Commit Graph

11 Commits

Author SHA1 Message Date
Gustavo Zacarias
2402634f5a gnupg: security bump to version 1.4.17
Fixes CVE-2014-4617: The do_uncompress function in g10/compress.c in
GnuPG 1.x before 1.4.17 and 2.x before 2.0.24 allows context-dependent
attackers to cause a denial of service (infinite loop) via malformed
compressed packets, as demonstrated by an a3 01 5b ff byte sequence.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-06-25 22:29:53 +02:00
Bernd Kuhls
1e7602327a gnupg: depend on libiconv if appropriate
If iconv is built before gnupg, this package will link against it; if it is
built after this package, it will not be linked against it.  To make the
build reproducible, make sure that iconv is always built before this
package.

Signed-off-by: Bernd Kuhls <berndkuhls@hotmail.com>
Acked-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-02-04 11:24:04 +01:00
Peter Korsgaard
f7f241b5ea gnupg: bump version
And drop patch now upstream.

Security fix (CVE-2013-4576), see:

http://lists.gnupg.org/pipermail/gnupg-devel/2013-December/028102.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2013-12-19 16:51:58 +01:00
Gustavo Zacarias
72c71c8690 gnupg: security bump to version 1.4.15
Fixes CVE-2013-4402.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2013-10-09 22:19:34 +02:00
Peter Sanford
b2fab93b16 gnupg: option to include RSA support.
gnupg is compiled with --enable-minimal flag. This produces a binary that only
supports ElGamal and DSA public key algorithms.

RSA has been the default for `gpg --gen-key` since 2009, so it makes sense to
be able to build a gnupg binary that supports it.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2013-10-01 22:01:09 +02:00
Gustavo Zacarias
5c5e63d319 gnupg: security bump to version 1.4.14
Fixes CVE-2013-4242.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2013-08-05 22:50:09 +02:00
Alexandre Belloni
8dfd59d114 Normalize separator size to 80
Signed-off-by: Alexandre Belloni <alexandre.belloni@free-electrons.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2013-06-06 22:30:24 +02:00
Gustavo Zacarias
4500504488 gnupg: security bump to version 1.4.13
Fixes CVE-2012-6085.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2013-01-02 14:58:16 +01:00
Thomas Petazzoni
835c29a965 gnupg: fix build failure on MIPS64
Fixes:

  http://autobuild.buildroot.org/results/49d5891dcecf2cce8de9f2bdb16a76ff86579f45/build-end.log

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2012-12-16 16:52:00 +01:00
Peter Korsgaard
525cd9eed1 gnupg: don't prefix assembly level functions with underscore
Fixes http://autobuild.buildroot.net/results/45a0856bafa9f2f7e86e2c063528c2b5b04c08d6

gnupg's configure script defaults to prepending an underscore ('_') to
the assembly level functions, which isn't correct for Linux and causes
linker errors for the archs where it has asm optimizations.

Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2012-10-16 22:34:37 +02:00
Peter Korsgaard
260a582018 package: add gnupg
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2012-10-15 10:20:59 +02:00