Date: Tue, 1 Apr 2008 11:21:48 -0700 (PDT) From: Nick Barkas <snb@threerings.net> To: FreeBSD-gnats-submit@FreeBSD.org Cc: kuriyama@FreeBSD.org Subject: ports/122348: [patch] Upgrade security/gnupg1 to 1.4.9 Message-ID: <20080401182148.3502061DCF@smtp.earth.threerings.net> Resent-Message-ID: <200804011830.m31IU20O063992@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 122348 >Category: ports >Synopsis: [patch] Upgrade security/gnupg1 to 1.4.9 >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: update >Submitter-Id: current-users >Arrival-Date: Tue Apr 01 18:30:02 UTC 2008 >Closed-Date: >Last-Modified: >Originator: Nick Barkas >Release: FreeBSD 6.2-RELEASE-p11 i386 >Organization: Three Rings Design, Inc. >Environment: System: FreeBSD mail1.earth.threerings.net 6.2-RELEASE-p11 FreeBSD 6.2-RELEASE-p11 #0: Wed Feb 13 07:00:04 UTC 2008 root@i386-builder.daemonology.net:/usr/obj/usr/src/sys/SMP i386 >Description: This is just a patch to update the security/gnupg1 port to the latest version, which fixes a possible security vulnerability involving memory corruption from importing malicious keys. >How-To-Repeat: >Fix: --- gnupg1.patch begins here --- diff -urN gnupg1.orig/Makefile gnupg1/Makefile --- gnupg1.orig/Makefile Sat Jan 12 00:53:44 2008 +++ gnupg1/Makefile Tue Apr 1 10:47:02 2008 @@ -6,7 +6,7 @@ # PORTNAME= gnupg -PORTVERSION= 1.4.8 +PORTVERSION= 1.4.9 CATEGORIES= security MASTER_SITES= ${MASTER_SITE_GNUPG} MASTER_SITE_SUBDIR= gnupg diff -urN gnupg1.orig/distinfo gnupg1/distinfo --- gnupg1.orig/distinfo Sat Jan 12 00:53:44 2008 +++ gnupg1/distinfo Tue Apr 1 10:52:07 2008 @@ -1,6 +1,6 @@ -MD5 (gnupg-1.4.8.tar.bz2) = e5be39ea81bb07de006e7dd44439cb76 -SHA256 (gnupg-1.4.8.tar.bz2) = 119d2574deafe8c2d4444e53051ebad215d375f94f29c520ff891275f14e006c -SIZE (gnupg-1.4.8.tar.bz2) = 3320100 -MD5 (gnupg-1.4.8.tar.bz2.sig) = 66089a7c49e3436803d4bdef7e51b775 -SHA256 (gnupg-1.4.8.tar.bz2.sig) = 10848cd421d257b3963635f68dbf154f303ca6d7e3c263902b49902a6057279d -SIZE (gnupg-1.4.8.tar.bz2.sig) = 158 +MD5 (gnupg-1.4.9.tar.bz2) = cc52393087480ac8d245625004a6a30c +SHA256 (gnupg-1.4.9.tar.bz2) = 3ca5abcd93eeed4ed832995463db3308bfa552a072ef86fab4940e195fab06dd +SIZE (gnupg-1.4.9.tar.bz2) = 3328743 +MD5 (gnupg-1.4.9.tar.bz2.sig) = c1dbb1e28502593635bf0349b74ca33a +SHA256 (gnupg-1.4.9.tar.bz2.sig) = 8d325632b0bb1e2abaff84be67295ad64d12ff38e2bc7a183ae1cb90cbf739ad +SIZE (gnupg-1.4.9.tar.bz2.sig) = 158 diff -urN gnupg1.orig/pkg-plist gnupg1/pkg-plist --- gnupg1.orig/pkg-plist Sat May 19 13:22:31 2007 +++ gnupg1/pkg-plist Tue Apr 1 11:06:37 2008 @@ -2,11 +2,13 @@ bin/gpg-zip bin/gpgsplit bin/gpgv +%%NLS%%lib/charset.alias %%WITH_LDAP%%libexec/gnupg/gpgkeys_ldap libexec/gnupg/gpgkeys_curl libexec/gnupg/gpgkeys_finger libexec/gnupg/gpgkeys_hkp @dirrm libexec/gnupg +%%NLS%%share/locale/locale.alias %%NLS%%share/locale/be/LC_MESSAGES/gnupg.mo %%NLS%%share/locale/ca/LC_MESSAGES/gnupg.mo %%NLS%%share/locale/cs/LC_MESSAGES/gnupg.mo --- gnupg1.patch ends here --- >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080401182148.3502061DCF>