Noteworthy changes in version 2.2.35 (2022-04-25)
-------------------------------------------------
* gpg,gpgsm: New option --require-compliance.
* gpgtar: New option --with-log.
* gpg: Threefold decryption speedup for large files.
* gpgtar: Support file names longer than MAX_PATH.
* scdaemon: Add support for GeNUA cards.
* gpg: Allow decryption of symmetric encrypted data even for
non-compliant cipher.
* gpg: Avoid possible race condition in --edit-card/factory-reset.
* gpg: Emit an ERROR status as hint for a bad passphrase.
* gpg: Avoid NULL-ptr access due to corrupted packets.
* gpgsm: Fix parsing of certain PKCS#12 files.
* gpgtar: Use a pipe for decryption and thus avoid memory
exhaustion.
* scdaemon: Use extended mode for pkcs#15 already for rsa2048.
* dirmngr: Make WKD lookups work for resolvers not handling SRV
records.
* dirmngr: Escape more characters in WKD requests.
* gpgconf: Silence warnings from parsing the option files.
* Improve removing of stale lockfiles under Unix.
5.81.0
Un-overload OrgKdeKWalletInterface::walletClosed(int) signal
5.85.0
Don't use gpgme.h
5.89.0
MAC_USE_OSXKEYCHAIN: Link against CoreFoundation
5.90.0
Add desktop file for kwalletd
Properly apply KAboutData
Fix notifyrc name
5.91.0
Fix install headers
5.91.0
Check executables exist in PATH before passing them to QProcess
Port from KToolInvocation::kdeinitExecWait (deprecated) to QProcess
kdesud: close all file descriptors > 3 on exec()
5.92.0
Drop obsolete KF5Service and add KF5Config dependency
5.81.0
Un-overload HelperProxy::progressStep() signal
5.90.0
Use version-less and non-deprecated data install dir variable
ActionReply: remove operator<< and operator>>
5.91.0
Move plugins in kf<version> directory
Correct the dependencies specified for KAuth
Bump minimum required version of Polkit-Qt-1 to 0.112.0
Remove Polkit-Qt build support, Polkit-Qt-1 replaced it a long time ago
Adjust CMake code to find PolkitQt{5,6}-1
5.92.0
Normalize header names and include path layout to KF standards
Prepare KF6 KAuthWidgets library, with an interface lib for KF5
5.93.0
add chrono overload for setTimeout
Upstream (who originally submitted the package in PR pkg/7031) does
no longer distribute the source code. These days SSH has built in
point-to-point ip tunneling capability via the Tunnel config option,
see ssh_config(5).
Package last updated in pkgsrc 2003, upstream gone since 2013.
Safe to assume nobody uses a static analysis tool that has not
been maintained in pkgsrc for 20 odd years.
Re-import of the py27 version before upgrade to py3-only version.
cryptography is a package designed to expose cryptographic recipes
and primitives to Python developers. Our goal is for it to be your
"cryptographic standard library".
cryptography includes both high level recipes, and low level
interfaces to common cryptographic algorithms such as symmetric
ciphers, message digests and key derivation functions.
Noteworthy changes in version 1.17.1 (2022-03-06)
-------------------------------------------------
* qt: Fix a bug in the ABI compatibility of 1.17.0. [T5834]
Noteworthy changes in version 1.17.0 (2022-02-07)
-------------------------------------------------
* New context flag "key-origin". [#5733]
* New context flag "import-filter". [#5739]
* New export mode to export secret subkeys. [#5757]
* Detect errors during the export of secret keys. [#5766]
* New function gpgme_op_receive_keys to import keys from a keyserver
without first running a key listing. [#5808]
* Detect bad passphrase error in certificate import. [T5713]
* Allow setting --key-origin when importing keys. [T5733]
* Support components "keyboxd", "gpg-agent", "scdaemon", "dirmngr",
"pinentry", and "socketdir" in gpgme_get_dirinfo. [T5727,T5613]
* Under Unix use poll(2) instead of select(2), when available.
[T2385]
* Do not use --flat_namespace when linking for macOS. [T5610]
* Fix results returned by gpgme_data_* functions. [T5481]
* Support closefrom also for glibc. [rM4b64774b6d]
* cpp,qt: Add support for export of secret keys and secret subkeys.
[#5757]
* cpp,qt: Support for adding existing subkeys to other keys. [#5770]
* qt: Extend ChangeExpiryJob to change expiration of primary key
and of subkeys at the same time. [#4717]
* qt: Expect UTF-8 on stderr on Windows. [rM8fe1546282]
* qt: Allow retrieving the default value of a config entry. [T5515]
Noteworthy changes in version 1.16.0 (2021-06-24)
-------------------------------------------------
* New context flag "cert-expire". [#5505]
* New data flags "io-buffer-size" and "sensitive". [#5478]
* Increase I/O buffer size from 512 to 4k under Windows.
* cpp,qt: Add support for trust signatures. [#5421]
* qt: Add support for flags in LDAP server options. [#5217]
* qt: Fix too high memory consumption due to QProcess. [#5475]
* qt: Do not set empty base DN as query of keyserver URL. [#5465]
* qt: Extend SignKeyJob to create signatures with expiration date.
[5506]
* python: New optional parameter filter_signatures for decrypt.
