Skip site navigation (1)Skip section navigation (2) 
Date:      Tue,  1 Apr 2008 11:26:27 -0700 (PDT)
From:      Nick Barkas <snb@threerings.net>
To:        FreeBSD-gnats-submit@FreeBSD.org
Cc:        kuriyama@FreeBSD.org
Subject:   ports/122349: [patch] Update security/gnupg to 2.0.9
Message-ID:  <20080401182628.6B9EA61DF1@smtp.earth.threerings.net>
Resent-Message-ID: <200804011830.m31IU25a064016@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help 

>Number:         122349
>Category:       ports
>Synopsis:       [patch] Update security/gnupg to 2.0.9
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          update
>Submitter-Id:   current-users
>Arrival-Date:   Tue Apr 01 18:30:02 UTC 2008
>Closed-Date:
>Last-Modified:
>Originator:     Nick Barkas
>Release:        FreeBSD 6.2-RELEASE-p11 i386
>Organization:
Three Rings Design
>Environment:
System: FreeBSD mail1.earth.threerings.net 6.2-RELEASE-p11 FreeBSD 6.2-RELEASE-p11 #0: Wed Feb 13 07:00:04 UTC 2008 root@i386-builder.daemonology.net:/usr/obj/usr/src/sys/SMP i386
>Description:
This is a patch to update the security/gnupg port to the latest version, which
fixes a possible security vulnerability involving memory corruption from
importing malicious keys.
>How-To-Repeat:
diff -urN gnupg.orig/Makefile gnupg/Makefile
--- gnupg.orig/Makefile	Tue Mar  4 14:57:41 2008
+++ gnupg/Makefile	Tue Apr  1 11:11:59 2008
@@ -6,7 +6,7 @@
 #
 
 PORTNAME=	gnupg
-PORTVERSION=	2.0.8
+PORTVERSION=	2.0.9
 CATEGORIES=	security
 MASTER_SITES=	${MASTER_SITE_GNUPG}
 MASTER_SITE_SUBDIR=	gnupg
diff -urN gnupg.orig/distinfo gnupg/distinfo
--- gnupg.orig/distinfo	Tue Mar  4 14:57:41 2008
+++ gnupg/distinfo	Tue Apr  1 11:15:01 2008
@@ -1,6 +1,6 @@
-MD5 (gnupg-2.0.8.tar.bz2) = fc4377ca67e1bf687eeaf22e79c0b9d1
-SHA256 (gnupg-2.0.8.tar.bz2) = 16f310afe4740a26475c7273f585861a4bdefecbde27c214cc30c0db45d26913
-SIZE (gnupg-2.0.8.tar.bz2) = 3654523
-MD5 (gnupg-2.0.8.tar.bz2.sig) = 5f4fefbca2568910e3628b4d8ea3d485
-SHA256 (gnupg-2.0.8.tar.bz2.sig) = e68772c8d16a80311c5380ef024c52ad140f2fc3cf43c778a2e2d3bf2eea24d5
-SIZE (gnupg-2.0.8.tar.bz2.sig) = 158
+MD5 (gnupg-2.0.9.tar.bz2) = b41f3f6716a74c46a609a71853e85c7b
+SHA256 (gnupg-2.0.9.tar.bz2) = 2dc124908a1dfa3b79d2b0a82aa1a31817128feb14e84a26226beaab13179686
+SIZE (gnupg-2.0.9.tar.bz2) = 3718925
+MD5 (gnupg-2.0.9.tar.bz2.sig) = 29a90f2bdd27d79b7e9a0885f119832a
+SHA256 (gnupg-2.0.9.tar.bz2.sig) = 75487ff94c980c0f6a0290f12290a1373f0b5f36971ed9910407490370340296
+SIZE (gnupg-2.0.9.tar.bz2.sig) = 158
--- gnupg.patch ends here ---


>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted:

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080401182628.6B9EA61DF1>