summaryrefslogtreecommitdiffstats
path: root/meta/recipes-support/gnupg/gnupg
Commit message (Collapse)AuthorAgeFilesLines
* gnupg: patch gnupg-native to allow path relocationRoss Burton2018-11-241-0/+81
| | | | | | | | | | | | | | | | | GnuPG hard-codes $bindir etc and uses them to find the helper binaries, such as gpg-agent. This breaks if gnupg-native is reused from sstate for a different build directory and GPG signing of packages is required. Patch in getenv() checks for gnupg-native when returning the hardcoded paths, and create a wrapper script which overrides GNUPG_BINDIR. There are more paths that can be overridden, but this one is sufficient to make GnuPG work. (From OE-Core rev: dfd69ff889ed78bf137116583d8ae351859ee203) (From OE-Core rev: ddaf41f210f80556eca1d0acaee1e3f9cbf80122) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnupg: CVE-2018-9234Sinan Kaya2018-10-101-0/+28
| | | | | | | | | | | | | | | | | | * CVE-2018-9234 GnuPG 2.2.4 and 2.2.5 does not enforce a configuration in which key certification requires an offline master Certify key, which results in apparently valid certifications that occurred only with access to a signing subkey. Affects gnupg <= 2.2.5 CVE: CVE-2018-9234 Ref: https://access.redhat.com/security/cve/cve-2018-9234 (From OE-Core rev: af920831ed1ef607db195372f135cc56e9f53b41) Signed-off-by: Sinan Kaya <okaya@kernel.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnupg: CVE-2018-12020Jagadeesh Krishnanjanappa2018-08-291-0/+47
| | | | | | | | | | | gpg: Sanitize diagnostic with the original file name. * g10/mainproc.c (proc_plaintext): Sanitize verbose output. (From OE-Core rev: f1c0da2bcb0587ac25176db11365d4a2a15b3d30) Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnupg: add a patch to avoid native vs. host gpg-agent clashesAlexander Kanavin2018-01-261-0/+30
| | | | | | | | (From OE-Core rev: 04f6e01c1d9c8b53ed43405cdb7d3b8b242a27b6) Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnupg: 2.1.20 -> 2.1.23Hongxu Jia2017-08-235-34/+81
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 1. COPYING.LIB: Rename to COPYING.LGPL3. https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=3419a339d9c4e800bf30e9021e05982d8c1021c1 2. Rebase patches: - pkgconfig.patch -> 0001 - use-pkgconfig-instead-of-npth-config.patch -> 0002 - dirmngr-uses-libgpg-error.patch -> 0003 - autogen.sh-fix-find-version-for-beta-checking.patch -> 0004 3. Fix gpg2 not found ... dnf -vy makecache |Cannot download 'http://192.168.7.1:33541': repomd.xml GPG signature verification error: gpgme_engine_check_version() error: Invalid crypto engine. ... The upstream install gpg by default and no gpg2 ... commit a69464b0b6dac88b360a13d3faf19dd7f2a0e02b Author: Werner Koch <wk@gnupg.org> Date: Sat Aug 5 14:39:32 2017 +0200 gpg: Install gpg by default under the name gpg. ... Add --enable-gpg-is-gpg2 to revert it. (From OE-Core rev: f62d844424670967d2d40cd2afc96f5fc597bf1d) Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnupg: fix find-version for beta checkingWenzong Fan2015-11-161-0/+31
| | | | | | | | | | | | | | | | | | | find-version always assumes that gnupg is beta if autogen.sh is run out of git-repo. This doesn't work for users whom just take release tarball and re-run autoconf in their local build dir. This fixes runtime issue: $gpg --list-sigs gpg: NOTE: THIS IS A DEVELOPMENT VERSION! gpg: It is only intended for test purposes and should NOT be gpg: used in a production environment or with production keys! (From OE-Core rev: a37cccca3bb3bad0d8d7e375fb7e3cc339ac8250) Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meta: Fix Upstream-Status statementsRoss Burton2015-09-121-1/+1
| | | | | | | | | | Fix a variety of problems such as typos, bad punctuations, or incorrect Upstream-Status values. (From OE-Core rev: bd220fe6ce8c3a0805f13a14706d3130ea872604) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnupg: 2.1.2 -> 2.1.4Robert Yang2015-05-301-4/+4
| | | | | | | | | Updated dirmngr-uses-libgpg-error.patch. (From OE-Core rev: 9c5cb4e2b51e605523d636f57d071593a01014ee) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnupg: Upgrade to 2.1.0Saul Wold2015-01-073-10/+102
| | | | | | | | | | | | Add patch to use pkg-config instead of npth-config and remove --without-curl as it's not used anymore. Also needed a patch to add libgpg-error to correctly build dirmngr (From OE-Core rev: 0509f3b6f880b516dfbe053b13d417f724509b99) Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* gnupg: Convert to use pkg-config for dependenciesRichard Purdie2014-05-281-0/+86
Use pkg-config to find pth instead of pth-config and our own macros from aclocal-copy. (From OE-Core rev: 437ad15de308769c9251a37ed41dabed5653fc96) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-06-16 11:40:08 +0000