[#5292]
2.3.0
Feature
Add support for Dependency Graph in Model and output serialisation (ea34513)
2.2.0
Feature
Bump XML schemas to latest fix version for 1.2-1.4 - see: (bd2e756)
Bump JSON schemas to latest fix verison for 1.2 and 1.3 - see: (bd6a088)
2.1.1
Fix
Prevent error if version not set (b9a84b5)
version being optional in JSON output can raise error (ba0c82f)
2.1.0
Feature
Output errors are verbose (bfe8fb1)
## 2.7.1 (2022-04-05)
### Changes
- Show when tags are changed in entry history [#7638]
- Improve tags editing and allow spaces in tags [#7708]
- Improve layout of entry preview panel [#7767]
- Incorporate patches to support Flatpak distribution [#7728]
- Add expiration presets for 12 and 24 hours [#7738]
### Fixes
- Fix crash when building history change list [#7638]
- Fix hiding password on database unlock [#7725]
- Fix AES KDF slow transform speed [#7755]
- Auto-Type: Correct timing issue on macOS and Linux that prevented typing [#7588]
- Auto-Type: Fix use of Ctrl/Alt/Shift/Win modifiers on Windows [#7629]
- Auto-Type: Reduce/eliminate delay when searching for entries [#7598]
- Auto-Type: Map ASCII dead keys on Linux for international keyboards [#7614]
- CLI: Fix detection of hardware keys (YubiKey) [#7593]
- CLI: Add missing parameter `-c` to add/edit entries command [#7594]
- Secret Service: Fix crash when multiple prompts are shown [#7786]
- SSH Agent: Fix default agent selection on Windows [#7764]
- Fix database unlock dialog not being the top window on Linux [#7771]
- Fix drag/drop entries between tabs on Wayland [#7628]
- Fix compiling with minizip-ng [#7638]
Cargo-audit allows you to audit Cargo.lock files for crates with
security vulnerabilities reported to the RustSec Advisory Database.
Cargo-audit is provided as the cargo subcommand "audit".
Signedjson 1.1.4 (2022-03-29)
Bugfixes
- Fix a bug introduced in signedjson 1.1.3 where `signedjson` could not be imported due to an MRO resolution error.
Signedjson 1.1.3 (2022-03-29)
Internal Changes
- Mark the `SigningKey` and `VerifyKey` types as `SupportsBytes`.
Signedjson 1.1.2 (2022-03-29)
Bugfixes
- Do not require `importlib_metadata` on Python 3.8 and above.
Added support for EdDSA keys.
Added support for SSH ed25519-sk keys.
Added authenticator filtering based on user verification options.
Fixed an issue with privilege restoration on MacOS.
Fixed an issue where credentials created with pamu2fcfg 1.0.8 or earlier
were not handled correctly if their origin and appid differed.
Miscellaneous improvements to the documentation.
Miscellaneous minor bug fixes found by fuzzing.
Certbot 1.26.0
Added
Added --new-key. When renewing or replacing a certificate that has --reuse-key
set, it will force a new private key to be generated, one time.
As before, --reuse-key and --no-reuse-key can be used to enable and disable key
reuse.
Changed
The default propagation timeout for the OVH DNS plugin (--dns-ovh-propagation-seconds)
has been increased from 30 seconds to 120 seconds, based on user feedback.
Fixed
Certbot for Windows has been upgraded to use Python 3.9.11, in response to
https://www.openssl.org/news/secadv/20220315.txt.
Previously, when Certbot was in the process of registering a new ACME account
and the ACME server did not present any Terms of Service, the user was asked to
agree with a non-existent Terms of Service ("None"). This bug is now fixed, so
that if an ACME server does not provide any Terms of Service to agree with, the
user is not asked to agree to a non-existent Terms of Service any longer.
If account registration fails, Certbot did not relay the error from the ACME server
back to the user. This is now fixed: the error message from the ACME server is now
presented to the user when account registration fails.
Noteworthy changes in version 1.45 (2022-04-07)
-----------------------------------------------
* Support the "sysopen" mode parameter for gpgrt_fopen so that file
names longer than MAX_PATH can be supported under Windows.
* gpgrt_access and gpgrt_mkdir now support file names longer than
MAX_PATH.
* gpgrt_fopen now maps "/dev/null" to "nul" on Windows.
* Published some internal helper functions for Windows.
* Interface changes relative to the 1.42 release:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
gpgrt_free_wchar NEW.
gpgrt_fname_to_wchar NEW.
gpgrt_utf8_to_wchar NEW.
gpgrt_wchar_to_utf8 NEW.
Upstream changes:
1.19 Oct 11, 2021
Use new EVP_PKEY construction API for OpenSSL post 3.x.x.
Remove support for obsolete ECC-GOST.
Add LICENSE file to comply with Fedora/RedHat announcement
and WARNING of restrictions on use of strong cryptography.
Reimported from security/botan-devel.
Botan is a crypto library written in C++. It provides a variety of
cryptographic algorithms, including common ones such as AES, MD5, SHA,
HMAC, RSA, Diffie-Hellman, DSA, and ECDSA, as well as many others that
are more obscure or specialized. It also offers X.509v3 certificates
and CRLs, and PKCS #10 certificate requests. A message processing
system that uses a filter/pipeline metaphor allows for many common
cryptographic tasks to be completed with just a few lines of code.
Assembly optimizations for common CPUs, including x86, x86-64, and
PowerPC, offers further speedups for critical tasks such as SHA-1
hashing and multiple precision integer operations.
This package contains major version 2 of the library.
The version contains a much improved TLS infrastructure. It also
depends on C++11.
