Number of commits found: 122 (showing only 100 on this page)

1 | 2  »  

- Add optional dependency on security/pinentry port.

I'd like to keep this port (and package built on pointyhat) having
simple dependencies.  So this knob is off by default.

PR:             ports/156287, ports/164333
Submitted by:   Joseph Olatt <joji@eskimo.com>, Oliver Herold <oh@fixmbr.de>

- Upgrade to 2.0.19.

Feature safe:   yes

- Fix libcurl detection.

PR:             ports/160535
Submitted by    John Marshall <john.marshall@riverwillow.com.au>

- Upgrade to 2.0.18:
  - Support the SSH confirm flag and show SSH fingerprints in ssh
    related pinentries.
  - Improved dirmngr/gpgsm interaction for OCSP.
  - Allow generation of card keys up to 4096 bit.

- Improve for port:
  - Remove patch that was incorporated into this release.
  - Remove redundant BUILD_DEPENDS.
  - Patching should be done in a -patch target. Silence the REINPLACE.

Submitted by:   dougb
PR:             ports/159520

Add a patch to handle an ABI change relative to libgcrypt 1.5

Confirmed upstream:
http://lists.gnupg.org/pipermail/gnupg-users/2011-July/042333.html

PR:             ports/158674
Submitted by:   Mark Atkinson <atkin901@gmail.com>
Approved by:    early maintainer timeout/portmgr (pav)

- Chase the libgcrypt shared lib version

Update libksba to 1.2.0, and update dependent ports.
The patch also adds a verify target for the PGP signature
of the distfile.

Noteworthy changes in version 1.2.0 (2011-03-01)
------------------------------------------------

* New functions to allow the creation of X.509 certificates.

This release adds features required by the GnuPG 2.1 development
version.

PR:             ports/155506
Submitted by:   me
Approved by:    maintainer timeout

Version 2.0.17 was released on 2011-01-13:

What's New
===========
* Allow more hash algorithms with the OpenPGP v2 card.
* The gpg-agent now tests for a new gpg-agent.conf on a HUP.
* Fixed output of "gpgconf --check-options".
* Fixed a bug where Scdaemon sends a signal to Gpg-agent running in
  non-daemon mode.
* Fixed TTY management for pinentries and session variable update
  problem.
* Minor bug fixes.

For the port:
Camellia stopped being a configure option in 2.0.12
Fix minor typo for GPGSM OPTION
Minor plist update for 2.0.17

files/patch-keybox-blob.c seems to be no longer needed [2]

PR:             ports/153984
Submitted by:   me
Submitted by:   Hirohisa Yamaguchi <umq@ueo.co.jp> [2]
Approved by:    maintainer timeout (24 days)
Feature safe:   yes

Fix the shared library version number for libassuan to reflect what
the authors intended by adding:

USE_AUTOTOOLS=  libtool
USE_GNOME=      ltverhack

to security/libassuan/Makefile.

Update the libassuan shared library version number and/or bump
PORTREVISION in the dependent ports.

Requested by:   ale
Feature safe:   yes

Update libassuan to version 2.0.1:

* Input and output notification handler can now really access the
  parsed fd as stated in the manual.

* Cleaned up the logging.

Bump PORTREVISION and libassuan version number in related ports

- Chase libksba shlib version bump in directly-dependent ports

Reported by:            ale and others via private email
Another pointy to:      glarkin

- Chase security/libksba shlib version bump

Requested by:   kwm
Pointyhat to:   glarkin

- Fix WITH_SUID_GPG knob.

PR:             152359
Submitted by:   sunpoet

Chase security/libgcrypt shlib bump.

PR:             ports/148755
Submitted by:   Hirohisa Yamaguchi <umq@ueo.co.jp>

- Fix $LICENSE_FILE [1].
- Fix realloc bug in GPGSM (not affected GPG itself) [2].

PR:             ports/148817 [1]
Submitted by:   Anonymous <swell.k@gmail.com> [1]
Security:      
http://lists.gnupg.org/pipermail/gnupg-announce/2010q3/000302.html [2]

- Upgrade to 2.0.16.
- Add license info.

PR:             ports/148756
Submitted by:   Hirohisa Yamaguchi <umq@ueo.co.jp>

Update to version 2.0.15, which has the following changes:
 * New command --passwd for GPG.
 * Fixes a regression in 2.0.14 which prevented unprotection of new
   or changed gpg-agent passphrases.
 * Make use of libassuan 2.0 which is available as a DSO.

