Noteworthy changes in version 1.4.22 (2017-07-19)
-------------------------------------------------
* Mitigate a flush+reload side-channel attack on RSA secret keys
dubbed "Sliding right into disaster". For details see
<https://eprint.iacr.org/2017/627>. [CVE-2017-7526]
* Fix some minor bugs.
MASTER_SITES= site1 \
site2
style continuation lines to be simple repeated
MASTER_SITES+= site1
MASTER_SITES+= site2
lines. As previewed on tech-pkg. With thanks to rillig for fixing pkglint
accordingly.
Changelog:
2016-08-17 Werner Koch <wk@gnupg.org>
Release 1.4.21.
gpg: Add dummy option --with-subkey-fingerprint.
* g10/gpg.c (opts): Add dummy option.
build: Create a swdb file during "make distcheck".
* Makefile.am (distcheck-hook): New.
2016-08-17 Ineiev <ineiev@gnu.org>
po: Update Russian translation.
2016-08-17 Werner Koch <wk@gnupg.org>
random: Hash continuous areas in the csprng pool.
* cipher/random.c (mix_pool): Store the first hash at the end of the
pool.
cipher: Improve readability by using a macro.
* cipher/random.c (mix_pool): Use DIGESTLEN instead of 20.
2016-08-09 Daniel Kahn Gillmor <dkg@fifthhorseman.net>
gpg: Avoid publishing the GnuPG version by default.
* g10/gpg.c (main): initialize opt.emit_version to 0
* doc/gpg.texi: document different default for --emit-version
2016-08-04 Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Clean up "allow to"
* README, cipher/cipher.c, cipher/pubkey.c, doc/gpg.texi: replace
"allow to" with clearer text
In standard English, the normal construction is "${XXX} allows ${YYY}
to" -- that is, the subject (${XXX}) of the sentence is allowing the
object (${YYY}) to do something. When the object is missing, the
phrasing sounds awkward, even if the object is implied by context.
There's almost always a better construction that isn't as awkward.
These changes should make the language a bit clearer.
Fix spelling: "occured" should be "occurred"
* checks/armor.test, cipher/des.c, g10/ccid-driver.c, g10/pkclist.c,
util/regcomp.c, util/regex_internal.c: correct the spelling of
"occured" to "occurred"
2016-08-04 NIIBE Yutaka <gniibe@fsij.org>
g10: Fix checking key for signature validation.
* g10/sig-check.c (signature_check2): Not only subkey, but also primary
key should have flags.valid=1.
2016-08-03 Justus Winter <justus@g10code.com>
Partially revert "g10: Fix another race condition for trustdb access."
This amends db246f8b which accidentally included the compiled
translation files.
2016-07-09 NIIBE Yutaka <gniibe@fsij.org>
gpgv: Tweak default options for extra security.
* g10/gpgv.c (main): Set opt.no_sig _cache, so that it doesn't depend on
cached status. Similarly, set opt.flags.require_cross_cert for backsig
validation for subkey signature.
2016-07-06 NIIBE Yutaka <gniibe@fsij.org>
g10: Fix keysize with --expert.
* g10/keygen.c (ask_keysize): It's 768 only for DSA.
2016-06-28 NIIBE Yutaka <gniibe@fsij.org>
g10: Fix --list-packets.
* g10/gpg.c (main): Call set_packet_list_mode after assignment of
opt.list_packets.
* g10/mainproc.c (do_proc_packets): Don't stop processing with
--list-packets as the comment says.
* g10/options.h (list_packets): Fix the comment.
* g10/parse-packet.c: Fix the condition for opt.list_packets.
2016-06-15 Niibe Yutaka <gniibe@fsij.org>
g10: Fix another race condition for trustdb access.
* g10/tdbio.c (create_version_record): Call create_hashtable to always
make hashtable, together with the version record.
(get_trusthashrec): Remove call to create_hashtable.
2016-02-12 NIIBE Yutaka <gniibe@fsij.org>
g10: Make sure to have the directory for trustdb.
* g10/tdbio.c (tdbio_set_dbname): Return earlier if !CREATE. Check
the directory and create it if none before calling take_write_lock.
2016-02-01 Werner Koch <wk@gnupg.org>
Fix possible sign extension problem with newer compilers.
* cipher/des.c (READ_64BIT_DATA): Cast to u32 before shifting by 24.
* cipher/blowfish.c (do_encrypt_block): Ditto.
(do_decrypt_block): Ditto.
* cipher/camellia.c (CAMELLIA_RR8): Ditto.
* cipher/cast5.c (do_encrypt_block): Ditto.
(do_decrypt_block): Ditto.
(do_cast_setkey): Ditto.
* cipher/twofish.c (INPACK): Ditto.
* util/iobuf.c (block_filter): Ditto.
2016-01-26 NIIBE Yutaka <gniibe@fsij.org>
g10: Fix iobuf API of filter function for alignment.
* include/iobuf.h (struct iobuf_struct): Remove DESC.
* util/iobuf.c (iobuf_desc): New.
(print_chain, iobuf_close, iobuf_open, iobuf_fdopen, iobuf_sockopen)
(iobuf_create, iobuf_append, iobuf_openrw, iobuf_ioctl)
(iobuf_push_filter2, pop_filter, underflow): Use iobuf_desc.
(file_filter, sock_filter, block_filter): Fill the description.
