buildroot

Author	SHA1	Message	Date
Francois Perrad	a58fb01a6b	package/gnupg2: bump to version 2.4.7 See release announce: https://lists.gnupg.org/pipermail/gnupg-announce/2024q4/000487.html Signed-off-by: Francois Perrad <francois.perrad@gadz.org> [Julien: add release announce link] Signed-off-by: Julien Olivain <ju.o@free.fr> (cherry picked from commit `8e00663624`) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>	2024-12-31 17:05:37 +01:00
Francois Perrad	b9b35b02fc	package/gnupg2: bump to version 2.4.6 See release announce: https://lists.gnupg.org/pipermail/gnupg-announce/2024q4/000486.html Signed-off-by: Francois Perrad <francois.perrad@gadz.org> [Julien: add release announce link] Signed-off-by: Julien Olivain <ju.o@free.fr>	2024-11-04 21:03:57 +01:00
Francois Perrad	e5d0543292	package/gnupg2: bump to version 2.4.5 Signed-off-by: Francois Perrad <francois.perrad@gadz.org> Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>	2024-04-03 22:27:25 +02:00
Julien Olivain	bdcd5adf39	package/gnupg2: security bump to version 2.4.4 See release announce: https://lists.gnupg.org/pipermail/gnupg-announce/2024q1/000481.html For the details about the security advisory for GnuPG created smartcard keys, see: https://gnupg.org/blog/20240125-smartcard-backup-key.html This commit also drops the package patch, which is now included in this new version. Signed-off-by: Julien Olivain <ju.o@free.fr> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>	2024-02-07 20:48:32 +01:00
Julien Olivain	8f1418b5dd	package/gnupg2: bump to version 2.4.3 See release announce: https://lists.gnupg.org/pipermail/gnupg-announce/2023q3/000480.html Signed-off-by: Julien Olivain <ju.o@free.fr> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>	2023-08-21 12:02:59 +02:00
Bernd Kuhls	bfffbd7ed8	package/gnupg2: bump version to 2.4.2 Added sha256 hash provided by upstream. Release notes: https://lists.gnupg.org/pipermail/gnupg-announce/2023q2/000479.html Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>	2023-06-18 13:15:33 +02:00
Peter Seiderer	a27cb09d9a	package/gnupg2: bump version to 2.4.1 For details see [1]. [1] https://lists.gnupg.org/pipermail/gnupg-announce/2023q2/000478.html Signed-off-by: Peter Seiderer <ps.report@gmx.net> Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>	2023-05-06 18:01:19 +02:00
Julien Olivain	0f868e97f6	package/gnupg2: bump to version 2.4.0 See announce: https://lists.gnupg.org/pipermail/gnupg-announce/2022q4/000477.html This commit also drop a patch which is now included in the new version. See: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commitdiff;h=7011286ce6e1fb56c2989fdafbd11b931c489faa Signed-off-by: Julien Olivain <ju.o@free.fr> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>	2023-02-10 23:05:38 +01:00
Michael Fischer	73f04f7f0c	package/gnupg2: bump version to 2.3.8 Brings a number of fixes: https://dev.gnupg.org/T6106 Add patch 0001 to fix undefined reference to `ks_ldap_free_state' backported from commit 7011286ce6e1fb56c2989fdafbd11b931c489faa Signed-off-by: Michael Fischer <mf@go-sys.de> [Peter: add changelog info] Signed-off-by: Peter Korsgaard <peter@korsgaard.com>	2022-11-23 11:00:51 +01:00
Fabrice Fontaine	5a0a9227ba	package/gnupg2: security bump to version 2.3.7 Fix CVE-2022-34903: GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line. https://lists.gnupg.org/pipermail/gnupg-announce/2022q3/000474.html Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>	2022-07-16 17:32:05 +02:00
