From 85b7febd8c8afc66100d9c9e763c531621863490 Mon Sep 17 00:00:00 2001 From: Tomas Mraz Date: Mon, 28 Nov 2016 15:10:25 +0100 Subject: [PATCH] upgrade to 2.1.16 --- .gitignore | 2 + gnupg-2.1.13-init-libgcrypt.patch | 248 ------------------ ...patch => gnupg-2.1.16-file-is-digest.patch | 50 ++-- gnupg2.spec | 13 +- sources | 4 +- 5 files changed, 35 insertions(+), 282 deletions(-) delete mode 100644 gnupg-2.1.13-init-libgcrypt.patch rename gnupg-2.1.13-file-is-digest.patch => gnupg-2.1.16-file-is-digest.patch (77%) diff --git a/.gitignore b/.gitignore index b62eaee..bd1c570 100644 --- a/.gitignore +++ b/.gitignore @@ -42,3 +42,5 @@ gnupg-2.0.16.tar.bz2.sig /gnupg-2.1.12.tar.bz2.sig /gnupg-2.1.13.tar.bz2 /gnupg-2.1.13.tar.bz2.sig +/gnupg-2.1.16.tar.bz2 +/gnupg-2.1.16.tar.bz2.sig diff --git a/gnupg-2.1.13-init-libgcrypt.patch b/gnupg-2.1.13-init-libgcrypt.patch deleted file mode 100644 index 40aed1b..0000000 --- a/gnupg-2.1.13-init-libgcrypt.patch +++ /dev/null @@ -1,248 +0,0 @@ -diff -up gnupg-2.1.13/agent/gpg-agent.c.init-libgcrypt gnupg-2.1.13/agent/gpg-agent.c ---- gnupg-2.1.13/agent/gpg-agent.c.init-libgcrypt 2016-06-16 17:23:13.000000000 +0200 -+++ gnupg-2.1.13/agent/gpg-agent.c 2016-08-22 16:24:16.739544139 +0200 -@@ -765,14 +765,6 @@ main (int argc, char **argv ) - - npth_init (); - -- /* Check that the libraries are suitable. Do it here because -- the option parsing may need services of the library. */ -- if (!gcry_check_version (NEED_LIBGCRYPT_VERSION) ) -- { -- log_fatal( _("%s is too old (need %s, have %s)\n"), "libgcrypt", -- NEED_LIBGCRYPT_VERSION, gcry_check_version (NULL) ); -- } -- - malloc_hooks.malloc = gcry_malloc; - malloc_hooks.realloc = gcry_realloc; - malloc_hooks.free = gcry_free; -diff -up gnupg-2.1.13/agent/protect-tool.c.init-libgcrypt gnupg-2.1.13/agent/protect-tool.c ---- gnupg-2.1.13/agent/protect-tool.c.init-libgcrypt 2016-06-16 17:23:13.000000000 +0200 -+++ gnupg-2.1.13/agent/protect-tool.c 2016-08-22 16:24:16.771544218 +0200 -@@ -566,16 +566,9 @@ main (int argc, char **argv ) - i18n_init (); - init_common_subsystems (&argc, &argv); - -- if (!gcry_check_version (NEED_LIBGCRYPT_VERSION) ) -- { -- log_fatal( _("%s is too old (need %s, have %s)\n"), "libgcrypt", -- NEED_LIBGCRYPT_VERSION, gcry_check_version (NULL) ); -- } -- - setup_libgcrypt_logging (); - gcry_control (GCRYCTL_INIT_SECMEM, 16384, 0); - -- - pargs.argc = &argc; - pargs.argv = &argv; - pargs.flags= 1; /* (do not remove the args) */ -diff -up gnupg-2.1.13/common/init.c.init-libgcrypt gnupg-2.1.13/common/init.c ---- gnupg-2.1.13/common/init.c.init-libgcrypt 2016-02-02 07:05:16.000000000 +0100 -+++ gnupg-2.1.13/common/init.c 2016-08-22 16:24:16.771544218 +0200 -@@ -47,7 +47,9 @@ - # include /* For _assuan_w32ce_finish_pipe. */ - #endif - -+#include - #include "util.h" -+#include "i18n.h" - - /* This object is used to register