* g10/armor.c, g10/cipher.c, g10/compress-bz2.c, g10/compress.c,
g10/encode.c, g10/encr-data.c, g10/mdfilter.c, g10/pipemode.c,
g10/progress.c, g10/textfilter.c: Likewise.
2016-01-15 Werner Koch <wk@gnupg.org>
Fix possible AIX problem with sysconf in rndunix.
* cipher/rndunix.c [HAVE_STDINT_H]: Include stdint.h.
(start_gatherer): Detect misbehaving sysconf.
2016-01-13 NIIBE Yutaka <gniibe@fsij.org>
Fix to support git worktree.
* Makefile.am: Use -e for testing .git.
2015-12-21 NIIBE Yutaka <gniibe@fsij.org>
po: Update Japanese translation.
Changelog:
Noteworthy changes in version 1.4.20 (2015-12-20)
-------------------------------------------------
* Reject signatures made using the MD5 hash algorithm unless the
new option --allow-weak-digest-algos or --pgp2 are given.
* New option --weak-digest to specify hash algorithms which
should be considered weak.
* Changed default cipher for symmetric-only encryption to AES-128.
* Fix for DoS when importing certain garbled secret keys.
* Improved error reporting for secret subkey w/o corresponding public
subkey.
* Improved error reporting in decryption due to wrong algorithm.
* Fix cluttering of stdout with trustdb info in double verbose mode.
* Pass a DBUS envvar to gpg-agent for use by gnome-keyring.
Problems found locating distfiles:
Package f-prot-antivirus6-fs-bin: missing distfile fp-NetBSD.x86.32-fs-6.2.3.tar.gz
Package f-prot-antivirus6-ws-bin: missing distfile fp-NetBSD.x86.32-ws-6.2.3.tar.gz
Package libidea: missing distfile libidea-0.8.2b.tar.gz
Package openssh: missing distfile openssh-7.1p1-hpn-20150822.diff.bz2
Package uvscan: missing distfile vlp4510e.tar.Z
Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden). All existing
SHA1 digests retained for now as an audit trail.
Noteworthy changes in version 1.4.19 (2015-02-27)
-------------------------------------------------
* Use ciphertext blinding for Elgamal decryption [CVE-2014-3591].
See http://www.cs.tau.ac.il/~tromer/radioexp/ for details.
* Fixed data-dependent timing variations in modular exponentiation
[related to CVE-2015-0837, Last-Level Cache Side-Channel Attacks
are Practical].
* Detect faulty use of --verify on detached signatures.
* Changed the PKA method to use CERT records and hashed names.
* New import option "keep-ownertrust".
* Support algorithm names when generating keys using the --command-fd
method.
* Updated many translations.
* Updated build system.
* Fixed a regression in keyserver import
* Fixed argument parsing for option --debug-level.
* Fixed DoS based on bogus and overlong key packets.
* Fixed bugs related to bogus keyrings.
* The usual minor minor bug fixes.
Noteworthy changes in version 1.4.18 (2014-06-30)
-------------------------------------------------
* Fix a regression in 1.4.17 if more than one keyid is given
to --recv-keys et al.
* Cap RSA and Elgamal keysize at 4096 bit also for unattended key
generation.
Noteworthy changes in version 1.4.17 (2014-06-23)
-------------------------------------------------
* Avoid DoS due to garbled compressed data packets.
* Screen keyserver reponses to avoid import of unwanted keys by rogue
servers.
* Add hash algorithms to the "sig" records of the colon output.
* More specific reason codes for INV_RECP status.
* Fixes for PC/SC access on Apple.
* Minor bug fixes.
Noteworthy changes in version 1.4.16 (2013-12-18)
-------------------------------------------------
* Fixed the RSA Key Extraction via Low-Bandwidth Acoustic
Cryptanalysis attack as described by Genkin, Shamir, and Tromer.
See <http://www.cs.tau.ac.il/~tromer/acoustic/>. [CVE-2013-4576]
* Put only the major version number by default into armored output.
* Do not create a trustdb file if --trust-model=always is used.
* Print the keyid for key packets with --list-packets.
* Changed modular exponentiation algorithm to recover from a small
performance loss due to a change in 1.4.14.
Noteworthy changes in version 1.4.15 (2013-10-04)
-------------------------------------------------
* Fixed possible infinite recursion in the compressed packet
parser. [CVE-2013-4402]
* Protect against rogue keyservers sending secret keys.
* Use 2048 bit also as default for batch key generation.
* Minor bug fixes.
Noteworthy changes in version 1.4.14 (2013-07-25)
-------------------------------------------------
* Mitigate the Yarom/Falkner flush+reload side-channel attack on
RSA secret keys. See <http://eprint.iacr.org/2013/448>.
* Fixed IDEA for big-endian CPUs
* Improved the diagnostics for failed keyserver lockups.
* Minor bug and portability fixes.
are replaced with .include "../../devel/readline/buildlink3.mk", and
USE_GNU_READLINE are removed,
* .include "../../devel/readline/buildlink3.mk" without USE_GNU_READLINE
are replaced with .include "../../mk/readline.buildlink3.mk".
Fixes CVE-2012-6085
Upstream Changes:
* Add support for the old cipher algorithm IDEA.
* Minor bug fixes.
* Small changes to better cope with future OpenPGP and GnuPG
features.
