Commit Graph

23 Commits

Author SHA1 Message Date
Jack Breese
2be9ba9f58 gnupg: enable support for SHA-256 and SHA-512 hashes
Signed-off-by: Jack Breese <jack@kumunetworks.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-04-08 15:32:08 +02:00
Rahul Bedarkar
337aa51f3f boot, package: use SPDX short identifier for GPLv3/GPLv3+
We want to use SPDX identifier for license string as much as possible.
SPDX short identifier for GPLv3/GPLv3+ is GPL-3.0/GPL-3.0+.

This change is done using following command.
find . -name "*.mk" | xargs sed -ri '/LICENSE( )?[\+:]?=/s/\<GPLv3\>/GPL-3.0/g'

Signed-off-by: Rahul Bedarkar <rahulbedarkar89@gmail.com>
Acked-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-04-01 15:17:59 +02:00
Baruch Siach
4debfc914b gnupg: security bump to version 1.4.21
Fixes CVE-2016-6313: An attacker who obtains 580 bytes from the standard RNG
can trivially predict the next 20 bytes of output.

Add cryptographically secure sha256 hash.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-08-18 10:57:45 +02:00
Waldemar Brodkorb
63c5a63aca gnupg: disable assembly optimization for coldfire
Fixes:
http://autobuild.buildroot.net/results/d25425cff055a14b9285cefb0775bc138eb2f914/

Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-08-05 09:17:33 +02:00
Gustavo Zacarias
aee96dcc61 gnupg: bump to version 1.4.20
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2015-12-20 22:49:04 +01:00
Peter Korsgaard
a6a2962d99 gnupg: add option for AES cipher
Similar to our RSA option. Enabling this adds ~17K to the gpg binary (ARMv7):

ls -lah output/target/usr/bin/gpg{.orig,}
-rwxr-xr-x 1 peko peko 532K Jul  2 17:29 output/target/usr/bin/gpg
-rwxr-xr-x 1 peko peko 515K Jul  2 17:29 output/target/usr/bin/gpg.orig

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2015-07-02 17:30:24 +02:00
Gustavo Zacarias
b6997c8e4c gnupg: security bump to version 1.4.19
Fixes:
CVE-2014-3591 - Use ciphertext blinding for Elgamal decryption
CVE-2015-0837 - Fixed data-dependent timing variations in modular
exponentiation.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2015-02-28 13:04:04 +01:00
Thomas Petazzoni
05ef5316d0 gnupg: don't bother removing a man page
The target-finalize target in the main Makefile removes
$(TARGET_DIR)/usr/share/man entirely, so there's no point in having
some package specific logic to remove man pages.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-12-01 23:22:34 +01:00
Gustavo Zacarias
62e808206d gnupg: add hash file
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-10-07 12:30:14 +02:00
Thomas De Schampheleire
aaffd209fa packages: rename FOO_CONF_OPT into FOO_CONF_OPTS
To be consistent with the recent change of FOO_MAKE_OPT into FOO_MAKE_OPTS,
make the same change for FOO_CONF_OPT.

Sed command used:
   find * -type f | xargs sed -i 's#_CONF_OPT\>#&S#g'

Signed-off-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2014-10-04 18:54:16 +02:00
Vicente Olivert Riera
2cadb26e6d gnupg: make gnupg and gnupg2 mutually exclusive
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Reviewed-by: Markos Chandras <Markos.Chandras@imgtec.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2014-07-23 23:32:44 +02:00
Gustavo Zacarias
90bb58d74b gnupg: security bump to version 1.4.18
Fixes CVE-2014-4617 (The do_uncompress function in g10/compress.c
allows context-dependent attackers to cause a denial of service
(infinite loop) via malformed compressed packets, as demonstrated by an
a3 01 5b ff byte sequence.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2014-07-17 23:44:43 +02:00
Gustavo Zacarias
2402634f5a gnupg: security bump to version 1.4.17
Fixes CVE-2014-4617: The do_uncompress function in g10/compress.c in
GnuPG 1.x before 1.4.17 and 2.x before 2.0.24 allows context-dependent
attackers to cause a denial of service (infinite loop) via malformed
compressed packets, as demonstrated by an a3 01 5b ff byte sequence.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-06-25 22:29:53 +02:00
Bernd Kuhls
1e7602327a gnupg: depend on libiconv if appropriate
If iconv is built before gnupg, this package will link against it; if it is
built after this package, it will not be linked against it.  To make the
build reproducible, make sure that iconv is always built before this
package.

Signed-off-by: Bernd Kuhls <berndkuhls@hotmail.com>
Acked-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-02-04 11:24:04 +01:00
Peter Korsgaard
f7f241b5ea gnupg: bump version
And drop patch now upstream.

Security fix (CVE-2013-4576), see:

http://lists.gnupg.org/pipermail/gnupg-devel/2013-December/028102.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2013-12-19 16:51:58 +01:00
Gustavo Zacarias
72c71c8690 gnupg: security bump to version 1.4.15
Fixes CVE-2013-4402.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2013-10-09 22:19:34 +02:00
Peter Sanford
b2fab93b16 gnupg: option to include RSA support.
gnupg is compiled with --enable-minimal flag. This produces a binary that only
supports ElGamal and DSA public key algorithms.

RSA has been the default for `gpg --gen-key` since 2009, so it makes sense to
be able to build a gnupg binary that supports it.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2013-10-01 22:01:09 +02:00
Gustavo Zacarias
5c5e63d319 gnupg: security bump to version 1.4.14
Fixes CVE-2013-4242.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2013-08-05 22:50:09 +02:00
Alexandre Belloni
8dfd59d114 Normalize separator size to 80
Signed-off-by: Alexandre Belloni <alexandre.belloni@free-electrons.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2013-06-06 22:30:24 +02:00
Gustavo Zacarias
4500504488 gnupg: security bump to version 1.4.13
Fixes CVE-2012-6085.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2013-01-02 14:58:16 +01:00
Thomas Petazzoni
835c29a965 gnupg: fix build failure on MIPS64
Fixes:

  http://autobuild.buildroot.org/results/49d5891dcecf2cce8de9f2bdb16a76ff86579f45/build-end.log

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2012-12-16 16:52:00 +01:00
Peter Korsgaard
525cd9eed1 gnupg: don't prefix assembly level functions with underscore
Fixes http://autobuild.buildroot.net/results/45a0856bafa9f2f7e86e2c063528c2b5b04c08d6

gnupg's configure script defaults to prepending an underscore ('_') to
the assembly level functions, which isn't correct for Linux and causes
linker errors for the archs where it has asm optimizations.

Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2012-10-16 22:34:37 +02:00
Peter Korsgaard
260a582018 package: add gnupg
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2012-10-15 10:20:59 +02:00