notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)
Ukraine
Some details on the 2023-01-16 website outage.
We just rebooted with several updates: * new HMTLify code * no port maintainer is now highly visible (e.g. https://freshports.org/security/sssd/) * fixed search logic error when using plain/ text details at https://github.com/FreshPorts/freshports/releases/tag/2.2.34
Port details
gnupg Complete and free PGP implementation
2.3.8 security on this many watch lists=397 search for ports that depend on this port An older version of this port was marked as vulnerable. Find issues related to this port Report an issue related to this port View this port on Repology. pkg-fallout Version of this port present on the latest quarterly branch.
Maintainer: adridg@FreeBSD.org search for ports maintained by this maintainer
Port Added: unknown
Last Update: 2022-11-06 10:46:51
Commit Hash: 142c06a
People watching this port, also watch:: libiconv, gmake, expat, unzip, freetype2
License: GPLv3 LGPL3
Description:
Homepage    cgit ¦ Codeberg ¦ GitHub ¦ GitLab ¦ SVNWeb - no subversion history for this port
pkg-plist: as obtained via: make generate-plist
Expand this list (143 items)
Collapse this list.
  1. /usr/local/share/licenses/gnupg-2.3.8/catalog.mk
  2. /usr/local/share/licenses/gnupg-2.3.8/LICENSE
  3. /usr/local/share/licenses/gnupg-2.3.8/GPLv3
  4. /usr/local/share/licenses/gnupg-2.3.8/LGPL3
  5. bin/dirmngr
  6. bin/dirmngr-client
  7. bin/gpg-agent
  8. bin/gpg-card
  9. bin/gpg-connect-agent
  10. bin/gpg-wks-client
  11. bin/gpg-wks-server
  12. @comment @(,,4555) bin/gpg2
  13. bin/gpg2
  14. bin/gpgconf
  15. bin/gpgparsemail
  16. bin/gpgscm
  17. bin/gpgsm
  18. bin/gpgsplit2
  19. bin/gpgtar
  20. bin/gpgv2
  21. bin/kbxutil
  22. bin/watchgnupg
  23. @comment libexec/dirmngr_ldap
  24. libexec/gpg-auth
  25. libexec/gpg-check-pattern
  26. libexec/gpg-pair-tool
  27. libexec/gpg-preset-passphrase
  28. libexec/gpg-protect-tool
  29. libexec/gpg-wks-client
  30. libexec/keyboxd
  31. libexec/scdaemon
  32. man/man1/dirmngr-client.1.gz
  33. man/man1/gpg-agent.1.gz
  34. man/man1/gpg-card.1.gz
  35. man/man1/gpg-check-pattern.1.gz
  36. man/man1/gpg-connect-agent.1.gz
  37. man/man1/gpg-preset-passphrase.1.gz
  38. man/man1/gpg-wks-client.1.gz
  39. man/man1/gpg-wks-server.1.gz
  40. man/man1/gpg2.1.gz
  41. man/man1/gpgconf.1.gz
  42. man/man1/gpgparsemail.1.gz
  43. man/man1/gpgsm.1.gz
  44. man/man1/gpgtar.1.gz
  45. man/man1/gpgv2.1.gz
  46. man/man1/scdaemon.1.gz
  47. man/man1/watchgnupg.1.gz
  48. man/man7/gnupg.7.gz
  49. man/man8/addgnupghome.8.gz
  50. man/man8/applygnupgdefaults.8.gz
  51. man/man8/dirmngr.8.gz
  52. sbin/addgnupghome
  53. sbin/applygnupgdefaults
  54. share/doc/gnupg/DCO
  55. share/doc/gnupg/DETAILS
  56. share/doc/gnupg/FAQ
  57. share/doc/gnupg/HACKING
  58. share/doc/gnupg/KEYSERVER
  59. share/doc/gnupg/OpenPGP
  60. share/doc/gnupg/README
  61. share/doc/gnupg/TRANSLATE
  62. share/doc/gnupg/examples/Automatic.prf
  63. share/doc/gnupg/examples/README
  64. share/doc/gnupg/examples/VS-NfD.prf
  65. share/doc/gnupg/examples/common.conf
  66. share/doc/gnupg/examples/debug.prf
  67. share/doc/gnupg/examples/gpgconf.conf
  68. share/doc/gnupg/examples/gpgconf.rnames
  69. share/doc/gnupg/examples/pwpattern.list
  70. share/doc/gnupg/examples/qualified.txt
  71. share/doc/gnupg/examples/scd-event
  72. share/doc/gnupg/examples/systemd-user/README
  73. share/doc/gnupg/examples/systemd-user/dirmngr.service
  74. share/doc/gnupg/examples/systemd-user/dirmngr.socket
  75. share/doc/gnupg/examples/systemd-user/gpg-agent-browser.socket
  76. share/doc/gnupg/examples/systemd-user/gpg-agent-extra.socket
  77. share/doc/gnupg/examples/systemd-user/gpg-agent-ssh.socket
  78. share/doc/gnupg/examples/systemd-user/gpg-agent.service
  79. share/doc/gnupg/examples/systemd-user/gpg-agent.socket
  80. share/doc/gnupg/examples/trustlist.txt
  81. share/doc/gnupg/help.be.txt
  82. share/doc/gnupg/help.ca.txt
  83. share/doc/gnupg/help.cs.txt
  84. share/doc/gnupg/help.da.txt
  85. share/doc/gnupg/help.de.txt
  86. share/doc/gnupg/help.el.txt
  87. share/doc/gnupg/help.eo.txt
  88. share/doc/gnupg/help.es.txt
  89. share/doc/gnupg/help.et.txt
  90. share/doc/gnupg/help.fi.txt
  91. share/doc/gnupg/help.fr.txt
  92. share/doc/gnupg/help.gl.txt
  93. share/doc/gnupg/help.hu.txt
  94. share/doc/gnupg/help.id.txt
  95. share/doc/gnupg/help.it.txt
  96. share/doc/gnupg/help.ja.txt
  97. share/doc/gnupg/help.nb.txt
  98. share/doc/gnupg/help.pl.txt
  99. share/doc/gnupg/help.pt.txt
  100. share/doc/gnupg/help.pt_BR.txt
  101. share/doc/gnupg/help.ro.txt
  102. share/doc/gnupg/help.ru.txt
  103. share/doc/gnupg/help.sk.txt
  104. share/doc/gnupg/help.sv.txt
  105. share/doc/gnupg/help.tr.txt
  106. share/doc/gnupg/help.txt
  107. share/doc/gnupg/help.zh_CN.txt
  108. share/doc/gnupg/help.zh_TW.txt
  109. share/gnupg/distsigkey.gpg
  110. share/gnupg/sks-keyservers.netCA.pem
  111. share/locale/ca/LC_MESSAGES/gnupg2.mo
  112. share/locale/cs/LC_MESSAGES/gnupg2.mo
  113. share/locale/da/LC_MESSAGES/gnupg2.mo
  114. share/locale/de/LC_MESSAGES/gnupg2.mo
  115. share/locale/el/LC_MESSAGES/gnupg2.mo
  116. share/locale/en@boldquot/LC_MESSAGES/gnupg2.mo
  117. share/locale/en@quot/LC_MESSAGES/gnupg2.mo
  118. share/locale/eo/LC_MESSAGES/gnupg2.mo
  119. share/locale/es/LC_MESSAGES/gnupg2.mo
  120. share/locale/et/LC_MESSAGES/gnupg2.mo
  121. share/locale/fi/LC_MESSAGES/gnupg2.mo
  122. share/locale/fr/LC_MESSAGES/gnupg2.mo
  123. share/locale/gl/LC_MESSAGES/gnupg2.mo
  124. share/locale/hu/LC_MESSAGES/gnupg2.mo
  125. share/locale/id/LC_MESSAGES/gnupg2.mo
  126. share/locale/it/LC_MESSAGES/gnupg2.mo
  127. share/locale/ja/LC_MESSAGES/gnupg2.mo
  128. share/locale/nb/LC_MESSAGES/gnupg2.mo
  129. share/locale/pl/LC_MESSAGES/gnupg2.mo
  130. share/locale/pt/LC_MESSAGES/gnupg2.mo
  131. share/locale/ro/LC_MESSAGES/gnupg2.mo
  132. share/locale/ru/LC_MESSAGES/gnupg2.mo
  133. share/locale/sk/LC_MESSAGES/gnupg2.mo
  134. share/locale/sv/LC_MESSAGES/gnupg2.mo
  135. share/locale/tr/LC_MESSAGES/gnupg2.mo
  136. share/locale/uk/LC_MESSAGES/gnupg2.mo
  137. share/locale/zh_CN/LC_MESSAGES/gnupg2.mo
  138. share/locale/zh_TW/LC_MESSAGES/gnupg2.mo
  139. @postexec [ -e %D/bin/gpg ] || ln -sf gpg2 %D/bin/gpg
  140. @postunexec [ -e %D/bin/gpg ] || rm -f %D/bin/gpg
  141. @owner
  142. @group
  143. @mode
Collapse this list.
Dependency lines:
  • gnupg>0:security/gnupg
Conflicts:
CONFLICTS:
  • dirmngr
Conflicts Matches:
There are no Conflicts Matches for this port. This is usually an error.
To install the port:
cd /usr/ports/security/gnupg/ && make install clean
To add the package, run one of these commands:
  • pkg install security/gnupg
  • pkg install gnupg
NOTE: If this package has multiple flavors (see below), then use one of them instead of the name specified above.
PKGNAME: gnupg
Flavors: there is no flavor information for this port.
distinfo:

