[Bug 1615039] Re: [FFe] /usr/bin/gnupg --version should be 2.1

Dimitri John Ledkov launchpad at surgut.co.uk
Wed Aug 31 13:22:19 UTC 2016 

gnupg1 (1.4.20-7ubuntu1) yakkety; urgency=medium

  * Merge with Debian. Remaining Ubuntu changes:
    - Disable mlock() test since it fails with ulimit 0 (on buildds).
    - Set gpg (or gpg2) and gpgsm to use a passphrase agent by default.
    - Enable SHA-512 support in gpgv-udeb.
  * Dropped changes, gnupg1 will not be in default installs:
    - Only suggest gnupg-curl and libldap; recommendations are pulled into
      minimal, and we don't need the keyserver utilities in a minimal Ubuntu
      system.
  * Dropped changes:
    - Not present in Debian any more: Disable inline assembler for ppc64el.
    - Drop lp1541925.patch, present in Debian as
      0006-g10-Make-sure-to-have-the-directory-for-trustdb.patch
  * SECURITY UPDATE: random number generator prediction
    - debian/patches/CVE-2016-6313-1.patch: improve readability by using a
      macro in cipher/random.c.
    - debian/patches/CVE-2016-6313-2.patch: hash continuous areas in the
      csprng pool in cipher/random.c.
    - CVE-2016-6313

gnupg1 (1.4.20-7) unstable; urgency=medium

  * Release to unstable.

gnupg1 (1.4.20-6+exp5) experimental; urgency=medium

  * two more fixes from upstream
  * build-depend explicitly on automake

gnupg1 (1.4.20-6+exp4) experimental; urgency=medium

  * make debian/copyright even more detailed.

gnupg1 (1.4.20-6+exp3) experimental; urgency=medium

  * rename source package from gnupg to gnupg1
  * convert packaging to modern dh
  * break out an arch-indep gnupg1-l10n package
  * pull in several as-yet-unreleased upstream fixes
  * fix upstream spelling errors and clean up lintian warnings
  * update debian/watch, debian/control, and debian/copyright

gnupg (1.4.20-6+exp2) experimental; urgency=medium

  * corrected Conflicts with older gnupg binaries (Closes: #821910)

gnupg (1.4.20-6+exp1) experimental; urgency=medium

  * ship binary packages gpgv1 and gnupg1, since gnupg2 source package is
    now providing gpgv and gnupg in experimental

 -- Dimitri John Ledkov <xnox at ubuntu.com>  Wed, 31 Aug 2016 11:47:54
+0100

** Tags added: block-proposed

** Changed in: gnupg2 (Ubuntu)
       Status: New => In Progress

** Changed in: gnupg1 (Ubuntu)
       Status: New => Fix Committed

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-6313

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to gnupg in Ubuntu.
https://bugs.launchpad.net/bugs/1615039

Title:
  [FFe] /usr/bin/gnupg --version should be 2.1

Status in gnupg package in Ubuntu:
  New
Status in gnupg1 package in Ubuntu:
  Fix Committed
Status in gnupg2 package in Ubuntu:
  In Progress

Bug description:
  FFe to merge recent changes in debian packaging to make /usr/bin/gnupg
  the modern implementation of gnupg.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnupg/+bug/1615039/+subscriptions

More information about the foundations-bugs mailing list