New changelog entries:
* SECURITY UPDATE: missing sanitization of verbose output
- debian/patches/CVE-2018-12020.patch: Sanitize diagnostic with
the original file name.
- CVE-2018-12020
* backport patch to handle the tofu tests expiring in 2016
- d/p/0006-tests-openpgp-Fake-the-system-time-for-the-tofu-test.patch
New changelog entries:
* Fix upstart user-session integration with new pinentry:
- restart gpg-agent, once dbus is started, such that agent has DBUS
session environemnt set and can connect to the pinentry-gnome3 Closes:
#790316 Closes: #795368 LP: #1566928
- use gpgconf to launch/kill gpg-agent and to check settings
New changelog entries:
* Adds support for --pinentry= argument for gpgme1.0 (LP: #1564234)
* Merge with debian, remaining changes:
- Add udev rules to give gpg access to some smartcard readers;
Debian #543217.
- debian/gnupg2.udev: udev rules to set ACLs on SCM smartcard readers.
- Add upstart user job for gpg-agent.
* Dropped no longer applicable changes in merge:
- Drop sh prefix from openpgp test environment as it leads to exec
invocations of sh /bin/bash leading to syntax errors from sh. Fixes
FTBFS detected in Ubuntu saucy archive rebuild.
- debian/control: drop dirmngr to Suggests as it is in universe.
- gcc5-fix.patch: add upstream fix for an optimization issue when
compiling with gcc 5.
New changelog entries:
* added temporary hook to view failing gpgtar test output on build
daemons since i can't replicate the failures on my own build systems.