Packages (timestamps in pop-ups are UTC):
gnupg
ABIlatestquarterly
FreeBSD:11:aarch642.2.10_12.2.20
FreeBSD:11:amd642.3.22.3.2
FreeBSD:11:armv62.1.132.2.23
FreeBSD:11:i3862.3.22.3.2
FreeBSD:11:mipspkg-falloutpkg-fallout
FreeBSD:11:mips64pkg-falloutpkg-fallout
FreeBSD:12:aarch642.2.10_12.3.8
FreeBSD:12:amd642.3.82.3.8
FreeBSD:12:armv62.2.10_12.2.23
FreeBSD:12:armv72.2.10_12.2.23
FreeBSD:12:i3862.3.82.3.8
FreeBSD:12:mipspkg-falloutpkg-fallout
FreeBSD:12:mips64pkg-falloutpkg-fallout
FreeBSD:12:powerpc64pkg-fallout2.2.27
FreeBSD:13:aarch642.3.82.3.8
FreeBSD:13:amd642.3.82.3.8
FreeBSD:13:armv62.2.272.3.3_3
FreeBSD:13:armv72.3.82.3.8
FreeBSD:13:i3862.3.82.3.8
FreeBSD:13:mipspkg-falloutpkg-fallout
FreeBSD:13:mips64pkg-falloutpkg-fallout
FreeBSD:13:powerpc64pkg-fallout2.3.8
FreeBSD:13:riscv64pkg-fallout2.3.3_3
FreeBSD:14:aarch642.3.8pkg-fallout
FreeBSD:14:amd642.3.8pkg-fallout
FreeBSD:14:armv62.3.8pkg-fallout
FreeBSD:14:armv72.3.8pkg-fallout
FreeBSD:14:i3862.3.8pkg-fallout
FreeBSD:14:mipspkg-falloutpkg-fallout
FreeBSD:14:mips64pkg-falloutpkg-fallout
FreeBSD:14:powerpc642.3.8pkg-fallout
FreeBSD:14:riscv642.3.3_2pkg-fallout
 
Dependencies
NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.
Build dependencies:
  1. gmake>=4.3 : devel/gmake
  2. makeinfo : print/texinfo
  3. pkgconf>=1.3.0_1 : devel/pkgconf
  4. msgfmt : devel/gettext-tools
Runtime dependencies:
  1. pinentry : security/pinentry
  2. indexinfo : print/indexinfo
Library dependencies:
  1. libassuan.so : security/libassuan
  2. libgcrypt.so : security/libgcrypt
  3. libgpg-error.so : security/libgpg-error
  4. libksba.so : security/libksba
  5. libnpth.so : devel/npth
  6. libgnutls.so : security/gnutls
  7. libreadline.so.8 : devel/readline
  8. libsqlite3.so : databases/sqlite3
  9. libintl.so : devel/gettext-runtime
This port is required by:
for Build
  1. devel/subversion
  2. mail/mutt
  3. mail/pine-pgp-filters
  4. mail/sqwebmail
  5. news/inn
  6. news/inn-current
  7. security/clamav-unofficial-sigs
Expand this list (18 items / 11 hidden - sorry, this count includes any deleted ports)
  1. Collapse this list).
  2. security/gcr
  3. security/gpa
  4. security/gpgme
  5. security/libcryptui
  6. security/p5-GnuPG-Interface
  7. security/p5-Module-Signature
  8. security/p5-PGP-Sign
  9. security/seahorse
  10. Collapse this list.

Deleted ports which required this port:

Expand this list of 3 deleted ports
  1. emulators/pipelight*
  2. news/inn-CURRENT*
  3. security/openpgpsdk*
  4. Collapse this list of deleted ports.
for Run
  1. chinese/tin
  2. deskutils/py-paperless
  3. devel/geany-plugin-pg
  4. devel/qca
  5. devel/subversion
  6. emulators/playonbsd
  7. mail/ez-pine-gpg
Expand this list (67 items / 60 hidden - sorry, this count includes any deleted ports)
  1. Collapse this list).
  2. mail/mutt
  3. mail/pine-pgp-filters
  4. mail/sqwebmail
  5. mail/sylpheed
  6. net-im/mastodon
  7. news/inn
  8. news/inn-current
  9. news/tin
  10. security/aespipe
  11. security/clamav-unofficial-sigs
  12. security/git-crypt
  13. security/git-remote-gcrypt
  14. security/git-secret
  15. security/gopass
  16. security/gpa
  17. security/gpg-gui
  18. security/gpg-tui
  19. security/gpgme
  20. security/gtkpasman
  21. security/gvmd
  22. security/kgpg
  23. security/libcryptui
  24. security/monkeysphere
  25. security/p5-GnuPG-Interface
  26. security/p5-Module-Signature
  27. security/p5-PGP-Sign
  28. security/py-muacrypt
  29. security/rubygem-gpgr
  30. security/seahorse
  31. security/signing-party
  32. security/spm
  33. sysutils/debootstrap
  34. sysutils/duplicity
  35. sysutils/password-store
  36. sysutils/zogftw
  37. www/py-woob
  38. Collapse this list.

Deleted ports which required this port:

Expand this list of 24 deleted ports
  1. devel/qca-legacy*
  2. devel/qca-qt5*
  3. emulators/pipelight*
  4. irc/py-gozerbot*
  5. mail/enigmail*
  6. mail/enigmail-seamonkey*
  7. mail/enigmail-thunderbird*
  8. mail/enigmail-thunderbird-esr*
  9. mail/enigmail-thunderbird3*
  10. mail/horde-dimp*
  11. mail/horde-mimp*
  12. mail/horde3-dimp*
  13. mail/horde3-imp*
  14. mail/horde3-mimp*
  15. mail/thunderbird-esr*
  16. misc/kdeutils3*
  17. news/inn-CURRENT*
  18. security/kgpg-kde4*
  19. security/scamp*
  20. security/sguil*
  21. security/sguil-client*
  22. sysutils/duplicity-devel*
  23. sysutils/duplicity07*
  24. www/py-weboob*
  25. Collapse this list of deleted ports.
* - deleted ports are only shown under the This port is required by section. It was harder to do for the Required section. Perhaps later...

Configuration Options:
Options name:
USES:
FreshPorts was unable to extract/find any pkg message
Master Sites:
Expand this list (11 items)
Collapse this list.
  1. ftp://ftp.crysys.hu/pub/gnupg/gnupg/
  2. ftp://ftp.franken.de/pub/crypt/mirror/ftp.gnupg.org/gcrypt/gnupg/
  3. ftp://ftp.freenet.de/pub/ftp.gnupg.org/gcrypt/gnupg/
  4. ftp://ftp.gnupg.org/gcrypt/gnupg/
  5. ftp://mirror.switch.ch/mirror/gnupg/gnupg/
  6. http://mirror.tje.me.uk/pub/mirrors/ftp.gnupg.org/gnupg/
  7. https://artfiles.org/gnupg.org/gnupg/
  8. https://ftp.heanet.ie/mirrors/ftp.gnupg.org/gcrypt/gnupg/
  9. https://gnupg.org/ftp/gcrypt/gnupg/
  10. https://mirrors.dotsrc.org/gcrypt/gnupg/
  11. https://www.mirrorservice.org/sites/ftp.gnupg.org/gcrypt/gnupg/
Collapse this list.
Notes from UPDATING
These upgrade notes are taken from /usr/ports/UPDATING
  • 2018-01-07
    Affects: users of security/gnupg and mail/mutt and mail/neomutt
    Author: adamw@FreeBSD.org
    Reason: 
      The invocation for gpg from mutt/neomutt changed between gnupg-2.0
      (which has expired and is now removed) and gnupg-2.2 (the current
      version in the tree). Unless you're using gpgme, PGP-related
      commands may fail in (neo)mutt.
    
      In all cases, users are strongly urged to use security/gpgme to take
      care of the setup for you. If you prefer to roll your own, the
      following muttrc/neomuttrc entry has been reported to work:
    
      pgp_decrypt_command="gpg2 %?p?--passphrase-fd 0 --pinentry-mode=loopback? --no-verbose --batch --output - %f"
    
      See muttrc(5), neomuttrc(5), mutt.org, and neomutt.org for instructions
      on (neo)mutt's gpg and gpgme instructions.
    
    
Expand this list (1 items)
  • 2017-08-28
    Affects: users of security/gnupg
    Author: adamw@FreeBSD.org
    Reason: 
      security/gnupg has become the new stable version of GnuPG. This is
      an LTS branch. gnupg20 will reach EOL at the end of the year, and all
      gnupg20 users should migrate to gnupg22.
    
      See https://gnupg.org/faq/whats-new-in-2.1.html for important changes.
    
    
  • Collapse this list.
Port Moves
  • port moved here from security/gnupg20 on 2018-01-01
    REASON: Has expired: Will reach EOL upstream on 2017-12-31

  • port moved here from security/gnupg22 on 2017-09-19
    REASON: Removed, security/gnupg is now gnupg22

Number of commits found: 271 (showing only 100 on this page)

1 | 2 | 3  »  

Commit History - (may be incomplete: for full details, see links to repositories near top of page)
CommitCreditsLog message
2.3.8
06 Nov 2022 10:46:51
commit hash:142c06a26e0fb9293c1614890a1bb5fe04072240commit hash:142c06a26e0fb9293c1614890a1bb5fe04072240commit hash:142c06a26e0fb9293c1614890a1bb5fe04072240commit hash:142c06a26e0fb9293c1614890a1bb5fe04072240 files touched by this commit
Daniel Engberg (diizzy) search for other commits by this committer
Author: Herbert J. Skuhra
security/gnupg: Update to 2.3.8

Changelog:
https://lists.gnupg.org/pipermail/gnupg-announce/2022q4/000476.html

Some additional changes to submitted patch:
- Change PORTVERSION to DISTVERSION
- Generate patch using "make makepatch"
- Remove obsolete configure switch

PR:		267152
Reviewed by:	adridg (maintainer)
Tested by:	Dennis Clarke <dclarke@blastwave.org>
07 Sep 2022 21:58:51
commit hash:fb16dfecae4a6efac9f3a78e0b759fb7a3c53de4commit hash:fb16dfecae4a6efac9f3a78e0b759fb7a3c53de4commit hash:fb16dfecae4a6efac9f3a78e0b759fb7a3c53de4commit hash:fb16dfecae4a6efac9f3a78e0b759fb7a3c53de4 files touched by this commit
Stefan Eßer (se) search for other commits by this committer
Remove WWW entries moved into port Makefiles

Commit b7f05445c00f has added WWW entries to port Makefiles based on
WWW: lines in pkg-descr files.

