[gnupg2] new upstream release
Tomáš Mráz
tmraz at fedoraproject.org
Wed May 15 12:48:55 UTC 2013
commit 32cc451d93bcf3cb9d5d7ecfae2d132ae570c8b5
Author: Tomas Mraz <tmraz at fedoraproject.org>
Date: Wed May 15 14:48:00 2013 +0200
new upstream release
.gitignore | 2 +
gnupg-2.0.16-tests-s2kcount.patch | 61 --------------------
gnupg-2.0.19-cve-2012-6085.patch | 61 --------------------
...usage.patch => gnupg-2.0.20-ocsp-keyusage.patch | 10 ++--
gnupg-2.0.20-secmem.patch | 33 +++++++++++
gnupg2.spec | 25 +++-----
sources | 4 +-
7 files changed, 51 insertions(+), 145 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index 5d0cf70..1586d5b 100644
--- a/.gitignore
+++ b/.gitignore
@@ -6,3 +6,5 @@ gnupg-2.0.16.tar.bz2.sig
/gnupg-2.0.18.tar.bz2.sig
/gnupg-2.0.19.tar.bz2
/gnupg-2.0.19.tar.bz2.sig
+/gnupg-2.0.20.tar.bz2
+/gnupg-2.0.20.tar.bz2.sig
diff --git a/gnupg-2.0.16-ocsp-keyusage.patch b/gnupg-2.0.20-ocsp-keyusage.patch
similarity index 55%
rename from gnupg-2.0.16-ocsp-keyusage.patch
rename to gnupg-2.0.20-ocsp-keyusage.patch
index 4d406a6..ad80887 100644
--- a/gnupg-2.0.16-ocsp-keyusage.patch
+++ b/gnupg-2.0.20-ocsp-keyusage.patch
@@ -1,7 +1,7 @@
-diff -r -u gnupg-2.0.16.orig/sm/certlist.c gnupg-2.0.16/sm/certlist.c
---- gnupg-2.0.16.orig/sm/certlist.c 2009-09-21 18:53:43.000000000 +0200
-+++ gnupg-2.0.16/sm/certlist.c 2010-11-29 16:47:26.284497534 +0100
-@@ -146,10 +146,9 @@
+diff -up gnupg-2.0.20/sm/certlist.c.keyusage gnupg-2.0.20/sm/certlist.c
+--- gnupg-2.0.20/sm/certlist.c.keyusage 2013-05-10 14:55:49.000000000 +0200
++++ gnupg-2.0.20/sm/certlist.c 2013-05-15 14:15:57.420276618 +0200
+@@ -146,10 +146,9 @@ cert_usage_p (ksba_cert_t cert, int mode
if (mode == 5)
{
@@ -13,5 +13,5 @@ diff -r -u gnupg-2.0.16.orig/sm/certlist.c gnupg-2.0.16/sm/certlist.c
+ || (use & (KSBA_KEYUSAGE_KEY_CERT_SIGN
+ |KSBA_KEYUSAGE_CRL_SIGN)))
return 0;
- log_info (_("certificate should have not "
+ log_info (_("certificate should not have "
"been used for OCSP response signing\n"));
diff --git a/gnupg-2.0.20-secmem.patch b/gnupg-2.0.20-secmem.patch
new file mode 100644
index 0000000..9b115d6
--- /dev/null
+++ b/gnupg-2.0.20-secmem.patch
@@ -0,0 +1,33 @@
+diff -up gnupg-2.0.20/g10/gpg.c.secmem gnupg-2.0.20/g10/gpg.c
+--- gnupg-2.0.20/g10/gpg.c.secmem 2013-05-10 14:55:46.000000000 +0200
++++ gnupg-2.0.20/g10/gpg.c 2013-05-15 14:13:50.989541530 +0200
+@@ -794,7 +794,7 @@ make_libversion (const char *libname, co
+
+ if (maybe_setuid)
+ {
+- gcry_control (GCRYCTL_INIT_SECMEM, 0, 0); /* Drop setuid. */
++ gcry_control (GCRYCTL_INIT_SECMEM, 4096, 0); /* Drop setuid. */
+ maybe_setuid = 0;
+ }
+ s = getfnc (NULL);
+@@ -898,7 +898,7 @@ build_list (const char *text, char lette
+ char *string;
+
+ if (maybe_setuid)
+- gcry_control (GCRYCTL_INIT_SECMEM, 0, 0); /* Drop setuid. */
++ gcry_control (GCRYCTL_INIT_SECMEM, 4096, 0); /* Drop setuid. */
+
+ indent = utf8_charcount (text);
+ len = 0;
+diff -up gnupg-2.0.20/sm/gpgsm.c.secmem gnupg-2.0.20/sm/gpgsm.c
+--- gnupg-2.0.20/sm/gpgsm.c.secmem 2013-05-10 14:55:49.000000000 +0200
++++ gnupg-2.0.20/sm/gpgsm.c 2013-05-15 14:11:18.819249598 +0200
+@@ -493,7 +493,7 @@ make_libversion (const char *libname, co
+
+ if (maybe_setuid)
+ {
+- gcry_control (GCRYCTL_INIT_SECMEM, 0, 0); /* Drop setuid. */
++ gcry_control (GCRYCTL_INIT_SECMEM, 4096, 0); /* Drop setuid. */
+ maybe_setuid = 0;
+ }
+ s = getfnc (NULL);
diff --git a/gnupg2.spec b/gnupg2.spec
index 349d2ea..ec2bced 100644
--- a/gnupg2.spec
+++ b/gnupg2.spec
@@ -1,7 +1,7 @@
Summary: Utility for secure communication and data storage
Name: gnupg2
-Version: 2.0.19
-Release: 8%{?dist}
+Version: 2.0.20
+Release: 1%{?dist}
License: GPLv3+
Group: Applications/System
@@ -10,15 +10,12 @@ Source1: ftp://ftp.gnupg.org/gcrypt/%{?pre:alpha/}gnupg/gnupg-%{version}%{?pre}.
