lp:ubuntu/hardy-security/gnupg
- Get this branch:
- bzr branch lp:ubuntu/hardy-security/gnupg
Branch merges
Branch information
Recent revisions
- 22. By Marc Deslauriers
-
* SECURITY UPDATE: keyring corruption via malformed key import
- debian/patches/ CVE-2012- 6085.dpatch: validate PKTTYPE in g10/import.c.
- CVE-2012-6085 - 21. By Marc Deslauriers
-
debian/
patches/ long-keyids. dpatch: Use the longest key ID available
when requesting a key from a key server. - 19. By Michael Bienia
-
debian/
patches/ 70_trust_ error.dpatch: Removed as it broke setting the
trust level to 1 (LP: #147343). - 18. By Michael Bienia
-
[ Scott Kitterman ]
* Add 'debian/patches/ 60_install_ options_ skel.dpatch' : Patch to
install options file from upstream (LP: #76983)
* Add 'debian/patches/ 61_use_ agent_default. dpatch' : Patch to set gpg
(or gpg2) and gpgsm to use a passphrase agent by default (LP: #15485)
* Add 'debian/patches/ 70_trust_ error.dpatch' : Patch to disallow illegal
zero response for trust level changes (LP: #39459)[ Michael Bienia ]
* Add libcurl4-gnutls-dev to Build-Depends to fix gpg running into a timeout
updating the keyring (LP: #62864) - 17. By Kees Cook
-
Add 'debian/
patches/ 50_show_ primary_ only.dpatch' : add
'show-primary-uid-only' to verify options, to suppress 'aka' output
in key verifications, backported from 1.4.7 upstream. - 16. By Kees Cook
-
* Merge from debian unstable, remaining changes:
- config.h.in: Disable mlock() test since it fails with ulimit 0 (on
buildds).
- debian/rules:
+ Do not install gpg as suid root, since that is not necessary with
kernels 2.6.8+.
+ Make the build fail if the test suite fails.
- debian/control: Maintainer field update. - 15. By Kees Cook
-
* SECURITY UPDATE: without --status-fd, forged inline sigs can appear valid.
* debian/patches/ 50_stop_ multiple_ messages. dpatch: upstream patch.
* References
ftp://ftp.gnupg.org/ gcrypt/ gnupg/patches/ gnupg-1. 4.6-multiple- message. patch
CVE-2007-1263
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/quantal/gnupg