This commit removes the WWW: lines of moved-over URLs from these
pkg-descr files.

Approved by:		portmgr (tcberner)
2.3.3_3
07 Sep 2022 21:10:59
commit hash:b7f05445c00f2625aa19b4154ebcbce5ed2daa52commit hash:b7f05445c00f2625aa19b4154ebcbce5ed2daa52commit hash:b7f05445c00f2625aa19b4154ebcbce5ed2daa52commit hash:b7f05445c00f2625aa19b4154ebcbce5ed2daa52 files touched by this commit
Stefan Eßer (se) search for other commits by this committer
Add WWW entries to port Makefiles

It has been common practice to have one or more URLs at the end of the
ports' pkg-descr files, one per line and prefixed with "WWW:". These
URLs should point at a project website or other relevant resources.

Access to these URLs required processing of the pkg-descr files, and
they have often become stale over time. If more than one such URL was
present in a pkg-descr file, only the first one was tarnsfered into
the port INDEX, but for many ports only the last line did contain the
port specific URL to further information.

There have been several proposals to make a project URL available as
a macro in the ports' Makefiles, over time.
(Only the first 15 lines of the commit message are shown above View all of this commit message)
2.3.3_3
28 Mar 2022 19:17:34
commit hash:6936b345a23fbb37e0986912c25c514a5713eaaecommit hash:6936b345a23fbb37e0986912c25c514a5713eaaecommit hash:6936b345a23fbb37e0986912c25c514a5713eaaecommit hash:6936b345a23fbb37e0986912c25c514a5713eaae files touched by this commit
Adriaan de Groot (adridg) search for other commits by this committer
security/gnupg: remove unnecessary pkg-message

There were installation instructions that dated from ~2017
which are no longer relevant after a fix was applied upstream.
An IPv4 host connecting to a dual-stack hks server now gets a meaningful
errno and retries the connection (as IPv4 only).

Reported by:	Pau Amma
PR:		262881
2.3.3_2
10 Jan 2022 15:15:39
commit hash:bcaf25a8c8046b094f6b5ab5bc258333bc326ee1commit hash:bcaf25a8c8046b094f6b5ab5bc258333bc326ee1commit hash:bcaf25a8c8046b094f6b5ab5bc258333bc326ee1commit hash:bcaf25a8c8046b094f6b5ab5bc258333bc326ee1 files touched by this commit
Stefan Eßer (se) search for other commits by this committer
Fix CONFLICTS entries of multiple ports

There have been lots of missing CONFLICTS_INSTALL entries, either
because conflicting ports were added without updating existing ports,
due to name changes of generated packages, due to mis-understanding
the format and semantics of the conflicts entries, or just due to
typoes in package names.

This patch is the result of a comparison of all files contained in
the official packages with each other. This comparison was based on
packages built with default options and may therefore have missed
further conflicts with optionally installed files.

Where possible, version numbers in conflicts entries have been
generalized, some times taking advantage of the fact that a port
(Only the first 15 lines of the commit message are shown above View all of this commit message)
2.3.3_2
22 Nov 2021 09:18:08
commit hash:7f3f8384a66c5e1d9c020e125808f153845807adcommit hash:7f3f8384a66c5e1d9c020e125808f153845807adcommit hash:7f3f8384a66c5e1d9c020e125808f153845807adcommit hash:7f3f8384a66c5e1d9c020e125808f153845807ad files touched by this commit
Adriaan de Groot (adridg) search for other commits by this committer
security/gnupg: fix table / enum mismatch

PR259775 reports that (auto)configuration behaves weirdly.
This is caused by a mismatch between an enum in the code
and a table that expects to match the enum values. When
BUILD_WITH_TPM2D is off (the default; I have not looked if
it can even be turned on in ports) one table entry is

Patch also submitted upstream.

PR:		259775
Reported by:	O. Hartmann
MFH:		2021Q3
2.3.3_1
18 Nov 2021 01:01:30
commit hash:6f8cfad0ec9539677bf32877047b7a137a89fad6commit hash:6f8cfad0ec9539677bf32877047b7a137a89fad6commit hash:6f8cfad0ec9539677bf32877047b7a137a89fad6commit hash:6f8cfad0ec9539677bf32877047b7a137a89fad6 files touched by this commit
Adam Weinberger (adamw) search for other commits by this committer
security/gnupg{,1}: Transfer maintainership to adridg
2.3.3_1
02 Nov 2021 11:22:07
commit hash:7b6ca19a8048d71d57b04f2f01962a90f90f67c9commit hash:7b6ca19a8048d71d57b04f2f01962a90f90f67c9commit hash:7b6ca19a8048d71d57b04f2f01962a90f90f67c9commit hash:7b6ca19a8048d71d57b04f2f01962a90f90f67c9 files touched by this commit
Adam Weinberger (adamw) search for other commits by this committer
Author: FiLiS
sysutils/gnupg: Fix running without procfs
2.3.3
29 Oct 2021 09:50:18
commit hash:819f25b36d45b8ac5593ec8e6f470d9ad454b08acommit hash:819f25b36d45b8ac5593ec8e6f470d9ad454b08acommit hash:819f25b36d45b8ac5593ec8e6f470d9ad454b08acommit hash:819f25b36d45b8ac5593ec8e6f470d9ad454b08a files touched by this commit
Stefan Eßer (se) search for other commits by this committer
*/*: Remove redundant '-[0-9]*' from CONFLICTS

The conflict checks compare the patterns first against the package
names without version (as reported by "pkg query "%n"), then - if
there was no match - agsinst the full package names including the
version (as reported by "pkg query "%n-%v").

Many CONFLICTS definitions used patterns like "bash-[0-9]*" to filter
for the bash package in any version. But that pattern is functionally
identical with just "bash".

Approved by:	portmgr (blanket)
2.3.3
13 Oct 2021 14:55:40
commit hash:b57a65540fdf5e618b006621f2ab6b946ddfe62ccommit hash:b57a65540fdf5e618b006621f2ab6b946ddfe62ccommit hash:b57a65540fdf5e618b006621f2ab6b946ddfe62ccommit hash:b57a65540fdf5e618b006621f2ab6b946ddfe62c files touched by this commit
Adam Weinberger (adamw) search for other commits by this committer
security/gnupg: Update to 2.3.3

Changes:
 * agent: Fix segv in GET_PASSPHRASE (regression).  [#5577]

  * dirmngr: Fix Let's Encrypt certificate chain validation.  [#5639]

  * gpg: Change default and maximum AEAD chunk size to 4 MiB.
    [ad3dabc9fb]

  * gpg: Print a warning when importing a bad cv25519 secret key.
    [#5464]

  * gpg: Fix --list-packets for undecryptable AEAD packets.  [#5584]
(Only the first 15 lines of the commit message are shown above View all of this commit message)
2.3.2
24 Aug 2021 18:34:35
commit hash:c12c1702536793c438e1835b4b56c9b1751fe49ecommit hash:c12c1702536793c438e1835b4b56c9b1751fe49ecommit hash:c12c1702536793c438e1835b4b56c9b1751fe49ecommit hash:c12c1702536793c438e1835b4b56c9b1751fe49e files touched by this commit
Adam Weinberger (adamw) search for other commits by this committer
security/gnupg: Update to 2.3.2

Changes:
  * gpg: Allow fingerprint based lookup with --locate-external-key.
    [ec36eca08c]

  * gpg: Allow decryption w/o public key but with correct card
    inserted.  [50293ec2eb]

  * gpg: Auto import keys specified with --trusted-keys.  [100037ac0f]

  * gpg: Do not use import-clean for LDAP keyserver imports.  [#5387]

  * gpg: Fix mailbox based search via AKL keyserver method.  [4fcfac6feb]
(Only the first 15 lines of the commit message are shown above View all of this commit message)
2.3.1
20 Apr 2021 14:15:41
commit hash:c260503847e4bc82132a2632f9cf2d23547d8124commit hash:c260503847e4bc82132a2632f9cf2d23547d8124commit hash:c260503847e4bc82132a2632f9cf2d23547d8124commit hash:c260503847e4bc82132a2632f9cf2d23547d8124 files touched by this commit
Adam Weinberger (adamw) search for other commits by this committer
security/gnupg: Update to 2.3.1
2.3.0
08 Apr 2021 18:45:33
commit hash:433d2e2d0cc31894e2660f4faf87b4cfcd59c08bcommit hash:433d2e2d0cc31894e2660f4faf87b4cfcd59c08bcommit hash:433d2e2d0cc31894e2660f4faf87b4cfcd59c08bcommit hash:433d2e2d0cc31894e2660f4faf87b4cfcd59c08b files touched by this commit
Adam Weinberger (adamw) search for other commits by this committer
security/gnupg: Update to 2.3.0

Changes:
  * A new experimental key database daemon is provided.  To enable it
    put "use-keyboxd" into gpg.conf and gpgsm.conf.  Keys are stored
    in a SQLite database and make key lookup much faster.