memory cleanup functions. - Technically they are not needed but they can avoid frequent -@@ -182,6 +184,12 @@ _init_common_subsystems (gpg_err_source_ - atexit (sleep_on_exit); - #endif - -+ if (!gcry_check_version (NEED_LIBGCRYPT_VERSION)) -+ { -+ log_fatal (_("%s is too old (need %s, have %s)\n"), "libgcrypt", -+ NEED_LIBGCRYPT_VERSION, gcry_check_version (NULL)); -+ } -+ - /* Initialize the Estream library. */ - gpgrt_init (); - gpgrt_set_alloc_func (gcry_realloc); -diff -up gnupg-2.1.13/dirmngr/dirmngr.c.init-libgcrypt gnupg-2.1.13/dirmngr/dirmngr.c ---- gnupg-2.1.13/dirmngr/dirmngr.c.init-libgcrypt 2016-06-16 17:23:13.000000000 +0200 -+++ gnupg-2.1.13/dirmngr/dirmngr.c 2016-08-22 16:24:16.813544321 +0200 -@@ -755,10 +755,6 @@ main (int argc, char **argv) - - /* Check that the libraries are suitable. Do it here because - the option parsing may need services of the libraries. */ -- -- if (!gcry_check_version (NEED_LIBGCRYPT_VERSION) ) -- log_fatal (_("%s is too old (need %s, have %s)\n"), "libgcrypt", -- NEED_LIBGCRYPT_VERSION, gcry_check_version (NULL) ); - if (!ksba_check_version (NEED_KSBA_VERSION) ) - log_fatal( _("%s is too old (need %s, have %s)\n"), "libksba", - NEED_KSBA_VERSION, ksba_check_version (NULL) ); -diff -up gnupg-2.1.13/dirmngr/Makefile.am.init-libgcrypt gnupg-2.1.13/dirmngr/Makefile.am ---- gnupg-2.1.13/dirmngr/Makefile.am.init-libgcrypt 2016-07-12 11:34:24.449522584 +0200 -+++ gnupg-2.1.13/dirmngr/Makefile.am 2016-08-22 16:24:16.804544299 +0200 -@@ -94,8 +94,8 @@ dirmngr_ldap_SOURCES = dirmngr_ldap.c $( - dirmngr_ldap_CFLAGS = $(GPG_ERROR_CFLAGS) $(LIBGCRYPT_CFLAGS) - dirmngr_ldap_LDFLAGS = - dirmngr_ldap_LDADD = $(libcommon) no-libgcrypt.o \ -- $(GPG_ERROR_LIBS) $(LDAPLIBS) $(LBER_LIBS) $(LIBINTL) \ -- $(LIBICONV) -+ $(GPG_ERROR_LIBS) $(LIBGCRYPT_LIBS) $(LDAPLIBS) \ -+ $(LBER_LIBS) $(LIBINTL) $(LIBICONV) - endif - - dirmngr_client_SOURCES = dirmngr-client.c -diff -up gnupg-2.1.13/dirmngr/Makefile.in.init-libgcrypt gnupg-2.1.13/dirmngr/Makefile.in ---- gnupg-2.1.13/dirmngr/Makefile.in.init-libgcrypt 2016-07-12 11:34:24.000000000 +0200 -+++ gnupg-2.1.13/dirmngr/Makefile.in 2016-08-22 16:26:23.941857834 +0200 -@@ -618,7 +618,7 @@ dirmngr_LDFLAGS = $(extra_bin_ldflags) - @USE_LDAPWRAPPER_TRUE@dirmngr_ldap_CFLAGS = $(GPG_ERROR_CFLAGS) $(LIBGCRYPT_CFLAGS) - @USE_LDAPWRAPPER_TRUE@dirmngr_ldap_LDFLAGS = - @USE_LDAPWRAPPER_TRUE@dirmngr_ldap_LDADD = $(libcommon) no-libgcrypt.o \ --@USE_LDAPWRAPPER_TRUE@ $(GPG_ERROR_LIBS) $(LDAPLIBS) $(LBER_LIBS) $(LIBINTL) \ -+@USE_LDAPWRAPPER_TRUE@ $(GPG_ERROR_LIBS) $(LIBGCRYPT_LIBS) $(LDAPLIBS) $(LBER_LIBS) $(LIBINTL) \ - @USE_LDAPWRAPPER_TRUE@ $(LIBICONV) - - dirmngr_client_SOURCES = dirmngr-client.c -diff -up gnupg-2.1.13/g10/gpg.c.init-libgcrypt gnupg-2.1.13/g10/gpg.c ---- gnupg-2.1.13/g10/gpg.c.init-libgcrypt 2016-07-12 11:34:24.443522443 +0200 -+++ gnupg-2.1.13/g10/gpg.c 