From owner-freebsd-ports-bugs@FreeBSD.ORG Tue Apr 1 18:30:02 2008 Return-Path: Delivered-To: freebsd-ports-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B184E1065672 for ; Tue, 1 Apr 2008 18:30:02 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 902988FC22 for ; Tue, 1 Apr 2008 18:30:02 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.2/8.14.2) with ESMTP id m31IU2II063993 for ; Tue, 1 Apr 2008 18:30:02 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.2/8.14.1/Submit) id m31IU20O063992; Tue, 1 Apr 2008 18:30:02 GMT (envelope-from gnats) Resent-Date: Tue, 1 Apr 2008 18:30:02 GMT Resent-Message-Id: <200804011830.m31IU20O063992@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Nick Barkas Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 76F08106564A for ; Tue, 1 Apr 2008 18:21:49 +0000 (UTC) (envelope-from snb@smtp.earth.threerings.net) Received: from smtp.earth.threerings.net (smtp1.earth.threerings.net [64.127.109.108]) by mx1.freebsd.org (Postfix) with ESMTP id 33BD58FC1B for ; Tue, 1 Apr 2008 18:21:48 +0000 (UTC) (envelope-from snb@smtp.earth.threerings.net) Received: by smtp.earth.threerings.net (Postfix, from userid 10038) id 3502061DCF; Tue, 1 Apr 2008 11:21:48 -0700 (PDT) Message-Id: <20080401182148.3502061DCF@smtp.earth.threerings.net> Date: Tue, 1 Apr 2008 11:21:48 -0700 (PDT) From: Nick Barkas To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Cc: kuriyama@FreeBSD.org Subject: ports/122348: [patch] Upgrade security/gnupg1 to 1.4.9 X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Nick Barkas List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Apr 2008 18:30:02 -0000 >Number: 122348 >Category: ports >Synopsis: [patch] Upgrade security/gnupg1 to 1.4.9 >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: update >Submitter-Id: current-users >Arrival-Date: Tue Apr 01 18:30:02 UTC 2008 >Closed-Date: >Last-Modified: >Originator: Nick Barkas >Release: FreeBSD 6.2-RELEASE-p11 i386 >Organization: Three Rings Design, Inc. >Environment: System: FreeBSD mail1.earth.threerings.net 6.2-RELEASE-p11 FreeBSD 6.2-RELEASE-p11 #0: Wed Feb 13 07:00:04 UTC 2008 root@i386-builder.daemonology.net:/usr/obj/usr/src/sys/SMP i386 >Description: This is just a patch to update the security/gnupg1 port to the latest version, which fixes a possible security vulnerability involving memory corruption from importing malicious keys. >How-To-Repeat: >Fix: --- gnupg1.patch begins here --- diff -urN gnupg1.orig/Makefile gnupg1/Makefile --- gnupg1.orig/Makefile Sat Jan 12 00:53:44 2008 +++ gnupg1/Makefile Tue Apr 1 10:47:02 2008 @@ -6,7 +6,7 @@ # PORTNAME= gnupg -PORTVERSION= 1.4.8 +PORTVERSION= 1.4.9 CATEGORIES= security MASTER_SITES= ${MASTER_SITE_GNUPG} MASTER_SITE_SUBDIR= gnupg diff -urN gnupg1.orig/distinfo gnupg1/distinfo --- gnupg1.orig/distinfo Sat Jan 12 00:53:44 2008 +++ gnupg1/distinfo Tue Apr 1 10:52:07 2008 @@ -1,6 +1,6 @@ -MD5 (gnupg-1.4.8.tar.bz2) = e5be39ea81bb07de006e7dd44439cb76 -SHA256 (gnupg-1.4.8.tar.bz2) = 119d2574deafe8c2d4444e53051ebad215d375f94f29c520ff891275f14e006c -SIZE (gnupg-1.4.8.tar.bz2) = 3320100 -MD5 (gnupg-1.4.8.tar.bz2.sig) = 66089a7c49e3436803d4bdef7e51b775 -SHA256 (gnupg-1.4.8.tar.bz2.sig) = 10848cd421d257b3963635f68dbf154f303ca6d7e3c263902b49902a6057279d -SIZE (gnupg-1.4.8.tar.bz2.sig) = 158 +MD5 (gnupg-1.4.9.tar.bz2) = cc52393087480ac8d245625004a6a30c +SHA256 (gnupg-1.4.9.tar.bz2) = 3ca5abcd93eeed4ed832995463db3308bfa552a072ef86fab4940e195fab06dd +SIZE (gnupg-1.4.9.tar.bz2) = 3328743 +MD5 (gnupg-1.4.9.tar.bz2.sig) = c1dbb1e28502593635bf0349b74ca33a +SHA256 (gnupg-1.4.9.tar.bz2.sig) = 8d325632b0bb1e2abaff84be67295ad64d12ff38e2bc7a183ae1cb90cbf739ad +SIZE (gnupg-1.4.9.tar.bz2.sig) = 158 diff -urN gnupg1.orig/pkg-plist gnupg1/pkg-plist --- gnupg1.orig/pkg-plist Sat May 19 13:22:31 2007 +++ gnupg1/pkg-plist Tue Apr 1 11:06:37 2008 @@ -2,11 +2,13 @@ bin/gpg-zip bin/gpgsplit bin/gpgv +%%NLS%%lib/charset.alias %%WITH_LDAP%%libexec/gnupg/gpgkeys_ldap libexec/gnupg/gpgkeys_curl libexec/gnupg/gpgkeys_finger libexec/gnupg/gpgkeys_hkp @dirrm libexec/gnupg +%%NLS%%share/locale/locale.alias %%NLS%%share/locale/be/LC_MESSAGES/gnupg.mo %%NLS%%share/locale/ca/LC_MESSAGES/gnupg.mo %%NLS%%share/locale/cs/LC_MESSAGES/gnupg.mo --- gnupg1.patch ends here --- >Release-Note: >Audit-Trail: >Unformatted: