[gnupg] - New upstream v1.4.17 - Avoid DoS due to garbled compressed data packets. - Screen keyserver repons

Brian C. Lane bcl at fedoraproject.org
Mon Jun 23 23:37:39 UTC 2014 

commit 8ef7cd338adf83faa0e9a1356baec22d99c55e93
Author: Brian C. Lane <bcl at redhat.com>
Date:   Mon Jun 23 16:09:03 2014 -0700

    - New upstream v1.4.17
    - Avoid DoS due to garbled compressed data packets.
    - Screen keyserver reponses to avoid import of unwanted keys by rogue servers.
    - Add hash algorithms to the "sig" records of the colon output.
    - More specific reason codes for INV_RECP status.
    - Drop gpg.ru.1

 gnupg.spec |   15 ++++++++++-----
 sources    |    4 ++--
 2 files changed, 12 insertions(+), 7 deletions(-)
---
diff --git a/gnupg.spec b/gnupg.spec
index 20fabb5..9c4ee58 100644
--- a/gnupg.spec
+++ b/gnupg.spec
@@ -1,7 +1,7 @@
 Summary: A GNU utility for secure communication and data storage
 Name: gnupg
-Version: 1.4.16
-Release: 5%{?dist}
+Version: 1.4.17
+Release: 1%{?dist}
 License: GPLv3+ with exceptions
 Group: Applications/System
 Source0: ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-%{version}.tar.bz2
@@ -41,8 +41,6 @@ git add .
 git commit -a -q -m "%{version} baseline."
 git am %{patches}
 # Convert these files to UTF-8, per rpmlint.
-iconv -f koi8-ru -t utf-8 doc/gpg.ru.1 > doc/gpg.ru.utf8.1
-mv doc/gpg.ru.utf8.1 doc/gpg.ru.1
 iconv -f iso-8859-15 -t utf-8 THANKS > THANKS.utf8
 mv THANKS.utf8 THANKS
 git commit -a -m "run iconv"
@@ -116,11 +114,18 @@ exit 0
 %{_infodir}/gnupg1.info.gz
 %{_mandir}/man1/gpg-zip.1.gz
 %{_mandir}/man1/gpg.1.gz
-%{_mandir}/man1/gpg.ru.1.gz
 %{_mandir}/man1/gpgv.1.gz
 %{_mandir}/man7/gnupg.7.gz
 
 %changelog
+* Mon Jun 23 2014 Brian C. Lane <bcl at redhat.com> 1.4.17-1
+- New upstream v1.4.17
+- Avoid DoS due to garbled compressed data packets.
+- Screen keyserver reponses to avoid import of unwanted keys by rogue servers.
+- Add hash algorithms to the "sig" records of the colon output.
+- More specific reason codes for INV_RECP status.
+- Drop gpg.ru.1
+
 * Sat Jun 07 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.4.16-5
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
 
diff --git a/sources b/sources
index 6886454..ee40cd4 100644
--- a/sources
+++ b/sources
@@ -1,2 +1,2 @@
-6df73c57d3ece1dd36dc2a7679f00fb0  gnupg-1.4.16.tar.bz2
-ccfaa368128ad7c862741fd7bc330187  gnupg-1.4.16.tar.bz2.sig
+4a646a35a3a36331baccb75e6c5ea2f6  gnupg-1.4.17.tar.bz2
+02d98c9770e5d99ec0f280fbc47cb527  gnupg-1.4.17.tar.bz2.sig

More information about the scm-commits mailing list