Peter Seiderer	1f654d357c	package/gnupg2: bump version to 2.2.32 - removed 0001-dirmngr-Fix-build-with--disable-ldap.patch (from upstream [1]) - fix/update signature check key hash For details (since 2.2.28) see [2], [3], [4] and [5]. [1] https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=c6900f5723b4edc899aaea267ed599b5ad724142 [2] https://lists.gnupg.org/pipermail/gnupg-announce/2021q3/000461.html [3] https://lists.gnupg.org/pipermail/gnupg-announce/2021q3/000463.html [4] https://lists.gnupg.org/pipermail/gnupg-announce/2021q3/000464.html [5] https://lists.gnupg.org/pipermail/gnupg-announce/2021q4/000465.html Signed-off-by: Peter Seiderer <ps.report@gmx.net> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>	2021-10-18 21:49:15 +02:00
Fabrice Fontaine	92d8b98c28	package/gnupg2: bump to version 2.2.28 https://dev.gnupg.org/T5153 https://dev.gnupg.org/T5234 https://dev.gnupg.org/T5482 Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>	2021-07-03 23:13:18 +02:00
Fabrice Fontaine	cd845a0e88	package/gnupg2: bump to version 2.2.25 Update indentation in hash file (two spaces) https://lists.gnupg.org/pipermail/gnupg-announce/2020q4/000449.html https://lists.gnupg.org/pipermail/gnupg-announce/2020q4/000450.html Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>	2020-12-21 10:35:05 +01:00
Peter Korsgaard	918a9fb455	package/gnupg2: security bump to version 2.2.23 Fixes the following security issues: CVE-2020-25125: Importing an OpenPGP key having a preference list for AEAD algorithms will lead to an array overflow and thus often to a crash or other undefined behaviour (affected: 2.2.21 / 2.2.22) For more details, see the announcement: https://lists.gnupg.org/pipermail/gnupg-announce/2020q3/000448.html Signed-off-by: Peter Korsgaard <peter@korsgaard.com>	2020-09-05 09:35:50 +02:00
Bernd Kuhls	02d2695241	package/gnupg2: bump vesion to 2.2.21 Reformatted hashes. Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>	2020-07-20 18:03:18 +02:00
Baruch Siach	58e260f34f	package/gnupg2: bump to version 2.2.20 Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>	2020-04-12 12:00:18 +02:00
Bernd Kuhls	bcb6d0057f	package/gnupg2: bump version to 2.2.19 Release notes: - 2.2.18 https://lists.gnupg.org/pipermail/gnupg-announce/2019q4/000442.html - 2.2.19 https://lists.gnupg.org/pipermail/gnupg-announce/2019q4/000443.html Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>	2020-01-05 21:29:22 +01:00
Baruch Siach	410e8a5977	package/gnupg2: security bump to version 2.2.17 This release mitigates the effects of the denial-of-service attacks on the keyserver network (CVE-2019-13050). https://gist.github.com/rjhansen/67ab921ffb4084c865b3618d6955275f https://access.redhat.com/articles/4264021 Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>	2019-07-14 11:56:58 +02:00
Baruch Siach	32ef40a9d9	package/gnupg2: bump to version 2.2.13 Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>	2019-03-12 21:51:53 +01:00
Baruch Siach	d4dbcb036a	gnupg2: security bump to version 2.2.12 Fixes CVE-2018-1000858: Cross Site Request Forgery with arbitrary HTTPS GET requests via HTTP redirect. https://sektioneins.de/en/advisories/advisory-012018-gnupg-wkd.html Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>	2019-01-15 21:33:17 +01:00
Baruch Siach	bf8e55fd08	gnupg2: bump to version 2.2.10 Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>	2018-11-01 13:56:44 +01:00
Baruch Siach	b78a365b56	gnupg2: security bump to version 2.2.8 Fixes CVE-2018-12020: Unsanitized file names might cause injection of terminal control characters into the status output of gnupg. Cc: Vicente Olivert Riera <Vincent.Riera@imgtec.com> Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>	2018-06-11 21:36:33 +02:00
Baruch Siach	429c6f21b3	gnupg2: bump to version 2.2.7 Cc: Vicente Olivert Riera <Vincent.Riera@imgtec.com> Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>	2018-05-04 09:15:32 +02:00