  * New tool gpg-card as a flexible frontend for all types of
    supported smartcards.

  * New option --chuid for gpg, gpgsm, gpgconf, gpg-card, and
    gpg-connect-agent.

  * The gpg-wks-client tool is now installed under bin; a wrapper for
    its old location at libexec is also installed.
(Only the first 15 lines of the commit message are shown above View all of this commit message)
2.2.27
07 Apr 2021 08:09:01
commit hash:cf118ccf875508b9a1c570044c93cfcc82bd455ccommit hash:cf118ccf875508b9a1c570044c93cfcc82bd455ccommit hash:cf118ccf875508b9a1c570044c93cfcc82bd455ccommit hash:cf118ccf875508b9a1c570044c93cfcc82bd455c files touched by this commit
Mathieu Arnold (mat) search for other commits by this committer
One more small cleanup, forgotten yesterday.
Reported by:	lwhsu
2.2.27
06 Apr 2021 14:31:07
commit hash:305f148f482daf30dcf728039d03d019f88344ebcommit hash:305f148f482daf30dcf728039d03d019f88344ebcommit hash:305f148f482daf30dcf728039d03d019f88344ebcommit hash:305f148f482daf30dcf728039d03d019f88344eb files touched by this commit
Mathieu Arnold (mat) search for other commits by this committer
Remove # $FreeBSD$ from Makefiles.
2.2.27
12 Jan 2021 04:50:55
Revision:561299Original commit files touched by this commit
adamw search for other commits by this committer
security/gnupg: Update to 2.2.27

 * gpg: Fix regression in 2.2.24 for gnupg_remove function under
   Windows.  [#5230]

 * gpgconf: Fix case with neither local nor global gpg.conf.  [9f37d3e6f3]

 * gpgconf: Fix description of two new options.  [#5221]

 * Build Windows installer without timestamps.  Note that the
   Authenticode signatures still carry a timestamp.

  Release-info: https://dev.gnupg.org/T5234
2.2.26
22 Dec 2020 09:14:53
Revision:558894Original commit files touched by this commit
adamw search for other commits by this committer
security/gnupg: Update to 2.2.26

Note that this release removes bin/symcryptrun which had essentially no
expected current use-case.

 * gpg: New AKL method "ntds".
 * gpg: Fix --trusted-key with fingerprint arg.
 * scd: Fix writing of ECC keys to an OpenPGP card.  [#5163]
 * scd: Make an USB error fix specific to SPR532 readers.  [#5167]
 * dirmngr: With new LDAP keyservers store the new attributes.  Never
   store the useless pgpSignerID.  Fix a long standing bug storing
   some keys on an ldap server.
 * dirmngr: Support the new Active Direcory LDAP schema for
   keyservers.
 * dirmngr: Allow LDAP OpenPGP searches via fingerprint.
 * dirmngr: Do not block other threads during keyserver LDAP calls.
 * Support global configuration files.  [#4788]
 * Fix the iconv fallback handling to UTF-8.  [#5038]
 Release-info: https://dev.gnupg.org/T5153
2.2.25
24 Nov 2020 15:55:01
Revision:556165Original commit files touched by this commit
adamw search for other commits by this committer
security/gnupg: Update to 2.2.25

  * scd: Fix regression in 2.2.24 requiring gpg --card-status before
    signing or decrypting.  [#5065]

  * gpgsm: Using Libksba 1.5.0 signatures with a rarely used
    combination of attributes can now be verified.  [#5146]

  Release-info: https://dev.gnupg.org/T5140
2.2.24
17 Nov 2020 14:12:11
Revision:555559Original commit files touched by this commit
adamw search for other commits by this committer
security/gnupg: Update to 2.2.24

  * Allow Unicode file names on Windows almost everywhere.  Note that
    it is still not possible to use Unicode strings on the command
    line.  This change also fixes a regression in 2.2.22 related to
    non-ascii file names.  [#5098]

  * Fix localized time printing on Windows.  [#5073]

  * gpg: New command --quick-revoke-sig.  [#5093]

  * gpg: Do not use weak digest algos if selected by recipient
    preference during sign+encrypt.  [4c181d51a6]

  * gpg: Switch to AES256 for symmetric encryption in de-vs mode.
(Only the first 15 lines of the commit message are shown above View all of this commit message)
2.2.23
04 Sep 2020 02:12:39
Revision:547499Original commit files touched by this commit
adamw search for other commits by this committer
security/gnupg: Update to 2.2.23

Importing an OpenPGP key having a preference list for AEAD algorithms
will lead to an array overflow and thus often to a crash or other
undefined behaviour.

Importing an arbitrary key can often easily be triggered by an attacker
and thus triggering this bug.  Exploiting the bug aside from crashes is
not trivial but likely possible for a dedicated attacker.  The major
hurdle for an attacker is that only every second byte is under their
control with every first byte having a fixed value of 0x04.

Software distribution verification should not be affected by this bug
because such a system uses a curated list of keys.

MFH:		2020Q3
Security:	CVE-2020-25125
2.2.22
27 Aug 2020 19:58:01
Revision:546681Original commit files touched by this commit This port version is marked as vulnerable.
adamw search for other commits by this committer
security/gnupg: Update to 2.2.22

Also, sort plist. The new gpgsplit binary is getting installed as
gpgsplit2 to avoid a conflict with security/gnupg1.

Noteworthy changes in version 2.2.22
====================================

  * gpg: Change the default key algorithm to rsa3072.

  * gpg: Add regular expression support for Trust Signatures on all
    platforms.  [#4843]

  * gpg: Fix regression in 2.2.21 with non-default --passphrase-repeat
    option.  [#4991]
(Only the first 15 lines of the commit message are shown above View all of this commit message)
2.2.21
15 Jul 2020 07:28:28
Revision:542249Original commit files touched by this commit This port version is marked as vulnerable.
adamw search for other commits by this committer
Unmute some build commands
2.2.21
09 Jul 2020 13:27:13
Revision:541749Original commit files touched by this commit This port version is marked as vulnerable.
adamw search for other commits by this committer
gnupg: Update to 2.2.21

 * gpg: Improve symmetric decryption speed by about 25%.
   See commit 144b95cc9d.

 * gpg: Support decryption of AEAD encrypted data packets.

 * gpg: Add option --no-include-key-block. [#4856]

 * gpg: Allow for extra padding in ECDH.  [#4908]

 * gpg: Only a single pinentry is shown for symmetric encryption if
   the pinentry supports this.  [#4971]

 * gpg: Print a note if no keys are given to --delete-key.  [#4959]
(Only the first 15 lines of the commit message are shown above View all of this commit message)
2.2.20
20 Mar 2020 18:51:34
Revision:528793Original commit files touched by this commit
adamw search for other commits by this committer
gnupg: Update to 2.2.20

Noteworthy changes in version 2.2.20
====================================

  * Protect the error counter against overflow to guarantee that the
    tools can't be tricked into returning success after an error.

  * gpg: Make really sure that --verify-files always returns an error.

  * gpg: Fix key listing --with-secret if a pattern is given.  [#4061]

  * gpg: Fix detection of certain keys used as default-key.  [#4810]

  * gpg: Fix default-key selection when a card is available.  [#4850]
(Only the first 15 lines of the commit message are shown above View all of this commit message)
2.2.19
07 Dec 2019 17:14:29
Revision:519219Original commit files touched by this commit
adamw search for other commits by this committer
gnupg: Update to 2.2.19

  * gpg: Fix double free when decrypting for hidden recipients.
    Regression in 2.2.18.  [#4762].

  * gpg: Use auto-key-locate for encryption even for mail addressed
    given with angle brackets.  [#4726]

  * gpgsm: Add special case for certain expired intermediate
    certificates.  [#4696]

  Release-info: https://dev.gnupg.org/T4768
2.2.18
26 Nov 2019 03:21:46
Revision:518443Original commit files touched by this commit
adamw search for other commits by this committer
gnupg: Update to 2.2.18

  * gpg: Changed the way keys are detected on a smartcards; this
    allows the use of non-OpenPGP cards.  In the case of a not very
    likely regression the new option --use-only-openpgp-card is
    available.  [#4681]

  * gpg: The commands --full-gen-key and --quick-gen-key now allow
    direct key generation from supported cards.  [#4681]

  * gpg: Prepare against chosen-prefix SHA-1 collisions in key
    signatures.  This change removes all SHA-1 based key signature
    newer than 2019-01-19 from the web-of-trust.  Note that this
    includes all key signature created with dsa1024 keys.  The new
    option --allow-weak-key-signatues can be used to override the new
(Only the first 15 lines of the commit message are shown above View all of this commit message)
2.2.17_4
25 Nov 2019 23:49:31
Revision:518435Original commit files touched by this commit
asomers search for other commits by this committer
security/gnupg: add the --shared-access option to scdaemon

gnupg's scdaemon opens smart cards in exclusive mode, which prevents other
applications (such as PKCS#11 libraries) from concurrently accessing the
card). Upstream refuses to fix the problem. This commit adds a
--shared-access option to scdaemon. When enabled, scdaemon will access the
smart card in shared mode, playing nicely with other applications. The
default behavior is unchanged.

