Ubuntu
gnupg package

lp:ubuntu/raring-security/gnupg

  1. Raring (13.04)
  2. raring-security
Created by Ubuntu Package Importer and last modified
Get this branch:
bzr branch lp:ubuntu/raring-security/gnupg
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Mature

Recent revisions

44. By Marc Deslauriers

* SECURITY UPDATE: RSA Key Extraction via Low-Bandwidth Acoustic
  Cryptanalysis attack
  - debian/patches/CVE-2013-4576.patch: Use blinding for the RSA secret
    operation in cipher/random.*, cipher/rsa.c, g10/gpgv.c. Normalize the
    MPIs used as input to secret key functions in cipher/dsa.c,
    cipher/elgamal.c, cipher/rsa.c.
  - CVE-2013-4576

43. By Marc Deslauriers

* SECURITY UPDATE: incorrect no-usage-permitted flag handling
  - debian/patches/CVE-2013-4351.patch: correctly handle empty key flags
    in g10/getkey.c, g10/keygen.c, include/cipher.h.
  - CVE-2013-4351
* SECURITY UPDATE: denial of service via infinite recursion
  - debian/patches/CVE-2013-4402.patch: set limits on number of filters
    and nested packets in util/iobuf.c, g10/mainproc.c.
  - CVE-2013-4402

42. By Seth Arnold

* SECURITY UPDATE: The path of execution in an exponentiation function may
  depend upon secret key data, allowing a local attacker to determine the
  contents of the secret key through a side-channel attack.
  - debian/patches/CVE-2013-4242.diff: always perform the mpi_mul for
    exponents in secure memory. Based on upstream patch.
  - CVE-2013-4242

41. By Colin Watson

* Resynchronise with Debian. Remaining changes:
  - Disable mlock() test since it fails with ulimit 0 (on buildds).
  - Set gpg (or gpg2) and gpgsm to use a passphrase agent by default.
  - Only suggest gnupg-curl and libldap; recommendations are pulled into
    minimal, and we don't need the keyserver utilities in a minimal Ubuntu
    system.
  - Remove the Win32 build.
  - Update config.guess/config.sub for aarch64.

40. By Colin Watson

* Resynchronise with Debian. Remaining changes:
  - Disable mlock() test since it fails with ulimit 0 (on buildds).
  - Set gpg (or gpg2) and gpgsm to use a passphrase agent by default.
  - Only suggest gnupg-curl and libldap; recommendations are pulled into
    minimal, and we don't need the keyserver utilities in a minimal Ubuntu
    system.
  - Remove the Win32 build.
  - Update config.guess/config.sub for aarch64.
* Dropped patches:
  - Fix udeb build failure on powerpc, building with -O2 instead of -Os.
    (No longer seems to be necessary.)
* Simplify removal of Win32 build, to make this easier to merge in future.

39. By Wookey

Update config.guess,sub for aarch64

38. By Marc Deslauriers

debian/patches/long-keyids.dpatch: Use the longest key ID available
when requesting a key from a key server.

37. By Colin Watson

releasing version 1.4.11-3ubuntu2

36. By Colin Watson

Mark gnupg, gnupg-curl, and gpgv Multi-Arch: foreign.

35. By Rico Tzschichholz

* Resynchronise with Debian (LP: #720905). Remaining changes:
  - Disable mlock() test since it fails with ulimit 0 (on buildds).
  - Set gpg (or gpg2) and gpgsm to use a passphrase agent by default.
  - Fix udeb build failure on powerpc, building with -O2 instead of -Os.
  - Only suggest gnupg-curl and libldap; recommendations are pulled into
    minimal, and we don't need the keyserver utilities in a minimal Ubuntu
    system.
* debian/{control,rules}: Remove the Win32 build (and mingw32
  build-dependency), since mingw32 is in universe, and will remain so for
  the forseeable future.

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/saucy/gnupg
This branch contains Public information 
Everyone can see this information.

Subscribers