For the port:
 * Since libassuan is now a shared lib, move it LIB_DEPENDS
 * Remove now-spurious CONFLICTS

Approved by:    maintainer

Fix port name on the LEFT side of the : for BUILD_DEPENDS

While I'm here update to the current version of libassuan-1 (1.0.5)

Update security/libassuan to version 2.0.0, which is required by gnupg 2.0.15

Unfortunately version 2.0.0 is largely incompatible with version 1.x, so it
is necessary to have a stopgap measure while ports that depend on libassuan
can be updated. In conversation with the maintainers of the dependent ports
it was originally considered ideal to prepare updates for the ports first,
then upgrade everything to libassuan 2.x en masse. Since no action has
arisen on that front, go with plan B:

Copy security/libassuan to security/libassuan-1, and update the dependent
ports accordingly. Because this is (intended to be) a _temporary_ measure,
and because no updates for libassuan 1.x are anticipated, and because the
hope is that it can be removed sooner rather than later, it's a copy instead
of a repocopy.

Bounce PORTREVISION for gettext-related ports.  Have fun, ya'll.

Chase the ftp/curl shlib version bump.

- Unbreak on 9-current (utmpx).

PR:             ports/142865, ports/142871
Submitted by:   garga, keramida
Tested on:      9-current, 8.0

- Upgrade to 2.0.14.

- Upgrade to 2.0.13.

- Upgrade to 2.0.12.
- Turn on Camellia option (rfc5581 published).

PR:             ports/135668
Submitted by:   Hirohisa Yamaguchi <umq@ueo.co.jp>

- Chase libusb20 rename in r189585.
- Mark sane-backends broken on current due to changes
  in USB stack.

Reviewed by:    thompsa (old version), miwi
Tested by:      miwi

Upgrade to 2.0.11 (minor fixes).

Bump the version of the curl shared library after the ftp/curl update
to 7.19.2.
Bump PORTREVISION, even on the ports that do not have a versioned
dependency, since the binaries will most probably still stop working.

- Add notice about CAMELLIA option (for testing only) [1].
- Turn CAMELLIA off by default for above reason.

Suggested by:   dougb [1]

Upgrade to 2.0.10.

PR:             ports/130430
Submitted by:   Hirohisa Yamaguchi <umq@ueo.co.jp>
Announcement:  
https://lists.gnupg.org/pipermail/gnupg-announce/2009q1/000284.html

- Bump PORTREVISION due to share library version bump in security/libgcrypt

PR:              ports/127478

Make WITHOUT_NLS actually work

Bump portrevision due to upgrade of devel/gettext.

The affected ports are the ones with gettext as a run-dependency
according to ports/INDEX-7 (5007 of them) and the ones with USE_GETTEXT
in Makefile (29 of them).

PR:             ports/124340
Submitted by:   edwin@
Approved by:    portmgr (pav)

- Update to 2.0.9

Notes:
        This update fixes a possible security vulnerability involving
        memory corruption from importing malicious keys.

PR:             122114/122349
Submitted by:   Hirohisa Yamaguchi <umq@ueo.co.jp> / Nick Barkas
<snb@threerings.net>
Approved by:    maintainer timeout
Security:      
http://www.vuxml.org/freebsd/30394651-13e1-11dd-bab7-0016179b2dd5.html

- Upgrade to 2.0.8.
- Change dependency versions.
- NLS option back again.
- Make GPGSM option off by default (to avoid ldap dependency in package).

PR:             ports/118895
Submitted by:   Hirohisa Yamaguchi <umq@ueo.co.jp>

Chase libgcrypt library version

- Add a note "require LDAP" in GPGSM knob for $OPTIONS.  This may help
  to reduce confusion when "WITHOUT_LDAP and WITH_GPGSM selected, but
  OpenLDAP dependency exists" situcation.

PR:             ports/116558
Reported by:    Jo Rhett <jrhett@netconsonance.com>

Backout the commit with addition of pinentry as a run dependency because
it needs discussion.

Add RUN_DEPEND on security/pinentry because gpg is almost useless
without it.

PR:             115760
Submitted by:   novel
Approved by:    maintainer timeout (1 week, linimon ok)

Resurrect handy WITH_SUID_GPG knob.

PR:             114926
Submitted by:   novel
Approved by:    maintainer timeout

- Set --mandir and --infodir in CONFIGURE_ARGS if the configure script
  supports them.  This is determined by running ``configure --help'' in
  do-configure target and set the shell variable _LATE_CONFIGURE_ARGS
  which is then passed to CONFIGURE_ARGS.
- Remove --mandir and --infodir in ports' Makefile where applicable
  Few ports use REINPLACE_CMD to achieve the same effect, remove them too.
- Correct some manual pages location from PREFIX/man to MANPREFIX/man
- Define INFO_PATH where necessary
- Document that .info files are installed in a subdirectory relative to
  PREFIX/INFO_PATH and slightly change add-plist-info to use INFO_PATH and
  subdirectory detection.