See Also:
https://github.com/GPGTools/MacGPG2/commit/d6cb8039a0cdc74b9bdd89a3dfa93248aa2c4100
https://dev.gnupg.org/T3267
https://dev.gnupg.org/D320
https://github.com/OpenSC/OpenSC/issues/953

Reviewed by:	adamw
Approved by:	adamw (maintainer)
Obtained-from:	GPGTools
Sponsored by:	Axcient
Differential Revision:	https://reviews.freebsd.org/D22473
2.2.17_3
22 Nov 2019 03:46:56
Revision:518122Original commit files touched by this commit
adamw search for other commits by this committer
gnupg: Fix building on 11.3

Submitted by:	asomers
Differential Revision:	https://reviews.freebsd.org/D22492
2.2.17_3
21 Nov 2019 09:32:32
Revision:518086Original commit files touched by this commit
gahr search for other commits by this committer
security/gnupg: fix build, texinfo is required for man pages too
2.2.17_3
21 Nov 2019 01:49:27
Revision:518074Original commit files touched by this commit
asomers search for other commits by this committer
security/gnupg: rebuild man pages on every build

gnupg ships its man pages as texinfo files, precompiled into info files.
This change causes make to rebuild them every time.  There are two reasons:

* Rebuilding them automatically corrects several Linuxisms in paths (e.g.
  /etc => /usr/local/etc).

* Rebuilding them is a neccessary precondition for making any local changes
  that will affect the content of the man pages, which I intend to do in a
  future commit.

Reviewed by:	adamw
Approved by:	adamw (maintainer)
Sponsored by:	Axcient
Differential Revision:	https://reviews.freebsd.org/D22471
2.2.17_2
26 Aug 2019 15:06:31
Revision:509954Original commit files touched by this commit
adamw search for other commits by this committer
gnupg: Spell "_DESC" correctly. It was missing 5 characters.
2.2.17_2
26 Aug 2019 15:01:02
Revision:509952Original commit files touched by this commit
adamw search for other commits by this committer
gnupg: Add WKS_SERVER option

Requested by:	koobs
2.2.17_2
26 Aug 2019 14:41:22
Revision:509948Original commit files touched by this commit
adamw search for other commits by this committer
gnupg: enable the WKS server

Cristoph Lukas asked me why the WKS server was disabled, and I have
no idea. It was added r462573, and that commit message and associated
bug report don't list why --disable-wks-tools was added. (Folks,
please use commit messages for writing, you know, messages.)

We've been installing the gpg-wks-server manpage, so this commit
enables the WKS server and installs the binary, and bumps PORTREVISION
for it.

While here, sort the plist.
2.2.17_1
14 Aug 2019 12:16:13
Revision:508909Original commit files touched by this commit
mat search for other commits by this committer
Convert to UCL & cleanup pkg-message (categories s)
2.2.17_1
26 Jul 2019 20:46:57
Revision:507372Original commit files touched by this commit
gerald search for other commits by this committer
Bump PORTREVISION for ports depending on the canonical version of GCC
as defined in Mk/bsd.default-versions.mk which has moved from GCC 8.3
to GCC 9.1 under most circumstances now after revision 507371.

This includes ports
 - with USE_GCC=yes or USE_GCC=any,
 - with USES=fortran,
 - using Mk/bsd.octave.mk which in turn features USES=fortran, and
 - with USES=compiler specifying openmp, nestedfct, c11, c++0x, c++11-lang,
   c++11-lib, c++14-lang, c++17-lang, or gcc-c++11-lib
plus, everything INDEX-11 shows with a dependency on lang/gcc9 now.

PR:		238330
2.2.17
09 Jul 2019 15:54:43
Revision:506281Original commit files touched by this commit
adamw search for other commits by this committer
gnupg: Update to 2.2.17, with security fixes

 * gpg: Ignore all key-signatures received from keyservers.  This
   change is required to mitigate a DoS due to keys flooded with
   faked key-signatures.  The old behaviour can be achieved by adding
     keyserver-options no-self-sigs-only,no-import-clean
   to your gpg.conf.  [#4607]

 * gpg: If an imported keyblocks is too large to be stored in the
   keybox (pubring.kbx) do not error out but fallback to an import
   using the options "self-sigs-only,import-clean".  [#4591]

 * gpg: New command --locate-external-key which can be used to
   refresh keys from the Web Key Directory or via other methods
   configured with --auto-key-locate.
(Only the first 15 lines of the commit message are shown above View all of this commit message)
2.2.16
29 May 2019 14:43:19
Revision:502962Original commit files touched by this commit This port version is marked as vulnerable.
adamw search for other commits by this committer
Update gnupg to 2.2.16
2.2.15_1
09 Apr 2019 14:04:50
Revision:498476Original commit files touched by this commit This port version is marked as vulnerable.
sunpoet search for other commits by this committer
Update devel/readline to 8.0

- Bump PORTREVISION of dependent ports for shlib change

Changes:	https://tiswww.case.edu/php/chet/readline/CHANGES
PR:		236156
Exp-run by:	antoine
2.2.15
27 Mar 2019 02:18:50
Revision:496934Original commit files touched by this commit This port version is marked as vulnerable.
adamw search for other commits by this committer
Update gnupg to 2.2.15

  * sm: Fix --logger-fd and --status-fd on Windows for non-standard
    file descriptors.

  * sm: Allow decryption even if expired keys are configured.  [#4431]

  * agent: Change command KEYINFO to print ssh fingerprints with other
    hash algos.

  * dirmngr: Fix build problems on Solaris due to the use of reserved
    symbol names.  [#4420]

  * wkd: New commands --print-wkd-hash and --print-wkd-url for
    gpg-wks-client.

  Release-info: https://dev.gnupg.org/T4434
2.2.14
26 Mar 2019 00:05:12
Revision:496862Original commit files touched by this commit This port version is marked as vulnerable.
adamw search for other commits by this committer
Update gnupg to 2.2.14, pet portlint, and remove a redundant readline
dependency.

  * gpg: Allow import of PGP desktop exported secret keys.  Also avoid
   importing secret keys if the secret keyblock is not valid.  [#4392]

  * gpg: Do not error out on version 5 keys in the local keyring.

  * gpg: Make invalid primary key algo obvious in key listings.

  * sm: Do not mark a certificate in a key listing as de-vs compliant
    if its use for a signature will not be possible.

  * sm: Fix certificate creation with key on card.
(Only the first 15 lines of the commit message are shown above View all of this commit message)
2.2.13
13 Feb 2019 02:37:13
Revision:492823Original commit files touched by this commit This port version is marked as vulnerable.
adamw search for other commits by this committer
Update gnupg to 2.2.13

  * gpg: Implement key lookup via keygrip (using the & prefix).

  * gpg: Allow generating Ed25519 key from existing key.

  * gpg: Emit an ERROR status line if no key was found with -k.

  * gpg: Stop early when trying to create a primary Elgamal key.  [#4329]

  * gpgsm: Print the card's key algorithms along with their keygrips
    in interactive key generation.

  * agent: Clear bogus pinentry cache in the error case.  [#4348]

  * scd: Support "acknowledge button" feature.

  * scd: Fix for USB INTERRUPT transfer.  [#4308]

  * wks: Do no use compression for the the encrypted challenge and
    response.

  Release-info: https://dev.gnupg.org/T4290
2.2.12
14 Dec 2018 20:01:43
Revision:487464Original commit files touched by this commit This port version is marked as vulnerable.
adamw search for other commits by this committer
Update gnupg to 2.2.12

 * tools: New commands --install-key and --remove-key for
    gpg-wks-client.  This allows to prepare a Web Key Directory on a
    local file system for later upload to a web server.

  * gpg: New --list-option "show-only-fpr-mbox".  This makes the use
    of the new gpg-wks-client --install-key command easier on Windows.

  * gpg: Improve processing speed when --skip-verify is used.

  * gpg: Fix a bug where a LF was accidentally written to the console.

  * gpg: --card-status now shwos whether a card has the new KDF
    feature enabled.
(Only the first 15 lines of the commit message are shown above View all of this commit message)
2.2.11_2
12 Dec 2018 01:35:36
Revision:487272Original commit files touched by this commit This port version is marked as vulnerable.
gerald search for other commits by this committer
Bump PORTREVISION for ports depending on the canonical version of GCC
defined via Mk/bsd.default-versions.mk which has moved from GCC 7.4 t
GCC 8.2 under most circumstances.

This includes ports
 - with USE_GCC=yes or USE_GCC=any,
 - with USES=fortran,
 - using Mk/bsd.octave.mk which in turn features USES=fortran, and
 - with USES=compiler specifying openmp, nestedfct, c11, c++0x, c++11-lang,
   c++11-lib, c++14-lang, c++17-lang, or gcc-c++11-lib
plus, as a double check, everything INDEX-11 showed depending on lang/gcc7.

PR:		231590
2.2.11_1
10 Nov 2018 18:12:58
Revision:484628Original commit files touched by this commit This port version is marked as vulnerable.
bapt search for other commits by this committer
Install texinfo files (GNU info) into ${PREFIX}/share/info

After a discussion on the mailing list on moving manpages to
${PREFIX}/share/man for consistency with base where it is
installed in usr/share/man, it appeared the same should happen
to GNU info files which were installed under share in base and
not in ports.

Now texinfo is not in base on any of the supported version of FreeBSD
it is possible to proceed to this move and it is easier to do than
the manpage change.

Other benefit than consistency are less patching: all build tools but
cmake are expecting info files to be under share/info and cmake (patched here)
was having an exception for BSD so the patch makes FreeBSD case less
specific for them

Bump revision of all impacted ports

PR:		232907
exp-run by:	antoine
Differential Revision:	https://reviews.freebsd.org/D17816
2.2.11
07 Nov 2018 04:30:19
Revision:484383Original commit files touched by this commit This port version is marked as vulnerable.
adamw search for other commits by this committer
Update gnupg to 2.2.11

  * gpgsm: Fix CRL loading when intermediate certicates are not yet
    trusted.

  * gpgsm: Fix an error message about the digest algo.  [#4219]

  * gpg: Fix a wrong warning due to new sign usage check introduced
    with 2.2.9.  [#4014]

  * gpg: Print the "data source" even for an unsuccessful keyserver
    query.