2016-08-22 16:24:16.848544408 +0200 -@@ -2181,14 +2181,6 @@ main (int argc, char **argv) - i18n_init(); - init_common_subsystems (&argc, &argv); - -- /* Check that the libraries are suitable. Do it right here because the -- option parsing may need services of the library. */ -- if (!gcry_check_version (NEED_LIBGCRYPT_VERSION) ) -- { -- log_fatal ( _("libgcrypt is too old (need %s, have %s)\n"), -- NEED_LIBGCRYPT_VERSION, gcry_check_version (NULL) ); -- } -- - /* Use our own logging handler for Libcgrypt. */ - setup_libgcrypt_logging (); - -diff -up gnupg-2.1.13/g10/gpgv.c.init-libgcrypt gnupg-2.1.13/g10/gpgv.c ---- gnupg-2.1.13/g10/gpgv.c.init-libgcrypt 2016-06-16 17:23:13.000000000 +0200 -+++ gnupg-2.1.13/g10/gpgv.c 2016-08-22 16:24:16.853544420 +0200 -@@ -155,11 +155,6 @@ main( int argc, char **argv ) - i18n_init(); - init_common_subsystems (&argc, &argv); - -- if (!gcry_check_version (NEED_LIBGCRYPT_VERSION) ) -- { -- log_fatal ( _("%s is too old (need %s, have %s)\n"), "libgcrypt", -- NEED_LIBGCRYPT_VERSION, gcry_check_version (NULL) ); -- } - gcry_control (GCRYCTL_DISABLE_SECMEM, 0); - - gnupg_init_signals (0, NULL); -diff -up gnupg-2.1.13/g13/g13.c.init-libgcrypt gnupg-2.1.13/g13/g13.c ---- gnupg-2.1.13/g13/g13.c.init-libgcrypt 2016-06-16 17:23:13.000000000 +0200 -+++ gnupg-2.1.13/g13/g13.c 2016-08-22 16:24:16.887544504 +0200 -@@ -372,11 +372,6 @@ main ( int argc, char **argv) - - npth_init (); - -- /* Check that the Libgcrypt is suitable. */ -- if (!gcry_check_version (NEED_LIBGCRYPT_VERSION) ) -- log_fatal (_("%s is too old (need %s, have %s)\n"), "libgcrypt", -- NEED_LIBGCRYPT_VERSION, gcry_check_version (NULL) ); -- - /* Take extra care of the random pool. */ - gcry_control (GCRYCTL_USE_SECURE_RNDPOOL); - -diff -up gnupg-2.1.13/g13/g13-syshelp.c.init-libgcrypt gnupg-2.1.13/g13/g13-syshelp.c ---- gnupg-2.1.13/g13/g13-syshelp.c.init-libgcrypt 2016-06-16 17:23:13.000000000 +0200 -+++ gnupg-2.1.13/g13/g13-syshelp.c 2016-08-22 16:24:16.885544499 +0200 -@@ -250,11 +250,6 @@ main ( int argc, char **argv) - i18n_init (); - init_common_subsystems (&argc, &argv); - -- /* Check that the Libgcrypt is suitable. */ -- if (!gcry_check_version (NEED_LIBGCRYPT_VERSION) ) -- log_fatal (_("%s is too old (need %s, have %s)\n"), "libgcrypt", -- NEED_LIBGCRYPT_VERSION, gcry_check_version (NULL) ); -- - /* Take extra care of the random pool. */ - gcry_control (GCRYCTL_USE_SECURE_RNDPOOL); - -diff -up gnupg-2.1.13/kbx/kbxutil.c.init-libgcrypt gnupg-2.1.13/kbx/kbxutil.c ---- gnupg-2.1.13/kbx/kbxutil.c.init-libgcrypt 2016-02-02 07:05:16.000000000 +0100 -+++ gnupg-2.1.13/kbx/kbxutil.c 2016-08-22 16:24:16.910544561 +0200 -@@ -460,14 +460,6 @@ main( int argc, char **argv ) - i18n_init (); - init_common_subsystems (&argc, &argv); - -- /* Check that the libraries are suitable. Do it here because -- the option parsing may need services