PR:             ports/111470
Approved by:    portmgr
Discussed with: stas (Mk/*), gerald (info related stuffs)
Tested by:      pointyhat exp run

Upgrade to 2.0.4 (maintainance release with a few minor enhancements).

PR:             ports/113676
Submitted by:   Hirohisa Yamaguchi <umq@ueo.co.jp>

- Fix breakage on WITHOUT_NLS=t condition by forcing --enable-nls in
  configure args which I fogot in previous commit.

Reported by:    kris

- Upgrade to 2.0.3 (including same safety belt as of 1.4.7).

References:    
http://lists.gnupg.org/pipermail/gnupg-announce/2007q1/000251.html

Track libgpg-error shlib version change.

- Upgrade to 2.0.2.

Fix breakage.

- Make GPGSM dependency optional (then we can use this port without LDAP
  dependency). [1]
- Remove libpth hack in configure since this problem was fixed in 2.0.1. [2]
- Remove silly conflict detections which breaks BATCH building [2],[3]
- Check libassuan package version (to avoid using old lib) [4]

PR:             ports/107185 (I'm still working on NLS problem) [2],
                ports/107349 [3]
Submitted by:   Brian Minard <bminard@flatfoot.ca> [1],
                dougb [2],
                Ulrich Spoerlein <uspoerlein@gmail.com> [3],
                Ian Lister <freebsd-ports@lister.dnsalias.net> [4]

- Force USE_GETTEXT=YES (remove from OPTIONS) because 2.0.x cannot be
  compiled without libintl.so (I didn't notice this by hidden
  dependencies).

PR:                     ports/107089
Investigated with:      Roland Smith <rsmith@xs4all.nl>

gnupg-devel and gnupg-2.x conflict.

- Upgrade gnupg to 2.0.1.  Old stable version (1.4.6) was repocopied
  to security/gnupg1.

Thanks to:      dougb, lofi

Update the ftp/curl port to 7.16.0.
Bump PORTREVISION of all dependent ports.
Fix the build errors in the few ports that still use the long deprecated,
and now obsoleted, cURL options.

Thanks to everyone who took the time to look over the patch!

Discussed on:   -ports

- Unbreak locale.

PR:             ports/106456
Submitted by:   jjuanino@gmail.com

- Upgrade to 1.4.6 (including security fix).

Security:       CVE-2006-6235
References:    
http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000491.html

Fix buffer overflow.

References:    
http://lists.gnupg.org/pipermail/gnupg-announce/2006q4/000241.html

Fix GnuPG's hidden dependency on cURL - add cURL support to OPTIONS and
either explicitly depend on it, or disable it in the configure options.

PR:             103427
Silence from:   kuriyama (maintainer)

- Fix WITH_LIBICONV to work correctly.
- Add WITH_USB to OPTIONS.

PR:             ports/101311
Submitted by:   Helge Oldach <gnupgaug06@oldach.net>

- Remove NOPORTDOCS from OPTIONS since the correct is check NOPORTDOCS and
  not WITH(OUT)_NOPORTDOCS
- Use PORTDOCS and clean pkg-plist
- Add NLS to OPTIONS as on by default and move the check after
  bsd.port.pre.mk
- Add --with-ldap=${LOCALBASE} because it was not finding ldap libs without
  this

PR:             ports/101318
Submitted by:   garga
Approved by:    maintainer timeout (14 days)

- Upgrade to 1.4.5.
  (fixes 2 more possible memory allocation attacks).
- Enable OPTIONS [1].

Security:      
http://lists.gnupg.org/pipermail/gnupg-announce/2006q3/000229.html
PR:             ports/93540 [1]
Submitted by:   Pawel Wieleba <P.Wieleba@iem.pw.edu.pl> [1]

- Upgrade to 1.4.4.
  (fixes user ID handling bug).

Security:      
http://lists.gnupg.org/pipermail/gnupg-announce/2006q2/000226.html

- Upgrade to 1.4.3.
- Handle hidden dependency on libusb (1).

Submitted by:   Peter Pentchev <roam@ringlet.net> (1)

Update to 1.4.2.2.

Security:       GnuPG does not detect injection of unsigned data
References:    
http://lists.gnupg.org/pipermail/gnupg-announce/2006q1/000216.html
Probbed by:     simon
Approved by:    portmgr (erwin)

Upgrade to 1.4.2.1.

Security:       False positive signature verification in GnuPG
References:    
http://lists.gnupg.org/pipermail/gnupg-announce/2006q1/000211.html
Prodded by:     simon

Fix the problem in --batch mode.

Obtained from: 
http://cvs.gnupg.org/cgi-bin/viewcvs.cgi/trunk/g10/keygen.c?rev=3853&r1=3852&r2=3853
PR:             ports/90105
Submitted by:   Thomas Vogt <thomas@bsdunix.ch>

Fix build failure on 4.x.

Reported by:    "Sander Holthaus - Orange XL" <info@orangexl.com>

Upgrade to 1.4.2.

PR:             ports/84289
Submitted by:   Vasil Dimov <vd@datamax.bg>

Upgrade to 1.4.1.

PR:             ports/80157
Submitted by:   Vasil Dimov <vd@datamax.bg>
Kindly knocked by:      dougb

At Kris's request, back out the MACHINE_ARCH spelling correction until
after 5.4-RELEASE.

Assist getting more ports working on AMD64 by obeying the
Ports Collection documentation and use 'ARCH' rather than 'MACHINE_ARCH'.

Add a workaround patch to avoid protocol attack (but will not be
effective in the real world).

References:    
http://lists.gnupg.org/pipermail/gnupg-announce/2005q1/000190.html (broken
mailman archive)
                http://www.pgp.com/library/ctocorner/openpgp.html
                http://eprint.iacr.org/2005/033
Reported by:    dougb

Upgrade to 1.4.0.

Update to 1.2.6.
Utilize DOCSDIR and DATADIR macros.

Approved by:    kuriyama (maintainer)

Link with openldap library only when WITH_LDAP knob is specified
explicitly.

- Upgrade to 1.2.5.
- Remove unnecessary "@unexec rmdir"s for locales.

Fix LDAP detection. For everybody who has a the default
openldap client installed, this will cause a plist change.
I didn't bump the PORTREVISION, but it might not be a bad
idea. I'll leave that up to the maintainer.

Add WITHOUT_NLS knob.

PR:             ports/64491
Submitted by:   Sebastian Klemke <packet@adrenochrome.nl>

- Use USE_ICONV knob

Approved by:    portmgr

Add USE_GETTEXT and bump PORTREVISION.

Submitted by:   trevor
Tested by:      bento

Now gettext 0.12.1 is gettext-old.

Upgrade to 1.2.4.

*** Security Update (not fix, only workaround) ***

Disable the ability to create signatures using the ElGamal
sign+encrypt (type 20) keys as well as to remove the option
to create such keys.

Reported by:    se
References:    
http://lists.gnupg.org/pipermail/gnupg-devel/2003-November/020570.html
               
http://lists.gnupg.org/pipermail/gnupg-devel/2003-November/020569.html
Approved by     portmgr (will)

What users should use is WITH_LDAP and USE_OPENLDAP is for ports
system.

Submitted by:   Alex Dupre <sysadmin@alexdupre.com>
PR:             ports/59151

Fix USE_DYNAMIC_LINKING detection.

Submitted by:   ls+gnupg.devel.gnupg.org@gambit.com.ru
References:    
http://lists.gnupg.org/pipermail/gnupg-devel/2003-October/020503.html

Add missing share/locale/ro/LC_MESSAGES/gnupg.mo and clean up
@unexec rmdir's.

PR:             ports/58212
Submitted by:   Dimitry Andric <dimitry@andric.com>

Respect USE_OPENLDAP(WANT_OPENLDAP_VER).

Pointed out by: lofi

Bump the PORTREVISION for the ports directly affected by the gettext upgrade.

Prodded by:     kris

Chase the libintl.so shared lib version.

o Upgrade to 1.2.3.
o Remove explicit --enable-tiger from $CONFIGURE_ARGS.  This feature will
  be removed from GnuPG.

Fix non-default dependency on openldap2[012] which is broken by splitting.

# I'm not bumped port revision of them because this should not affect
# packages built on bento...

Show $PKGMESSAGE only if $OSVERSION < 500019.
Add URL reference for rndcontrol.

Submitted by:   dougb

Upgrade to 1.2.2.

Check versioned library file explicitly.

PR:             ports/48692
Submitted by:   fenner

Point dependencies on net/openldap2 to net/openldap20

de-pkg-comment.

Use MASTER_SITE_GNUPG

Upgrade to 1.2.1.

Directory in master site is changed.

Reported by:    ijliao

Upgrade to 1.2.0.

PR:             ports/43211
Submitted by:   Jason Harris <jharris@widomaker.com>
Modified by:    kuriyama (for WITH_LDAP)

Chase shlib rev of devel/gettext

Submitted by:   lots and lots
Pointy hat to:  ade

(1) Remove implicit dependency on devel/gdbm.
(2) Allow to explicit dependency on converters/libiconv with WITH_LIBICONV
    knob.

Submitted by:   NIIMI Satoshi <sa2c@sa2c.net> (1),
                Dmitry Morozovsky <marck@rinet.ru> (2)
PR:             ports/40653 (1), ports/40814 (2)

Number of commits found: 122 (showing only 100 on this page)

1 | 2  »  

12 vulnerabilities affecting 17 ports have been reported in the past 14 days

^* - modified, not new

All vulnerabilities