  * gpg: Do not store the TOFU trust model in the trustdb.  This
    allows to enable or disable a TOFO model without triggering a
(Only the first 15 lines of the commit message are shown above View all of this commit message)
2.2.10_1
08 Sep 2018 00:05:02
Revision:479210Original commit files touched by this commit This port version is marked as vulnerable.
jrm search for other commits by this committer
security/gnupg: Add pkg-message about potential connectivity issues

GnuPG, when run on hosts without IPv6 connectivity, may fail to connect to
dual-stack hkp servers [1].  Describe a workaround in pkg-message.

[1] https://dev.gnupg.org/rGecfc4db3a2f8bc2652ba4ac4de5ca1cd13bfcbec

Approved by:	adamw (maintainer)
Differential Revision:	https://reviews.freebsd.org/D17071
2.2.10
30 Aug 2018 14:52:30
Revision:478465Original commit files touched by this commit This port version is marked as vulnerable.
adamw search for other commits by this committer
gnupg: Fix spelling of SUID_GPG
2.2.10
30 Aug 2018 14:45:56
Revision:478464Original commit files touched by this commit This port version is marked as vulnerable.
adamw search for other commits by this committer
Update gnupg to 2.2.10 and add LARGE_RSA option

The LARGE_RSA option [1] enables 8192-bit keys, though GnuPG's lead
author does not recommend using it routinely.

Also, sort OPTIONS, and move an explanation of the SUID option from
the Makefile into pkg-help, where it belongs.

Major changes:
  gpg: Refresh expired keys originating from the WKD.
  gpg: Use a 256 KiB limit for a WKD imported key.
  gpg: New option --known-notation.
  scd: Add support for the Trustica Cryptoucan reader.
  agent: Speed up starting during on-demand launching.
  dirmngr: Validate SRV records in WKD queries.
  Release-info: https://dev.gnupg.org/T4112

PR:		230610 [1]
Submitted by:	Dmitri Goutnik
Reported by:	p5B2E9A8F t online de
2.2.9_1
29 Jul 2018 22:18:46
Revision:475857Original commit files touched by this commit This port version is marked as vulnerable.
gerald search for other commits by this committer
Bump PORTREVISION for ports depending on the canonical version of GCC
in the ports tree (via Mk/bsd.default-versions.mk and lang/gcc) which
has now moved from GCC 6 to GCC 7 by default.

This includes ports
 - featuring USE_GCC=yes or USE_GCC=any,
 - featuring USES=fortran,
 - using Mk/bsd.octave.mk which in turn features USES=fortran, and those
 - with USES=compiler specifying one of openmp, nestedfct, c11, c++0x,
   c++11-lib, c++11-lang, c++14-lang, c++17-lang, or gcc-c++11-lib.

PR:		222542
2.2.9
12 Jul 2018 17:34:13
Revision:474528Original commit files touched by this commit This port version is marked as vulnerable.
adamw search for other commits by this committer
Update gnupg to 2.2.9

  * dirmngr: Fix recursive resolver mode and other bugs in the libdns
    code.  [#3374,#3803,#3610]

  * dirmngr: When using libgpg-error 1.32 or later a GnuPG build with
    NTBTLS support (e.g. the standard Windows installer) does not
    anymore block for dozens of seconds before returning data.  If you
    still have problems on Windows, please consider to use one of the
    options disable-ipv4 or disable-ipv6.

  * gpg: Fix bug in --show-keys which actually imported revocation
    certificates.  [#4017]

  * gpg: Ignore too long user-ID and comment packets.  [#4022]
(Only the first 15 lines of the commit message are shown above View all of this commit message)
2.2.8
08 Jun 2018 14:18:20
Revision:472003Original commit files touched by this commit This port version is marked as vulnerable.
adamw search for other commits by this committer
Update gnupg to 2.2.8 (security release)

CVE-2018-12020:
The OpenPGP protocol allows to include the file name of the original
input file into a signed or encrypted message.  During decryption and
verification the GPG tool can display a notice with that file name.  The
displayed file name is not sanitized and as such may include line feeds
or other control characters.  This can be used inject terminal control
sequences into the out and, worse, to fake the so-called status
messages.  These status messages are parsed by programs to get
information from gpg about the validity of a signature and an other
parameters.  Status messages are created with the option "--status-fd N"
where N is a file descriptor.  Now if N is 2 the status messages and the
regular diagnostic messages share the stderr output channel.  By using a
made up file name in the message it is possible to fake status messages.
(Only the first 15 lines of the commit message are shown above View all of this commit message)
2.2.7
04 May 2018 12:31:32
Revision:469025Original commit files touched by this commit This port version is marked as vulnerable.
adamw search for other commits by this committer
Update gnupg to 2.2.7

Also, remove unnecessary USE_LDCONFIG.

  * gpg: New option --no-symkey-cache to disable the passphrase cache
    for symmetrical en- and decryption.

  * gpg: The ERRSIG status now prints the fingerprint if that is part
    of the signature.

  * gpg: Relax emitting of FAILURE status lines

  * gpg: Add a status flag to "sig" lines printed with --list-sigs.

  * gpg: Fix "Too many open files" when using --multifile.  [#3951]
(Only the first 15 lines of the commit message are shown above View all of this commit message)
2.2.6
11 Apr 2018 00:56:56
Revision:467022Original commit files touched by this commit This port version is marked as vulnerable.
adamw search for other commits by this committer
Update gnupg to 2.2.6

  * gpg,gpgsm: New option --request-origin to pretend requests coming
    from a browser or a remote site.

  * gpg: Fix race condition on trustdb.gpg updates due to too early
    released lock.  [#3839]

  * gpg: Emit FAILURE status lines in almost all cases.  [#3872]

  * gpg: Implement --dry-run for --passwd to make checking a key's
    passphrase straightforward.

  * gpg: Make sure to only accept a certification capable key for key
    signatures.  [#3844]
(Only the first 15 lines of the commit message are shown above View all of this commit message)
2.2.5
23 Feb 2018 14:24:18
Revision:462700Original commit files touched by this commit This port version is marked as vulnerable.
adamw search for other commits by this committer
Update gnupg to 2.2.5

Changes: https://lists.gnupg.org/pipermail/gnupg-announce/2018q1/000420.html
2.2.4
21 Dec 2017 01:16:14
Revision:456878Original commit files touched by this commit This port version is marked as vulnerable.
adamw search for other commits by this committer
Update gnupg to 2.2.4. Bump the libassuan requirement to 2.5.1.

  * gpg: Change default preferences to prefer SHA512.

  * gpg: Print a warning when more than 150 MiB are encrypted using a
    cipher with 64 bit block size.

  * gpg: Print a warning if the MDC feature has not been used for a
    message.

  * gpg: Fix regular expression of domain addresses in trust
    signatures. [#2923]

  * agent: New option --auto-expand-secmem to help with high numbers
    of concurrent connections.  Requires libgcrypt 1.8.2 for having
(Only the first 15 lines of the commit message are shown above View all of this commit message)
2.2.3
22 Nov 2017 02:04:36
Revision:454661Original commit files touched by this commit This port version is marked as vulnerable.
adamw search for other commits by this committer
Update to 2.2.3

 * gpgsm: Fix initial keybox creation on Windows. [#3507]

 * dirmngr: Fix crash in case of a CRL loading error. [#3510]

 * Fix the name of the Windows registry key. [Git#4f5afaf1fd]

 * gpgtar: Fix wrong behaviour of --set-filename. [#3500]

 * gpg: Silence AKL retrieval messages. [#3504]

 * agent: Use clock or clock_gettime for calibration. [#3056]

 * agent: Improve robustness of the shutdown pending
   state. [Git#7ffedfab89]
2.2.2
09 Nov 2017 17:03:22
Revision:453850Original commit files touched by this commit This port version is marked as vulnerable.
adamw search for other commits by this committer
Update to 2.2.2

Also, improve COMMENT, which conflicted with the pkg-descr.

 * gpg: Avoid duplicate key imports by concurrently running gpg
   processes. [#3446]

 * gpg: Fix creating on-disk subkey with on-card primary key. [#3280]

 * gpg: Fix validity retrieval for multiple keyrings. [Debian#878812]

 * gpg: Fix --dry-run and import option show-only for secret keys.

 * gpg: Print "sec" or "sbb" for secret keys with import option
   import-show. [#3431]
(Only the first 15 lines of the commit message are shown above View all of this commit message)
2.2.1
19 Sep 2017 18:31:49
Revision:450153Original commit files touched by this commit This port version is marked as vulnerable.
adamw search for other commits by this committer
Update gnupg to 2.2.1, and remove the security/gnupg22 port

I misjudged the timeline for 2.3, and had not processed that the
intent of 2.3 is different from 2.1. Rather than 2.3 being a "modern"
branch and 2.2 being purely "stable," 2.3 will be development and
users are encouraged to remain on 2.2. Furthermore, upstream doesn't
expent a 2.3 release for a year or so.

Accordingly, I'm removing the gnupg22 port and updating security/gnupg
to be 2.2. gnugp20 is still scheduled for deletion at the end of the
year.
2.1.23_1
10 Sep 2017 20:55:39
Revision:449591Original commit files touched by this commit This port version is marked as vulnerable.
gerald search for other commits by this committer
Bump PORTREVISION for ports depending on the canonical version of GCC
(via Mk/bsd.default-versions.mk and lang/gcc) which has moved from
GCC 5.4 to GCC 6.4 under most circumstances.

This includes ports
 - with USE_GCC=yes or USE_GCC=any,
 - with USES=fortran,
 - using Mk/bsd.octave.mk which in turn features USES=fortran, and
 - with USES=compiler specifying openmp, nestedfct, c++11-lib, c++11-lang,
   c++14-lang, c++0x, c11, or gcc-c++11-lib.

