Last commit made on 2018-06-14
Get this branch:
git clone -b ubuntu/trusty-security https://git.launchpad.net/ubuntu/+source/gnupg2
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information


Recent commits

f45bbde... by Steve Beattie on 2018-06-14

Import patches-unapplied version 2.0.22-3ubuntu1.4 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 63f79294a95f930e72fba93d6fb23b2d332615dc

New changelog entries:
  * SECURITY UPDATE: missing sanitization of verbose output
    - debian/patches/CVE-2018-12020.patch: Sanitize diagnostic with
      the original file name.
    - CVE-2018-12020

63f7929... by Marc Deslauriers on 2015-03-27

Import patches-unapplied version 2.0.22-3ubuntu1.3 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 24e3c2521c0a654affa93013991f68e95c125970

New changelog entries:
  * Screen responses from keyservers (LP: #1409117)
    - d/p/0001-Screen-keyserver-responses.patch
    - d/p/0002-Make-screening-of-keyserver-result-work-with-multi-k.patch
    - d/p/0003-Add-kbnode_t-for-easier-backporting.patch
    - d/p/0004-gpg-Fix-regression-due-to-the-keyserver-import-filte.patch
  * Fix large key size regression from CVE-2014-5270 changes (LP: #1371766)
    - d/p/Add-build-and-runtime-support-for-larger-RSA-key.patch
    - debian/rules: build with --enable-large-secmem
  * SECURITY UPDATE: invalid memory read via invalid keyring
    - debian/patches/CVE-2015-1606.patch: skip all packets not allowed in
      a keyring in g10/keyring.c.
    - CVE-2015-1606
  * SECURITY UPDATE: memcpy with overlapping ranges
    - debian/patches/CVE-2015-1607.patch: use inline functions to convert
      buffer data to scalars in common/iobuf.c, g10/build-packet.c,
      g10/getkey.c, g10/keyid.c, g10/main.h, g10/misc.c,
      g10/parse-packet.c, g10/tdbio.c, g10/trustdb.c, include/host2net.h,
      kbx/keybox-dump.c, kbx/keybox-openpgp.c, kbx/keybox-search.c,
      kbx/keybox-update.c, scd/apdu.c, scd/app-openpgp.c,
      scd/ccid-driver.c, scd/pcsc-wrapper.c, tools/ccidmon.c.
    - CVE-2015-1607

24e3c25... by Marc Deslauriers on 2014-06-26

Import patches-unapplied version 2.0.22-3ubuntu1.1 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: d3376a02a097a055baf561fd246c7b1e883d841b

New changelog entries:
  * SECURITY UPDATE: denial of service via uncompressing garbled packets
    - debian/patches/CVE-2014-4617.patch: limit number of extra bytes in
    - CVE-2014-4617

d3376a0... by Dimitri John Ledkov on 2014-02-19

Import patches-unapplied version 2.0.22-3ubuntu1 to ubuntu/trusty-proposed

Imported using git-ubuntu import.

Changelog parent: 8cc97ca251176fc48661d69ded61eb6932970165

New changelog entries:
  * Merge from Debian, remaining changes:
    - Drop sh prefix from openpgp test environment as it leads to exec
    invocations of sh /bin/bash leading to syntax errors from sh. Fixes
    FTBFS detected in Ubuntu saucy archive rebuild.
    - Add udev rules to give gpg access to some smartcard readers;
      Debian #543217.
    - debian/gnupg2.udev: udev rules to set ACLs on SCM smartcard readers.
    - Add upstart user job for gpg-agent.

8cc97ca... by Eric Dorland on 2014-01-02

Import patches-unapplied version 2.0.22-3 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 3ce2e51ffca8a013b1ea93776be417201663a2e7

New changelog entries:
  * debian/watch, debian/upstream-signing-key.pgp: Add upstream signing
    key for uscan verification.
  * debian/kbxutil.1, debian/rules: Add better description and regenerate
    the manpage.
  * debian/control: Remove version on gpg-idea conflict, add missing
    Breaks for gpgsm and convert Conflicts to Breaks for gpgv2.
  * debian/control: Move gnupg-agent to Depends for gpgsm instead of
    Replaces (which in turn should have been Recommends).
  * debian/control: Standards-Version to 3.9.5.
  * debian/copyright: Switch to a shiny DEP-5 copyright file.

3ce2e51... by Eric Dorland on 2013-12-01

Import patches-unapplied version 2.0.22-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 9b4877f6987752832323f94553fa5b632e9ab024

New changelog entries:
  * debian/control: Fix Build-Conflicts on newer automakes. Thanks Chris
    Boot. (Closes: #726015)
  * debian/control: IDEA is no longer patented, drop its metion from the
    description. Thanks brian m. carlson. (Closes: #726139)
  * debian/rules: Disable the test suite on mips and mipsel to work around

9b4877f... by Eric Dorland on 2013-10-05

Import patches-unapplied version 2.0.22-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 8ab3620edf5fbb2cc0bddd4d8376a1b94cc1b0cc

New changelog entries:
  * New upstream version. Fixes CVE-2013-4402 and CVE-2013-4351. (Closes:
    #725433, #722724)
  * debian/gnupg2.install: Install gnupg-card-architecture.png for the
    info file.

8ab3620... by Eric Dorland on 2013-09-01

Import patches-unapplied version 2.0.21-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: ee005a91985436321d045b7a9c377e398f035f87

New changelog entries:
  * debian/rules, debian/gnupg2.install: Switch libexecdir to
    /usr/lib/gnupg2 to install helper binaries to a non-multiarch specific
    location. (Closes: #717303)
  * debian/control, debian/gpgv2.install: Split out gpgv2 into its own
  * debian/control, debian/gnupg2.install, debian/kbxutil.1: Add rule and
    manpage for kbxutil using help2man. (Closes: #323494)
  * debian/patches/02-gpgv2-dont-link-libassuan.diff: Don't link gpgv2
    against libassuan as it's not used.
  * debian/rules: Install changelog for gpgv2.

ee005a9... by Eric Dorland on 2013-08-25

Import patches-unapplied version 2.0.21-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 480650e99316fdd9495ea75bfa568f6208963905

New changelog entries:
  * New upstream release. (Closes: #613465, #720369)
  * debian/patches/01-gnupg2-rename.diff: Refresh patch.
  * debian/control: Fix Vcs-Git path.
  * debian/control: Now depends on libgpg-error >= 1.11.
  * debian/control: Build-Depends on automake1.11 since the test suite
    fails on newer versions. (Closes: #713287)
  * debian/control: Also need a Build-Conflicts on automake (<= 1.12).

480650e... by Eric Dorland on 2013-05-11

Import patches-unapplied version 2.0.20-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 515e03b7e57cc652746e03c59d4412831196f236

New changelog entries:
  * New upstream release. (Closes: #691237, #583893)
  * debian/patches/02-cve-2012-6085.diff: Remove, merged upstream.
  * debian/control: Upgrade Standards-Version to 3.9.4.
  * debian/compat, debian/control: Upgrade to debhelper v9.
  * debian/control, debian/rules: Drop hardening-wrapper, now that we use
    debhelper v9.
  * debian/scdaemon.install: scdaemon has moved under $libexecdir.
  * debian/control: Tighten dependency on scdaemon.
  * debian/rules: Turn on all hardening options.
  * debian/patches/01-gnupg2-rename.diff: Refresh patch.
  * debian/gnupg-agent.install, debian/gnupg2.install,
    debian/scdaemon.install: Fix /usr/lib paths for multi-arch.
  * debian/rules: Pass ${pkglibdir} to --libexecdir since dh v9 passes
    ${libdir} by default.