Edit Package gpg2

GnuPG 2 is the successor of "GnuPG" or GPG. It provides: GPGSM,
gpg-agent, and a keybox library.

  • Links to Base:System / gpg2
  • Has a link diff
  • Download package
  • osc -A checkout security:privacy/gpg2 && cd $_
  • Create Badge
Source Files (show merged sources derived from linked package)
Filename Size Changed
gnupg-2.0.9-langinfo.patch 0000000707 707 Bytes
gnupg-2.2.16-secmem.patch 0000001182 1.15 KB
gnupg-2.3.7-scd-openpgp-Fix-workaround-for-Yubikey-heuristics.patch 0000002176 2.13 KB
gnupg-2.3.7.tar.bz2 0007599853 7.25 MB
gnupg-2.3.7.tar.bz2.sig 0000000119 119 Bytes
gnupg-accept_subkeys_with_a_good_revocation_but_no_self-sig_during_import.patch 0000001218 1.19 KB
gnupg-add-test-cases-for-import-without-uid.patch 0000008388 8.19 KB
gnupg-add_legacy_FIPS_mode_option.patch 0000002617 2.56 KB
gnupg-allow-import-of-previously-known-keys-even-without-UIDs.patch 0000003427 3.35 KB
gnupg-detect_FIPS_mode.patch 0000001591 1.55 KB
gnupg-dont-fail-with-seahorse-agent.patch 0000000684 684 Bytes
gnupg-gpg-agent-ulimit.patch 0000001396 1.36 KB
gnupg-set_umask_before_open_outfile.patch 0000001367 1.33 KB
gpg2.changes 0000111595 109 KB
gpg2.keyring 0000005365 5.24 KB
gpg2.spec 0000006826 6.67 KB
scdaemon.udev 0000005551 5.42 KB
Comments 2

Georg Pfuetzenreuter's avatar

crameleon wrote


Do we have an answer to ? Should we distribute keyserver-options no-self-sigs-only,no-import-clean by default in the system's gpg.conf or have there been discussions on whether this would be a good idea?

Thanks for any input!

Gianluca Gabrielli's avatar

crazybyte wrote

Hi Georg, thanks for having pointed this out, my2c below.

    opt.keyserver_options.import_options = (IMPORT_REPAIR_KEYS
                        | IMPORT_REPAIR_PKS_SUBKEY_BUG
                                            | IMPORT_SELF_SIGS_ONLY
                                            | IMPORT_COLLAPSE_UIDS
                                            | IMPORT_COLLAPSE_SUBKEYS
                                            | IMPORT_CLEAN);

AFAICS we're currently shipping gpg with both options enabled: self-sigs-only and import-clean. (Please, correct me if you think I'm wrong)

Even if we use gpg within the build system and the package manager, we do not rely on WoT, hence IMO this change is for us not that bad as it was for Archlinux.

In any case I find this topic interesting and discussing about it might be beneficial for many.

openSUSE Build Service is sponsored by