PR:		219275
2.1.23
28 Aug 2017 13:02:24
Revision:448867Original commit files touched by this commit This port version is marked as vulnerable.
adamw search for other commits by this committer
Add gnupg22 port. GnuPG 2.2 is the new LTS stable version. gnupg20 is
now marked for deprecation at the end of the year (when upstream support
for it will end). Users of gnupg20 should migrate to gnupg22.

The gnupg port is remaining at 2.1.x for now, as it's essentially the
same thing as 2.2.0. It will become 2.3 soon-ish.
2.1.23
10 Aug 2017 01:31:49
Revision:447661Original commit files touched by this commit This port version is marked as vulnerable.
adamw search for other commits by this committer
Update to 2.1.23, and use the correct TEST_TARGET.


 * gpg: Options --auto-key-retrieve and --auto-key-locate "local,wkd"
   are now used by default.  Note: this enables keyserver and Web Key
   Directory operators to notice when a signature from a locally
   non-available key is being verified for the first time or when
   you intend to encrypt to a mail address without having the key
   locally.  This new behaviour will eventually make key discovery
   much easier and mostly automatic.  Disable this by adding
     no-auto-key-retrieve
     auto-key-locate local
   to your gpg.conf.

 * agent: Option --no-grab is now the default.  The new option --grab
(Only the first 15 lines of the commit message are shown above View all of this commit message)
2.1.22
05 Aug 2017 17:32:01
Revision:447409Original commit files touched by this commit This port version is marked as vulnerable.
adamw search for other commits by this committer
Update to 2.1.22.

Noteworthy changes in version 2.1.22
====================================

 * gpg: Extend command --quick-set-expire to allow for setting the
   expiration time of subkeys.

 * gpg: By default try to repair keys during import.  New sub-option
   no-repair-keys for --import-options.

 * gpg,gpgsm: Improved checking and reporting of DE-VS compliance.

 * gpg: New options --key-origin and --with-key-origin.  Store the
   time of the last key update from keyservers, WKD, or DANE.
(Only the first 15 lines of the commit message are shown above View all of this commit message)
2.1.21_2
27 Jun 2017 13:46:53
Revision:444463Original commit files touched by this commit This port version is marked as vulnerable.
sunpoet search for other commits by this committer
Update devel/readline to 7.0 patch 3

- Bump PORTREVISION for shlib change

Changes:	https://cnswww.cns.cwru.edu/php/chet/readline/CHANGES
		https://lists.gnu.org/archive/html/bug-bash/2016-09/msg00107.html
		https://lists.gnu.org/archive/html/bug-readline/2017-01/msg00002.html
Differential Revision:	https://reviews.freebsd.org/D11172
PR:		219947
Exp-run by:	antoine
2.1.21_1
19 May 2017 17:05:57
Revision:441252Original commit files touched by this commit This port version is marked as vulnerable.
adamw search for other commits by this committer
Ignore errors about missing smartcard daemon.

It's an OPTION on FreeBSD, but 2.1.21 treated missing scdaemon as an
error.

PR:		219400
Submitted by:	Philip Jocks
Obtained from:	https://dev.gnupg.org/rGa8dd96826f8484c0ae93c954035b95c2a75c80f2
See also:	https://lists.gnupg.org/pipermail/gnupg-users/2017-May/058233.html
MFH:		2017Q2
2.1.21
15 May 2017 22:24:13
Revision:440980Original commit files touched by this commit This port version is marked as vulnerable.
adamw search for other commits by this committer
Update to 2.1.21, which in particular fixes a keyring corruption bug.


  * gpg,gpgsm: Fix corruption of old style keyring.gpg files.  This
    bug was introduced with version 2.1.20.  Note that the default
    pubring.kbx format was not affected.

  * gpg,dirmngr: Removed the skeleton config file support.  The
    system's standard methods for providing default configuration
    files should be used instead.

  * w32: The Windows installer now allows installion of GnuPG without
    Administrator permissions.

  * gpg: Fixed import filter property match bug.

  * scd: Removed Linux support for Cardman 4040 PCMCIA reader.

  * scd: Fixed some corner case bugs in resume/suspend handling.

  * Many minor bug fixes and code cleanup.

MFH:		2017Q2
2.1.20
03 Apr 2017 20:53:48
Revision:437674Original commit files touched by this commit This port version is marked as vulnerable.
adamw search for other commits by this committer
Update to 2.1.20.

 * gpg: New properties 'expired', 'revoked', and 'disabled' for the
   import and export filters.

 * gpg: New command --quick-set-primary-uid.

 * gpg: New compliance field for the --with-colon key listing.

 * gpg: Changed the key parser to generalize the processing of local
   meta data packets.

 * gpg: Fixed assertion failure in the TOFU trust model.

 * gpg: Fixed exporting of zero length user ID packets.
(Only the first 15 lines of the commit message are shown above View all of this commit message)
2.1.19_1
01 Apr 2017 15:23:32
Revision:437439Original commit files touched by this commit This port version is marked as vulnerable.
gerald search for other commits by this committer
Bump PORTREVISIONs for ports depending on the canonical version of GCC and
lang/gcc which have moved from GCC 4.9.4 to GCC 5.4 (at least under some
circumstances such as versions of FreeBSD or platforms).

This includes ports
 - with USE_GCC=yes or USE_GCC=any,
 - with USES=fortran,
 - using using Mk/bsd.octave.mk which in turn has USES=fortran, and
 - with USES=compiler specifying openmp, nestedfct, c++11-lib, c++14-lang,
   c++11-lang, c++0x, c11, or gcc-c++11-lib.

PR:		216707
2.1.19
03 Mar 2017 03:43:41
Revision:435304Original commit files touched by this commit This port version is marked as vulnerable.
adamw search for other commits by this committer
Update to 2.1.19.

Noteworthy changes in version 2.1.19
====================================

  * gpg: Print a warning if Tor mode is requested but the Tor daemon
    is not running.

  * gpg: New status code DECRYPTION_KEY to print the actual private
    key used for decryption.

  * gpgv: New options --log-file and --debug.

  * gpg-agent: Revamp the prompts to ask for card PINs.
(Only the first 15 lines of the commit message are shown above View all of this commit message)
2.1.18
23 Jan 2017 23:01:39
Revision:432305Original commit files touched by this commit This port version is marked as vulnerable.
adamw search for other commits by this committer
Update to 2.1.18

Noteworthy changes in version 2.1.18
====================================

 * gpg: Remove bogus subkey signature while cleaning a key (with
   export-clean, import-clean, or --edit-key's sub-command clean)

 * gpg: Allow freezing the clock with --faked-system-time.

 * gpg: New --export-option flag "backup", new --import-option flag
   "restore".

 * gpg-agent: Fixed long delay due to a regression in the progress
   callback code.
(Only the first 15 lines of the commit message are shown above View all of this commit message)
2.1.17_1
18 Jan 2017 15:44:29
Revision:431813Original commit files touched by this commit This port version is marked as vulnerable.
adamw search for other commits by this committer
Enable the SCDAEMON option by default.

Requested by:	Dave Horn
2.1.17
14 Jan 2017 23:46:28
Revision:431502Original commit files touched by this commit This port version is marked as vulnerable.
adamw search for other commits by this committer
Update GnuPG to 2.1.17 which resolves the following error that resulted when
attempting to use the --export-ssh-key option.

gpg: Ohhhh jeeee: Assertion "ret_found_key == NULL || ret_keyblock != NULL" in
lookup failed (getkey.c:3677)

The KDNS option is removed with this update because upstream dropped use of
adns in favor of a bundled libdns which is used by default. Also, removed an
obsolete patch.

PR:		216057
Submitted by:	Matthew Rezny
2.1.16_2
10 Jan 2017 15:52:56
Revision:431097Original commit files touched by this commit This port version is marked as vulnerable.
tijl search for other commits by this committer
Use the -f flag when creating the gpg -> gpg2 link because test -e returns
false for dead links and ln should be allowed to replace them.
Simplify removal of the link on uninstall.

Approved by:	adamw (maintainer)
2.1.16_1
10 Jan 2017 02:38:22
Revision:431053Original commit files touched by this commit This port version is marked as vulnerable.
adamw search for other commits by this committer
A little more detail into COMMENT, reflow the pkg-descr, and use pro mode
for the plist.
2.1.16_1
10 Jan 2017 02:06:06
Revision:431046Original commit files touched by this commit This port version is marked as vulnerable.
adamw search for other commits by this committer
Simplify, reformat, and modernize.

The user-facing changes, some of which required a PORTREVISION bump:

* Don't make everybody download the signature file
* Add USES=readline, rather than making assumptions about it being in
  /usr. A side effect of this was that gnupg was being built with
  readline support on 10 but not 11, except when LDAP was enabled which
  brought it in as a side effect
* Don't make manpages dependent upon the DOCS option. As a side effect,
  everybody now gets the info files. Also, put the help files into
  DOCSDIR instead of DATADIR; best as I can tell they aren't being
  called from within gpg
* Reword the pkg-descr to describe what gpg is, rather than making a
  frightening-sounding statement about patents and unrestricted use
* Handle the gpg symlink in the plist, and be a little looser about
  creating it and tighter about removing it
* Remove the pkg-message. The pinentry dependency installs a pinentry
  dialogue already
2.1.16
10 Jan 2017 00:42:50
Revision:431044Original commit files touched by this commit This port version is marked as vulnerable.
adamw search for other commits by this committer
Take maintainership of the rest of the gnupg* ports from kuriyama, who
is slimming his portfolio. He created the gnupg ports over 18 years ago
and he has looked after them this whole time. Deepest thanks to him
for the incredible amount of work and time that's gone into these ports!
2.1.16
20 Nov 2016 13:40:22
Revision:426589Original commit files touched by this commit This port version is marked as vulnerable.
novel search for other commits by this committer
security/gnupg: fix build on 9.x

gnupg fails to build on 9.x with:

  mime-parser.h:53: error: redefinition of typedef 'rfc822parse_t'
  rfc822parse.h:23: error: previous declaration of 'rfc822parse_t' was here

Add compiler:c11 to USES to fix that.

Reported by:	antoine
2.1.16
20 Nov 2016 12:18:36
Revision:426573Original commit files touched by this commit This port version is marked as vulnerable.
novel search for other commits by this committer
security/gnupg: update to 2.1.16

This release fixes an issue that the previous gnupg release (2.1.15)
was incompatible with libgpg-error 1.25 that caused gpg-agent failing
to start.

PR:		214568
Submitted by:	cmt
Tested by:	cmt
Reported by:	many
2.1.15
18 Oct 2016 18:45:34
Revision:424203Original commit files touched by this commit This port version is marked as vulnerable.
cmt search for other commits by this committer
update gnupg to 2.1.15

PR:		212355
Approved by:	rene (mentor)
Approved by:	maintainer timeout
2.1.13
20 Jun 2016 10:49:47
Revision:417149Original commit files touched by this commit This port version is marked as vulnerable.
kuriyama search for other commits by this committer
- Upgrade to 2.1.13 (minor bugfixes).
2.1.12
06 May 2016 15:48:53
Revision:414711Original commit files touched by this commit This port version is marked as vulnerable.
kuriyama search for other commits by this committer
- Upgrade to 2.1.12 (bugfixes).
2.1.11_2
01 Apr 2016 14:25:18
Revision:412349Original commit files touched by this commit This port version is marked as vulnerable.
mat search for other commits by this committer
Remove ${PORTSDIR}/ from dependencies, categories r, s, t, and u.

With hat:	portmgr
Sponsored by:	Absolight
2.1.11_2
27 Mar 2016 14:58:00
Revision:411990Original commit files touched by this commit This port version is marked as vulnerable.
tijl search for other commits by this committer
- Update security/gnutls to 3.4.10.
- Rename the LIBDANE option DANE because that's the name of the protocol
  supported by libgnutls-dane and gnutls-cli.  Also clarify the option
  description.
- Add an IDN option.
- libgnutls-openssl has been removed in 3.4.  Some ports used this library
  in their LIB_DEPENDS but no port actually required it.
- Some old API functions have been removed.  Ports that used these have been
  updated or patched to use the new API.
- Add a patch to print/cups to prevent overlinking of libgnutls.so.
- Bump PORTREVISION on dependent ports.

net-im/jabber: This port used the old API to give users fine grained
control over which crypto algorithms were used via a configuration file.
It's not immediately obvious how to port this to the new API so the port
always uses the defaults now.

www/hydra: Mark BROKEN.  This uses more removed calls than the other ports,
is said to be alpha quality and not fully functional and has been abandoned
10 years ago.

PR:		207768
Exp-run by:	antoine
Approved by:	portmgr (antoine)
2.1.11_1
19 Feb 2016 18:06:14
Revision:409192Original commit files touched by this commit This port version is marked as vulnerable.
gahr search for other commits by this committer
security/gnupg: ldap module needs gcrypt too
2.1.11_1
19 Feb 2016 16:38:36
Revision:409190Original commit files touched by this commit This port version is marked as vulnerable.
gahr search for other commits by this committer
security/gnupg: fix build when NLS is disabled
2.1.11
19 Feb 2016 11:12:54
Revision:409166Original commit files touched by this commit This port version is marked as vulnerable.
rakuco search for other commits by this committer
Regenerate distinfo information for gnupg-2.1.11.tar.bz2.sig.

This fixes `make fetch'.

The actual hash and sizes are different, as mentioned in the associated PR.
I have also checked it manually, and verified the tarball's signature with
`gpg --verify gnupg-2.1.11.tar.bz2.sig gnupg-2.1.11.tar.bz2'.

I don't understand how this happened, but it looks similar to bug 202312.

PR:		207327
Submitted by:	Trond.Endrestol@ximalas.info
2.1.11
19 Feb 2016 06:25:35
Revision:409152Original commit files touched by this commit This port version is marked as vulnerable.
kuriyama search for other commits by this committer
Update to 2.1.11 (minor fixes, with upstream patch).
2.1.8
14 Sep 2015 00:27:45
Revision:396876Original commit files touched by this commit This port version is marked as vulnerable.
kuriyama search for other commits by this committer
- Upgrade to 2.1.8 (minor bugfixes).
2.1.7
17 Aug 2015 01:47:46
Revision:394433Original commit files touched by this commit This port version is marked as vulnerable.
kuriyama search for other commits by this committer
Add more signature (locally verified).

PR:		ports/202312
Submitted by:	igorz@yandex.ru
2.1.7
11 Aug 2015 22:50:18
Revision:393983Original commit files touched by this commit This port version is marked as vulnerable.
kuriyama search for other commits by this committer
- Upgrade to 2.1.7 (minor fixes).
2.1.6
20 Jul 2015 13:01:34
Revision:392566Original commit files touched by this commit This port version is marked as vulnerable.
mat search for other commits by this committer
Fix build WITHOUT=NLS.

Sponsored by:	Absolight
2.1.6
02 Jul 2015 14:10:32
Revision:391147Original commit files touched by this commit This port version is marked as vulnerable.
kuriyama search for other commits by this committer
- Upgrade to 2.1.6 (minor bugfixes).

Announce:	https://lists.gnupg.org/pipermail/gnupg-announce/2015q3/000370.html
2.1.5
13 Jun 2015 07:34:05
Revision:389326Original commit files touched by this commit This port version is marked as vulnerable.
kuriyama search for other commits by this committer
- Upgrade to 2.1.5 (bugfixes, minor enhancements).
2.1.4_1
24 May 2015 12:55:13
Revision:387262Original commit files touched by this commit This port version is marked as vulnerable.
kuriyama search for other commits by this committer
- Update dist signature file.

Old one has "Werner Koch (dist sig)" only (287 bytes).  New one adds
"NIIBE Yutaka (GnuPG Release Key) <gniibe@fsij.org>" signature (574 bytes).

I verified both of signature files.

Reported by:	Lena@lena.kiev.ua
2.1.4_1
19 May 2015 14:16:25
Revision:386777Original commit files touched by this commit This port version is marked as vulnerable.
kuriyama search for other commits by this committer
Upgrade to 2.1.4 (bugfixes since 2.1.2).
2.1.2_1
18 May 2015 23:54:32
Revision:386725Original commit files touched by this commit This port version is marked as vulnerable.
olgeni search for other commits by this committer
Add references to security/pinentry-tty.
2.1.2_1
14 May 2015 10:15:09
Revision:386312Original commit files touched by this commit This port version is marked as vulnerable.
mat search for other commits by this committer
MASTER_SITES cleanup.

- Replace ${MASTER_SITE_FOO} with FOO.
- Merge MASTER_SITE_SUBDIR into MASTER_SITES when possible. (This means 99.9%
  of the time.)
- Remove occurrences of MASTER_SITE_LOCAL when no subdirectory was present and
  no hint of what it should be was present.
- Fix some logic.
- And generally, make things more simple and easy to understand.

While there, add magic values to the FESTIVAL, GENTOO, GIMP, GNUPG, QT and
SAMBA macros.

Also, replace some EXTRACT_SUFX occurences with USES=tar:*.

Checked by:	make fetch-urlall-list
With hat:	portmgr
Sponsored by:	Absolight
2.1.2_1
13 Apr 2015 02:55:30
Revision:383891Original commit files touched by this commit This port version is marked as vulnerable.
kuriyama search for other commits by this committer
- Add CPE information [1].
- Fix accidentally linking devel/readline if installed [2].

# I'm working on 2.1.3 update, but it requires LDAP header even if
# disabled.  Stay tuned (or patches are welcome).

PR:		ports/198849 [1], ports/198036 and ports/198354 [2]
Submitted by:	shun.fbsd.pr@dropcut.net [1], amdmi3 and jf@fahrner.name [2]
2.1.2
18 Feb 2015 22:31:00
Revision:379323Original commit files touched by this commit This port version is marked as vulnerable.
kuriyama search for other commits by this committer
- Upgrade to 2.1.2 (bugfixes).
2.1.1_1
16 Feb 2015 20:48:30
Revision:379107Original commit files touched by this commit This port version is marked as vulnerable.
zi search for other commits by this committer
- Fix version requirement for security/libgpg-error BUILD_DEPEND
2.1.1_1
02 Jan 2015 18:46:34
Revision:376062Original commit files touched by this commit This port version is marked as vulnerable.
pi search for other commits by this committer
security/libgcrypt: 1.6.1 -> 1.6.2, bump depends

Changes:
- src/sexp.c (do_vsexp_sscan): Return error for invalid args.
- cipher/md.c (_gcry_md_info): Fix a segv in case of calling
  with wrong parameters.
- cipher/primegen.c (_gcry_generate_elg_prime): Change to return an
  error code, possible NULL deref in call to prime generator.
- cipher/dsa.c (generate): Take care of new return code.
- cipher/elgamal.c (generate): Change to return an error code.  Take
	care of _gcry_generate_elg_prime return code.
- ecc: Support the non-standard 0x40 compression flag for EdDSA.
- mpi: Extend the internal mpi_get_buffer.
- mpi: Fix regression for powerpc-apple-darwin detection.
- Fix bug inhibiting the use of the sentinel attribute in src/gcrypt.h.in
(Only the first 15 lines of the commit message are shown above View all of this commit message)

Number of commits found: 271 (showing only 100 on this page)

1 | 2 | 3  »