messages not using the MDC mode into a hard
failure even if a legacy cipher algorithm was used. The
option --ignore-mdc-error can be used to turn this failure
into a warning.
- debian/patches/from-master/0001-gpg-Turn-no-mdc-warn-into-a-NOP.patch
- debian/patches/from-master/0003-gpg-Remove-MDC-options.patch
- debian/patches/from-master/0004-gpg-Print-a-hint-on-how-to-decrypt-a-non-mdc-message.patch
New changelog entries:
* Merge from Debian unstable, remaining changes:
- debian/gnupg2.udev:
- Add udev rules to give gpg access to some smartcard readers;
Debian #543217.
- udev rules to set ACLs on SCM smartcard readers.
- Add breaks for software-properties-common at 0.96.24.3 or lower.
- Honor http_proxy= environment variables by default in the systemd
user session dirmngr service. LP: #1625848
- Export GPG_AGENT_INFO in the systemd-environment-generator too.
* Dropped changes:
- Removed user session upstart support.
- Removed gpg-agent.service changes, use Debian's environment generator instead.
- Patch to set GNUPGHOME for tests, fixed in debian/upstream.
New changelog entries:
* New upstream release
* do not use uupdate (we use gbp-import-orig)
* dirmngr: cannot avoid idling in current arrangement
* adjusting fixes to gpgsm defaults
* prefer SHA-512 specifically on personal-digest-preferences.
* refresh patches
* Standards-Version: bump to 4.1.3 (no changes needed)
* drop unnecessary lintian override
* reflect actual requirement for libassuan
* import bugfixes from upstream