Date: Tue, 9 Jul 2019 15:54:43 +0000 (UTC) From: Adam Weinberger <adamw@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r506281 - head/security/gnupg Message-ID: <201907091554.x69FshRr008345@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: adamw Date: Tue Jul 9 15:54:43 2019 New Revision: 506281 URL: https://svnweb.freebsd.org/changeset/ports/506281 Log: gnupg: Update to 2.2.17, with security fixes * gpg: Ignore all key-signatures received from keyservers. This change is required to mitigate a DoS due to keys flooded with faked key-signatures. The old behaviour can be achieved by adding keyserver-options no-self-sigs-only,no-import-clean to your gpg.conf. [#4607] * gpg: If an imported keyblocks is too large to be stored in the keybox (pubring.kbx) do not error out but fallback to an import using the options "self-sigs-only,import-clean". [#4591] * gpg: New command --locate-external-key which can be used to refresh keys from the Web Key Directory or via other methods configured with --auto-key-locate. * gpg: New import option "self-sigs-only". * gpg: In --auto-key-retrieve prefer WKD over keyservers. [#4595] * dirmngr: Support the "openpgpkey" subdomain feature from draft-koch-openpgp-webkey-service-07. [#4590]. * dirmngr: Add an exception for the "openpgpkey" subdomain to the CSRF protection. [#4603] * dirmngr: Fix endless loop due to http errors 503 and 504. [#4600] * dirmngr: Fix TLS bug during redirection of HKP requests. [#4566] * gpgconf: Fix a race condition when killing components. [#4577] Release-info: https://dev.gnupg.org/T4606 MFH: 2019Q3 Modified: head/security/gnupg/Makefile head/security/gnupg/distinfo Modified: head/security/gnupg/Makefile ============================================================================== --- head/security/gnupg/Makefile Tue Jul 9 12:21:12 2019 (r506280) +++ head/security/gnupg/Makefile Tue Jul 9 15:54:43 2019 (r506281) @@ -1,7 +1,7 @@ # $FreeBSD$ PORTNAME= gnupg -PORTVERSION= 2.2.16 +PORTVERSION= 2.2.17 CATEGORIES= security MASTER_SITES= GNUPG Modified: head/security/gnupg/distinfo ============================================================================== --- head/security/gnupg/distinfo Tue Jul 9 12:21:12 2019 (r506280) +++ head/security/gnupg/distinfo Tue Jul 9 15:54:43 2019 (r506281) @@ -1,3 +1,3 @@ -TIMESTAMP = 1559097348 -SHA256 (gnupg-2.2.16.tar.bz2) = 6cbe8d454bf5dc204621eed3016d721b66298fa95363395bb8eeceb1d2fd14cb -SIZE (gnupg-2.2.16.tar.bz2) = 6699113 +TIMESTAMP = 1562687164 +SHA256 (gnupg-2.2.17.tar.bz2) = afa262868e39b651a2db4c071fba90415154243e83a830ca00516f9a807fd514 +SIZE (gnupg-2.2.17.tar.bz2) = 6717554
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201907091554.x69FshRr008345>