# svn export svn://cvs.gnupg.org/gnupg/trunk gnupg2; tar cjf gnupg-<date>svn.tar.bz2 gnupg2
#Source0: gnupg2-20090809svn.tar.bz2
Patch1: gnupg-2.0.19-insttools.patch
-Patch2: gnupg-2.0.16-tests-s2kcount.patch
-Patch3: gnupg-2.0.18-secmem.patch
+Patch3: gnupg-2.0.20-secmem.patch
Patch4: gnupg-2.0.18-protect-tool-env.patch
-Patch5: gnupg-2.0.16-ocsp-keyusage.patch
+Patch5: gnupg-2.0.20-ocsp-keyusage.patch
Patch6: gnupg-2.0.19-fips-algo.patch
-Patch7: gnupg-2.0.19-cve-2012-6085.patch
URL: http://www.gnupg.org/
-BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
#BuildRequires: automake libtool texinfo transfig
BuildRequires: bzip2-devel
@@ -77,12 +74,10 @@ to the base GnuPG package
%if 0%{?rhel} > 5
%patch1 -p1 -b .insttools
%endif
-%patch2 -p1 -b .s2k
%patch3 -p1 -b .secmem
%patch4 -p1 -b .ptool-env
%patch5 -p1 -b .keyusage
%patch6 -p1 -b .fips
-%patch7 -p1 -b .valid-packet
# pcsc-lite library major: 0 in 1.2.0, 1 in 1.2.9+ (dlopen()'d in pcsc-wrapper)
# Note: this is just the name of the default shared lib to load in scdaemon,
@@ -105,8 +100,6 @@ make %{?_smp_mflags}
%install
-rm -rf %{buildroot}
-
make install DESTDIR=%{buildroot} \
INSTALL="install -p" \
docdir=%{_docdir}/%{name}-%{version}
@@ -184,22 +177,22 @@ fi
%exclude %{_datadir}/gnupg/com-certs.pem
%exclude %{_mandir}/man?/gpgsm*
%exclude %{_mandir}/man?/scdaemon*
+%exclude %{_libexecdir}/scdaemon
%files smime
%defattr(-,root,root,-)
%{_bindir}/gpgsm*
%{_bindir}/kbxutil
-%{_bindir}/scdaemon
+%{_libexecdir}/scdaemon
%{_mandir}/man?/gpgsm*
%{_mandir}/man?/scdaemon*
%{_datadir}/gnupg/com-certs.pem
-%clean
-rm -rf %{buildroot}
-
-
%changelog
+* Wed May 15 2013 Tomas Mraz <tmraz at redhat.com> - 2.0.20-1
+- new upstream release
+
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 2.0.19-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
diff --git a/sources b/sources
index 3c1907b..902b24f 100644
--- a/sources
+++ b/sources
@@ -1,2 +1,2 @@
-6a8589381ca1b0c1a921e9955f42b016 gnupg-2.0.19.tar.bz2
-7d4763596ac3d3c9f573493a31e44b26 gnupg-2.0.19.tar.bz2.sig
+9d18ee71bb0b10d40d1c8a393bdd7a89 gnupg-2.0.20.tar.bz2
+2db3d906eb28db4fb2aa6b9a86cda075 gnupg-2.0.20.tar.bz2.sig
More information about the scm-commits
mailing list