Baruch Siach	3db93884a4	gnupg2: security bump to version 2.2.6 Fixes CVE-2018-9234: Unenforced configuration allows for apparently valid certifications actually signed by signing subkeys. Remove --disable-doc from configure options. We pass this options to all autotools packages. Cc: Vicente Olivert Riera <Vincent.Riera@imgtec.com> Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>	2018-04-25 22:47:46 +02:00
Baruch Siach	379c347390	gnupg2: bump to version 2.2.5 Cc: Vicente Olivert Riera <Vincent.Riera@imgtec.com> Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>	2018-02-28 20:44:53 +01:00
Baruch Siach	97ec1ddd5a	gnupg2: bump to version 2.2.4 Add license hash. Cc: Vicente Olivert Riera <Vincent.Riera@imgtec.com> Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>	2018-01-12 19:53:56 +01:00
Baruch Siach	02a07dde42	gnupg2: bump to version 2.2.3 Cc: Vicente Olivert Riera <Vincent.Riera@imgtec.com> Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>	2017-12-14 06:33:11 +01:00
Baruch Siach	3587d29eae	gnupg2: bump to version 2.2.2 Cc: Vicente Olivert Riera <Vincent.Riera@imgtec.com> Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>	2017-11-27 21:56:49 +01:00
Baruch Siach	e82fadab23	gnupg2: bump to version 2.2.0 Switch to https download for firewall compatibility and security. As upstream now defaults to 'gpg' for the main binary name, keep the 'gpg2' name as in previous releases, to avoid conflict with the gnupg package. Cc: Vicente Olivert Riera <Vincent.Riera@imgtec.com> Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>	2017-09-03 14:21:43 +02:00
Vicente Olivert Riera	3f265b3eb4	gnupg2: bump version to 2.1.21 Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>	2017-05-17 21:55:53 +02:00
Vicente Olivert Riera	32e8a130bf	gnupg2: bump version to 2.1.20 Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>	2017-04-04 13:01:39 +02:00
Bernd Kuhls	284e71a0ad	package/gnupg2: bump version to 2.1.19 Support for GnuPG 2.0 will end 2017-12-31: https://lists.gnupg.org/pipermail/gnupg-announce/2017q1/000402.html Removed all patches: - 0001-fix-pth-config-usage.patch Not needed anymore, gnupg2 now depends on libnpth: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commitdiff;h=001352077cdc7e402421c77328bea1a052005673 - 0002-missing-include.patch Not needed anymore after upstream commit https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commitdiff;h=0367a4b8cfbf1f197e093ca2b83b27e0a409c3c7 - 0003-dont-run-tests.patch Not needed anymore after upstream commit https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commitdiff;h=4a232d23a8f51bebf9ee382e480248b4bde30f28 - 0004-silence-git-when-not-in-git-tree.patch Not needed anymore after upstream commit restricting the usage of git commands to the case where the directory .git exists https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commitdiff;h=b67e4e523e6d19d384e23c5bb03010caebd150e7 Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>	2017-03-19 21:46:29 +01:00
Gustavo Zacarias	0ab0d80c7c	gnupg2: bump to version 2.0.30 Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>	2016-03-31 21:02:35 +02:00
Vicente Olivert Riera	a33f1917dc	gnupg2: bump version to 2.0.29 Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>	2015-09-11 19:49:14 +02:00
Gustavo Zacarias	90687cc72a	gnupg2: bump to version 2.0.28 Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>	2015-06-04 15:34:01 +02:00
Baruch Siach	b17e5352ca	gnupg2: security bump to version 2.0.27 Fixes: CVE-2015-1606: Use after free, resulting from failure to skip invalid packets CVE-2015-1607: memcpy with overlapping ranges, resulting from incorrect bitwise left shifts Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>	2015-02-27 13:56:49 +01:00
Gustavo Zacarias	57963519da	gnupg2: add hash file Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>	2014-10-07 12:30:34 +02:00

37 Commits