of the library. */ -- if (!gcry_check_version (NEED_LIBGCRYPT_VERSION) ) -- { -- log_fatal (_("%s is too old (need %s, have %s)\n"), "libgcrypt", -- NEED_LIBGCRYPT_VERSION, gcry_check_version (NULL) ); -- } -- - gcry_set_log_handler (my_gcry_logger, NULL); - - /*create_dotlock(NULL); register locking cleanup */ -diff -up gnupg-2.1.13/scd/scdaemon.c.init-libgcrypt gnupg-2.1.13/scd/scdaemon.c ---- gnupg-2.1.13/scd/scdaemon.c.init-libgcrypt 2016-07-12 11:34:24.454522702 +0200 -+++ gnupg-2.1.13/scd/scdaemon.c 2016-08-22 16:24:16.930544610 +0200 -@@ -423,14 +423,6 @@ main (int argc, char **argv ) - - npth_init (); - -- /* Check that the libraries are suitable. Do it here because -- the option parsing may need services of the library */ -- if (!gcry_check_version (NEED_LIBGCRYPT_VERSION) ) -- { -- log_fatal (_("%s is too old (need %s, have %s)\n"), "libgcrypt", -- NEED_LIBGCRYPT_VERSION, gcry_check_version (NULL) ); -- } -- - ksba_set_malloc_hooks (gcry_malloc, gcry_realloc, gcry_free); - - malloc_hooks.malloc = gcry_malloc; -diff -up gnupg-2.1.13/sm/gpgsm.c.init-libgcrypt gnupg-2.1.13/sm/gpgsm.c ---- gnupg-2.1.13/sm/gpgsm.c.init-libgcrypt 2016-07-12 11:34:24.442522419 +0200 -+++ gnupg-2.1.13/sm/gpgsm.c 2016-08-22 16:24:16.946544649 +0200 -@@ -938,9 +938,6 @@ main ( int argc, char **argv) - - /* Check that the libraries are suitable. Do it here because the - option parse may need services of the library */ -- if (!gcry_check_version (NEED_LIBGCRYPT_VERSION) ) -- log_fatal (_("%s is too old (need %s, have %s)\n"), "libgcrypt", -- NEED_LIBGCRYPT_VERSION, gcry_check_version (NULL) ); - if (!ksba_check_version (NEED_KSBA_VERSION) ) - log_fatal (_("%s is too old (need %s, have %s)\n"), "libksba", - NEED_KSBA_VERSION, ksba_check_version (NULL) ); -diff -up gnupg-2.1.13/tools/gpg-check-pattern.c.init-libgcrypt gnupg-2.1.13/tools/gpg-check-pattern.c ---- gnupg-2.1.13/tools/gpg-check-pattern.c.init-libgcrypt 2016-06-16 17:23:13.000000000 +0200 -+++ gnupg-2.1.13/tools/gpg-check-pattern.c 2016-08-22 16:24:16.946544649 +0200 -@@ -171,13 +171,6 @@ main (int argc, char **argv ) - i18n_init (); - init_common_subsystems (&argc, &argv); - -- /* We need Libgcrypt for hashing. */ -- if (!gcry_check_version (NEED_LIBGCRYPT_VERSION) ) -- { -- log_fatal ( _("%s is too old (need %s, have %s)\n"), "libgcrypt", -- NEED_LIBGCRYPT_VERSION, gcry_check_version (NULL) ); -- } -- - setup_libgcrypt_logging (); - gcry_control (GCRYCTL_INIT_SECMEM, 4096, 0); - -diff -up gnupg-2.1.13/tools/symcryptrun.c.init-libgcrypt gnupg-2.1.13/tools/symcryptrun.c ---- gnupg-2.1.13/tools/symcryptrun.c.init-libgcrypt 2016-06-16 17:23:13.000000000 +0200 -+++ gnupg-2.1.13/tools/symcryptrun.c 2016-08-22 16:24:16.947544651 +0200 -@@ -998,11 +998,6 @@ main (int argc, char **argv) - log_set_file (logfile); - - gcry_control (GCRYCTL_SUSPEND_SECMEM_WARN); -- if (!gcry_check_version (NEED_LIBGCRYPT_VERSION) ) -- { -- log_fatal (_("%s is too old (need %s, have %s)\n"), "libgcrypt", -- NEED_LIBGCRYPT_VERSION, gcry_check_version (NULL) ); -- } - setup_libgcrypt_logging (); - gcry_control (GCRYCTL_INIT_SECMEM, 16384, 0); - diff --git a/gnupg-2.1.13-file-is-digest.patch b/gnupg-2.1.16-file-is-digest.patch similarity index 77% rename from gnupg-2.1.13-file-is-digest.patch rename to gnupg-2.1.16-file-is-digest.patch index 99cb27a..2e82870 100644 --- a/gnupg-2.1.13-file-is-digest.patch +++ b/gnupg-2.1.16-file-is-digest.patch @@ -1,7 +1,7 @@ -diff -up gnupg-2.1.13/g10/gpg.c.file-is-digest gnupg-2.1.13/g10/gpg.c ---- gnupg-2.1.13/g10/gpg.c.file-is-digest 2016-07-12 11:30:52.194555802 +0200 -+++ gnupg-2.1.13/g10/gpg.c 2016-07-12 11:32:08.205320299 +0200 -@@ -358,6 +358,7 @@ enum cmd_and_opt_values +diff -up gnupg-2.1.16/g10/gpg.c.file-is-digest gnupg-2.1.16/g10/gpg.c +--- gnupg-2.1.16/g10/gpg.c.file-is-digest 2016-11-24 15:30:57.324481279 +0100 ++++ gnupg-2.1.16/g10/gpg.c 2016-11-24 15:32:12.119210726 +0100 +@@ -372,6 +372,7 @@ enum cmd_and_opt_values oTTYtype, oLCctype, oLCmessages, @@ -9,7 +9,7 @@ diff -up gnupg-2.1.13/g10/gpg.c.file-is-digest gnupg-2.1.13/g10/gpg.c oXauthority, oGroup, oUnGroup, -@@ -767,6 +768,7 @@ static ARGPARSE_OPTS opts[] = { +@@ -795,6 +796,7 @@ static ARGPARSE_OPTS opts[] = { ARGPARSE_s_s (oPersonalCompressPreferences, "personal-compress-preferences", "@"), ARGPARSE_s_s (oFakedSystemTime, "faked-system-time", "@"), @@ -17,15 +17,15 @@ diff -up gnupg-2.1.13/g10/gpg.c.file-is-digest gnupg-2.1.13/g10/gpg.c ARGPARSE_s_s (oWeakDigest, "weak-digest","@"), ARGPARSE_s_n (oUnwrap, "unwrap", "@"), ARGPARSE_s_n (oOnlySignTextIDs, "only-sign-text-ids", "@"), -@@ -2248,6 +2250,7 @@ main (int argc, char **argv) +@@ -2356,6 +2358,7 @@ main (int argc, char **argv) gnupg_set_homedir (NULL); opt.passphrase_repeat = 1; - opt.emit_version = 1; /* Limit to the major number. */ -+ opt.file_is_digest=0; + opt.emit_version = 0; ++ opt.file_is_digest = 0; opt.weak_digests = NULL; additional_weak_digest("MD5"); -@@ -2797,6 +2800,7 @@ main (int argc, char **argv) +@@ -2902,6 +2905,7 @@ main (int argc, char **argv) opt.verify_options&=~VERIFY_SHOW_PHOTOS; break; case oPhotoViewer: opt.photo_viewer = pargs.r.ret_str; break; @@ -33,10 +33,10 @@ diff -up gnupg-2.1.13/g10/gpg.c.file-is-digest gnupg-2.1.13/g10/gpg.c case oForceMDC: opt.force_mdc = 1; break; case oNoForceMDC: opt.force_mdc = 0; break; -diff -up gnupg-2.1.13/g10/options.h.file-is-digest gnupg-2.1.13/g10/options.h ---- gnupg-2.1.13/g10/options.h.file-is-digest 2016-06-16 17:23:13.000000000 +0200 -+++ gnupg-2.1.13/g10/options.h 2016-07-12 11:30:52.196555848 +0200 -@@ -206,6 +206,7 @@ struct +diff -up gnupg-2.1.16/g10/options.h.file-is-digest gnupg-2.1.16/g10/options.h +--- gnupg-2.1.16/g10/options.h.file-is-digest 2016-11-18 15:23:15.000000000 +0100 ++++ gnupg-2.1.16/g10/options.h 2016-11-24 15:30:57.327481228 +0100 +@@ -213,6 +213,7 @@ struct int no_auto_check_trustdb; int preserve_permissions; int no_homedir_creation; @@ -44,9 +44,9 @@ diff -up gnupg-2.1.13/g10/options.h.file-is-digest gnupg-2.1.13/g10/options.h struct groupitem *grouplist; int mangle_dos_filenames; int enable_progress_filter; -diff -up gnupg-2.1.13/g10/sign.c.file-is-digest gnupg-2.1.13/g10/sign.c ---- gnupg-2.1.13/g10/sign.c.file-is-digest 2016-06-16 17:23:13.000000000 +0200 -+++ gnupg-2.1.13/g10/sign.c 2016-07-12 11:33:00.263540624 +0200 +diff -up gnupg-2.1.16/g10/sign.c.file-is-digest gnupg-2.1.16/g10/sign.c +--- gnupg-2.1.16/g10/sign.c.file-is-digest 2016-11-18 15:23:15.000000000 +0100 ++++ gnupg-2.1.16/g10/sign.c 2016-11-24 15:30:57.327481228 +0100 @@ -40,6 +40,7 @@ #include "pkglue.h" #include "sysutils.h" @@ -55,7 +55,7 @@ diff -up gnupg-2.1.13/g10/sign.c.file-is-digest gnupg-2.1.13/g10/sign.c #include "mbox-util.h" #ifdef HAVE_DOSISH_SYSTEM -@@ -671,6 +672,8 @@ write_signature_packets (SK_LIST sk_list +@@ -688,6 +689,8 @@ write_signature_packets (SK_LIST sk_list if (duration || opt.sig_policy_url || opt.sig_notations || opt.sig_keyserver_url) sig->version = 4; @@ -64,7 +64,7 @@ diff -up gnupg-2.1.13/g10/sign.c.file-is-digest gnupg-2.1.13/g10/sign.c else sig->version = pk->version; -@@ -694,8 +697,10 @@ write_signature_packets (SK_LIST sk_list +@@ -711,8 +714,10 @@ write_signature_packets (SK_LIST sk_list mk_notation_policy_etc (sig, NULL, pk); } @@ -77,7 +77,7 @@ diff -up gnupg-2.1.13/g10/sign.c.file-is-digest gnupg-2.1.13/g10/sign.c rc = do_sign (pk, sig, md, hash_for (pk), cache_nonce); gcry_md_close (md); -@@ -753,6 +758,8 @@ sign_file (ctrl_t ctrl, strlist_t filena +@@ -770,6 +775,8 @@ sign_file (ctrl_t ctrl, strlist_t filena SK_LIST sk_rover = NULL; int multifile = 0; u32 duration=0; @@ -86,7 +86,7 @@ diff -up gnupg-2.1.13/g10/sign.c.file-is-digest gnupg-2.1.13/g10/sign.c pfx = new_progress_context (); afx = new_armor_context (); -@@ -769,7 +776,16 @@ sign_file (ctrl_t ctrl, strlist_t filena +@@ -786,7 +793,16 @@ sign_file (ctrl_t ctrl, strlist_t filena fname = NULL; if( fname && filenames->next && (!detached || encryptflag) ) @@ -104,7 +104,7 @@ diff -up gnupg-2.1.13/g10/sign.c.file-is-digest gnupg-2.1.13/g10/sign.c if(encryptflag==2 && (rc=setup_symkey(&efx.symkey_s2k,&efx.symkey_dek))) -@@ -790,7 +806,7 @@ sign_file (ctrl_t ctrl, strlist_t filena +@@ -807,7 +823,7 @@ sign_file (ctrl_t ctrl, strlist_t filena goto leave; /* prepare iobufs */ @@ -113,7 +113,7 @@ diff -up gnupg-2.1.13/g10/sign.c.file-is-digest gnupg-2.1.13/g10/sign.c inp = NULL; /* we do it later */ else { inp = iobuf_open(fname); -@@ -928,7 +944,7 @@ sign_file (ctrl_t ctrl, strlist_t filena +@@ -945,7 +961,7 @@ sign_file (ctrl_t ctrl, strlist_t filena for (sk_rover = sk_list; sk_rover; sk_rover = sk_rover->next) gcry_md_enable (mfx.md, hash_for (sk_rover->pk)); @@ -122,7 +122,7 @@ diff -up gnupg-2.1.13/g10/sign.c.file-is-digest gnupg-2.1.13/g10/sign.c iobuf_push_filter( inp, md_filter, &mfx ); if( detached && !encryptflag) -@@ -983,6 +999,8 @@ sign_file (ctrl_t ctrl, strlist_t filena +@@ -1000,6 +1016,8 @@ sign_file (ctrl_t ctrl, strlist_t filena write_status_begin_signing (mfx.md); @@ -131,7 +131,7 @@ diff -up gnupg-2.1.13/g10/sign.c.file-is-digest gnupg-2.1.13/g10/sign.c /* Setup the inner packet. */ if( detached ) { if( multifile ) { -@@ -1023,6 +1041,45 @@ sign_file (ctrl_t ctrl, strlist_t filena +@@ -1040,6 +1058,45 @@ sign_file (ctrl_t ctrl, strlist_t filena if( opt.verbose ) log_printf ("\n"); } @@ -177,7 +177,7 @@ diff -up gnupg-2.1.13/g10/sign.c.file-is-digest gnupg-2.1.13/g10/sign.c else { /* read, so that the filter can calculate the digest */ while( iobuf_get(inp) != -1 ) -@@ -1040,8 +1097,8 @@ sign_file (ctrl_t ctrl, strlist_t filena +@@ -1058,8 +1115,8 @@ sign_file (ctrl_t ctrl, strlist_t filena /* write the signatures */ rc = write_signature_packets (sk_list, out, mfx.md, diff --git a/gnupg2.spec b/gnupg2.spec index e25c441..4cecde2 100644 --- a/gnupg2.spec +++ b/gnupg2.spec @@ -1,7 +1,7 @@ Summary: Utility for secure communication and data storage Name: gnupg2 -Version: 2.1.13 -Release: 2%{?dist} +Version: 2.1.16 +Release: 1%{?dist} License: GPLv3+ Group: Applications/System @@ -13,12 +13,10 @@ Patch1: gnupg-2.1.11-insttools.patch # needed for compatibility with system FIPS mode Patch3: gnupg-2.1.10-secmem.patch # non-upstreamable patch adding file-is-digest option needed for Copr -Patch4: gnupg-2.1.13-file-is-digest.patch +Patch4: gnupg-2.1.16-file-is-digest.patch Patch5: gnupg-2.1.1-ocsp-keyusage.patch Patch6: gnupg-2.1.1-fips-algo.patch Patch7: gnupg-2.1.12-build.patch -# upstream patch to avoid using libgcrypt uninitialized -Patch8: gnupg-2.1.13-init-libgcrypt.patch URL: http://www.gnupg.org/ @@ -94,7 +92,6 @@ to the base GnuPG package %patch5 -p1 -b .keyusage %patch6 -p1 -b .fips %patch7 -p1 -b .build -%patch8 -p1 -b .init-libgcrypt # pcsc-lite library major: 0 in 1.2.0, 1 in 1.2.9+ (dlopen()'d in pcsc-wrapper) # Note: this is just the name of the default shared lib to load in scdaemon, @@ -206,10 +203,12 @@ fi %{_libexecdir}/scdaemon %{_mandir}/man?/gpgsm* %{_mandir}/man?/scdaemon* -%{_datadir}/gnupg/com-certs.pem %changelog +* Mon Nov 28 2016 Tomáš Mráz - 2.1.16-1 +- upgrade to 2.1.16 + * Mon Aug 22 2016 Tomáš Mráz - 2.1.13-2 - avoid using libgcrypt without initialization (#1366909) diff --git a/sources b/sources index 73cf5cc..32981d8 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -6aa46856e4f39b1b559792f003aae986 gnupg-2.1.13.tar.bz2 -325a788f552f6155cdb7878dd35f0b66 gnupg-2.1.13.tar.bz2.sig +bfb53004773a014d401694f94229fc00 gnupg-2.1.16.tar.bz2 +f652e70d2b5c6f0d060bc67ba16d3394 gnupg-2.1.16.tar.bz2.sig