[ubuntu/yakkety-proposed] gnupg1 1.4.20-7ubuntu1 (Accepted)
Dimitri John Ledkov
xnox at ubuntu.com
Wed Aug 31 11:44:16 UTC 2016
gnupg1 (1.4.20-7ubuntu1) yakkety; urgency=medium
* Merge with Debian. Remaining Ubuntu changes:
- Disable mlock() test since it fails with ulimit 0 (on buildds).
- Set gpg (or gpg2) and gpgsm to use a passphrase agent by default.
- Enable SHA-512 support in gpgv-udeb.
* Dropped changes, gnupg1 will not be in default installs:
- Only suggest gnupg-curl and libldap; recommendations are pulled into
minimal, and we don't need the keyserver utilities in a minimal Ubuntu
system.
* Dropped changes:
- Not present in Debian any more: Disable inline assembler for ppc64el.
- Drop lp1541925.patch, present in Debian as
0006-g10-Make-sure-to-have-the-directory-for-trustdb.patch
* SECURITY UPDATE: random number generator prediction
- debian/patches/CVE-2016-6313-1.patch: improve readability by using a
macro in cipher/random.c.
- debian/patches/CVE-2016-6313-2.patch: hash continuous areas in the
csprng pool in cipher/random.c.
- CVE-2016-6313
gnupg1 (1.4.20-7) unstable; urgency=medium
* Release to unstable.
gnupg1 (1.4.20-6+exp5) experimental; urgency=medium
* two more fixes from upstream
* build-depend explicitly on automake
gnupg1 (1.4.20-6+exp4) experimental; urgency=medium
* make debian/copyright even more detailed.
gnupg1 (1.4.20-6+exp3) experimental; urgency=medium
* rename source package from gnupg to gnupg1
* convert packaging to modern dh
* break out an arch-indep gnupg1-l10n package
* pull in several as-yet-unreleased upstream fixes
* fix upstream spelling errors and clean up lintian warnings
* update debian/watch, debian/control, and debian/copyright
gnupg (1.4.20-6+exp2) experimental; urgency=medium
* corrected Conflicts with older gnupg binaries (Closes: #821910)
gnupg (1.4.20-6+exp1) experimental; urgency=medium
* ship binary packages gpgv1 and gnupg1, since gnupg2 source package is
now providing gpgv and gnupg in experimental
Date: Wed, 31 Aug 2016 11:47:54 +0100
Changed-By: Dimitri John Ledkov <xnox at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/gnupg1/1.4.20-7ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 31 Aug 2016 11:47:54 +0100
Source: gnupg1
Binary: gnupg1 gnupg1-curl gpgv1 gpgv1.4-udeb gnupg1-l10n
Architecture: source
Version: 1.4.20-7ubuntu1
Distribution: yakkety
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Dimitri John Ledkov <xnox at ubuntu.com>
Description:
gnupg1 - GNU privacy guard - a free PGP replacement ("classic" version)
gnupg1-curl - GNU privacy guard - a free PGP replacement (cURL helpers for "cla
gnupg1-l10n - GNU privacy guard "classic" - localization files
gpgv1 - GNU privacy guard - signature verification tool ("classic" versio
gpgv1.4-udeb - minimal signature verification tool (udeb)
Closes: 821910
Changes:
gnupg1 (1.4.20-7ubuntu1) yakkety; urgency=medium
.
* Merge with Debian. Remaining Ubuntu changes:
- Disable mlock() test since it fails with ulimit 0 (on buildds).
- Set gpg (or gpg2) and gpgsm to use a passphrase agent by default.
- Enable SHA-512 support in gpgv-udeb.
* Dropped changes, gnupg1 will not be in default installs:
- Only suggest gnupg-curl and libldap; recommendations are pulled into
minimal, and we don't need the keyserver utilities in a minimal Ubuntu
system.
* Dropped changes:
- Not present in Debian any more: Disable inline assembler for ppc64el.
- Drop lp1541925.patch, present in Debian as
0006-g10-Make-sure-to-have-the-directory-for-trustdb.patch
* SECURITY UPDATE: random number generator prediction
- debian/patches/CVE-2016-6313-1.patch: improve readability by using a
macro in cipher/random.c.
- debian/patches/CVE-2016-6313-2.patch: hash continuous areas in the
csprng pool in cipher/random.c.
- CVE-2016-6313
.
gnupg1 (1.4.20-7) unstable; urgency=medium
.
* Release to unstable.
.
gnupg1 (1.4.20-6+exp5) experimental; urgency=medium
.
* two more fixes from upstream
* build-depend explicitly on automake
.
gnupg1 (1.4.20-6+exp4) experimental; urgency=medium
.
* make debian/copyright even more detailed.
.
gnupg1 (1.4.20-6+exp3) experimental; urgency=medium
.
* rename source package from gnupg to gnupg1
* convert packaging to modern dh
* break out an arch-indep gnupg1-l10n package
* pull in several as-yet-unreleased upstream fixes
* fix upstream spelling errors and clean up lintian warnings
* update debian/watch, debian/control, and debian/copyright
.
gnupg (1.4.20-6+exp2) experimental; urgency=medium
.
* corrected Conflicts with older gnupg binaries (Closes: #821910)
.
gnupg (1.4.20-6+exp1) experimental; urgency=medium
.
* ship binary packages gpgv1 and gnupg1, since gnupg2 source package is
now providing gpgv and gnupg in experimental
Checksums-Sha1:
89b1e7971d023fe3e532b01f2e0de09136e7b28d 2102 gnupg1_1.4.20-7ubuntu1.dsc
39d9c75e4a45d8df48c337b7132f7db9486ec1c3 49472 gnupg1_1.4.20-7ubuntu1.debian.tar.xz
Checksums-Sha256:
35f101f5e13dfc0460edc1550e15e02692ee7e0aaa89aad62bb6bda05638d807 2102 gnupg1_1.4.20-7ubuntu1.dsc
a996e941fc9047026721018b745e54c2db6c1537f4ef679f06d5cde37efe5ee5 49472 gnupg1_1.4.20-7ubuntu1.debian.tar.xz
Files:
19a58955b14c933030ddb8d3690f984a 2102 utils important gnupg1_1.4.20-7ubuntu1.dsc
7710e6b3866dfbea2a1cf75337119e92 49472 utils important gnupg1_1.4.20-7ubuntu1.debian.tar.xz
Original-Maintainer: Debian GnuPG-Maintainers <pkg-gnupg-maint at lists.alioth.debian.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAEBCAAGBQJXxr5XAAoJEMrC2LnNLKX5DYIH/0nwZvElSttv0IJztxdXxSWl
AgTQxfdBjbiR1dXh9ECtgwbT3QRVp5PBEY1+EqMZ2gtYfZBXoTIRdAuBoJU91GAk
JegAjPC+meabeEYW4pEKIHKdRFvYOjKtL6j+OHcdtkuL/WaSbinoHVZKJiEo/skK
Zub/F/FEBgzAyyLjwf0raF9w4fKssxXCvesG17GyQHoJ/0S/F93NfbqG72KpfS4B
eKrWQHMiaIjhZRdarDLP32ba1Bms3/xMsKf5lwlVvAQibKrJCkJ2LIPEA4RscGpT
EaY0uSkAj9mmswMlUuR5Ld4XWI5IVV9FjOszdpqLTeqyL/4AHELiqSWO+zbQzMc=
=rBVH
-----END PGP SIGNATURE-----
More information about the Yakkety-changes
mailing list