Update to 2.0.20:
Noteworthy changes in version 2.0.20 (2013-05-10) ------------------------------------------------- * Decryption using smartcards keys > 3072 bit does now work. * New meta option ignore-invalid-option to allow using the same option file by other GnuPG versions. * gpg: The hash algorithm is now printed for sig records in key listings. * gpg: Skip invalid keyblock packets during import to avoid a DoS. * gpg: Correctly handle ports from DNS SRV records. * keyserver: Improve use of SRV records * gpg-agent: Avoid tty corruption when killing pinentry. * scdaemon: Improve detection of card insertion and removal. * scdaemon: Rename option --disable-keypad to --disable-pinpad. * scdaemon: Better support for CCID readers. Now, the internal CCID driver supports readers without the auto configuration feature. * scdaemon: Add pinpad input for PC/SC, if your reader has pinpad and it supports variable length PIN input, and you specify --enable-pinpad-varlen option. * scdaemon: New option --enable-pinpad-varlen. * scdaemon: Install into libexecdir to avoid accidental execution from the command line. * Support building using w64-mingw32. * Assorted bug fixes.
This commit is contained in:
parent
1ef6a99ba8
commit
c523bf69e3
4 changed files with 8 additions and 52 deletions
|
@ -1,8 +1,7 @@
|
|||
# $NetBSD: Makefile,v 1.44 2013/02/06 23:23:37 jperkin Exp $
|
||||
# $NetBSD: Makefile,v 1.45 2013/05/29 22:53:36 wiz Exp $
|
||||
|
||||
DISTNAME= gnupg-2.0.19
|
||||
DISTNAME= gnupg-2.0.20
|
||||
PKGNAME= ${DISTNAME:S/gnupg/gnupg2/}
|
||||
PKGREVISION= 3
|
||||
CATEGORIES= security
|
||||
MASTER_SITES= ftp://ftp.gnupg.org/gcrypt/gnupg/
|
||||
EXTRACT_SUFX= .tar.bz2
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
@comment $NetBSD: PLIST.gpgsm,v 1.12 2011/05/05 08:55:23 adam Exp $
|
||||
@comment $NetBSD: PLIST.gpgsm,v 1.13 2013/05/29 22:53:36 wiz Exp $
|
||||
bin/gpg-connect-agent
|
||||
bin/gpg2
|
||||
bin/gpgconf
|
||||
|
@ -8,7 +8,6 @@ bin/gpgsm
|
|||
bin/gpgsm-gencert.sh
|
||||
bin/gpgv2
|
||||
bin/kbxutil
|
||||
bin/scdaemon
|
||||
bin/watchgnupg
|
||||
info/gnupg.info
|
||||
info/gnupg.info-1
|
||||
|
@ -18,6 +17,7 @@ libexec/gpg2keys_curl
|
|||
libexec/gpg2keys_finger
|
||||
libexec/gpg2keys_hkp
|
||||
libexec/gpg2keys_ldap
|
||||
libexec/scdaemon
|
||||
man/man1/gpg-agent.1
|
||||
man/man1/gpg-connect-agent.1
|
||||
man/man1/gpg-preset-passphrase.1
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
$NetBSD: distinfo,v 1.26 2013/01/15 11:21:50 drochner Exp $
|
||||
$NetBSD: distinfo,v 1.27 2013/05/29 22:53:36 wiz Exp $
|
||||
|
||||
SHA1 (gnupg-2.0.19.tar.bz2) = 190c09e6688f688fb0a5cf884d01e240d957ac1f
|
||||
RMD160 (gnupg-2.0.19.tar.bz2) = 026b5c5fa2b21c3586f325f48ff1420c987b88a7
|
||||
Size (gnupg-2.0.19.tar.bz2) = 4187460 bytes
|
||||
SHA1 (gnupg-2.0.20.tar.bz2) = 7ddfefa37ee9da89a8aaa8f9059d251b4cd02562
|
||||
RMD160 (gnupg-2.0.20.tar.bz2) = 5a506b29a5c42b8b4870f76c99a41eeaf45a0911
|
||||
Size (gnupg-2.0.20.tar.bz2) = 4286191 bytes
|
||||
SHA1 (patch-CVE-2012-6085) = cbc5ff88eaaebcff9c7bc7983b3d363eff4fcd8b
|
||||
SHA1 (patch-ai) = 4445d30150518f71f996e3b368a81523daded2e2
|
||||
SHA1 (patch-aj) = bfd21504e0d55f99df543912b1cdf2c573de2f98
|
||||
|
|
|
@ -1,43 +0,0 @@
|
|||
$NetBSD: patch-CVE-2012-6085,v 1.1 2013/01/15 11:21:50 drochner Exp $
|
||||
|
||||
upstream rev. 498882296ffac7987c644aaf2a0aa108a2925471
|
||||
|
||||
--- g10/import.c.orig 2012-03-27 08:00:37.000000000 +0000
|
||||
+++ g10/import.c
|
||||
@@ -347,6 +347,27 @@ import_print_stats (void *hd)
|
||||
}
|
||||
|
||||
|
||||
+/* Return true if PKTTYPE is valid in a keyblock. */
|
||||
+static int
|
||||
+valid_keyblock_packet (int pkttype)
|
||||
+{
|
||||
+ switch (pkttype)
|
||||
+ {
|
||||
+ case PKT_PUBLIC_KEY:
|
||||
+ case PKT_PUBLIC_SUBKEY:
|
||||
+ case PKT_SECRET_KEY:
|
||||
+ case PKT_SECRET_SUBKEY:
|
||||
+ case PKT_SIGNATURE:
|
||||
+ case PKT_USER_ID:
|
||||
+ case PKT_ATTRIBUTE:
|
||||
+ case PKT_RING_TRUST:
|
||||
+ return 1;
|
||||
+ default:
|
||||
+ return 0;
|
||||
+ }
|
||||
+}
|
||||
+
|
||||
+
|
||||
/****************
|
||||
* Read the next keyblock from stream A.
|
||||
* PENDING_PKT should be initialzed to NULL
|
||||
@@ -424,7 +445,7 @@ read_block( IOBUF a, PACKET **pending_pk
|
||||
}
|
||||
in_cert = 1;
|
||||
default:
|
||||
- if( in_cert ) {
|
||||
+ if (in_cert && valid_keyblock_packet (pkt->pkttype)) {
|
||||
if( !root )
|
||||
root = new_kbnode( pkt );
|
||||
else
|
Loading…
Reference in a new issue