GnuPG 2 is the successor of "GnuPG" or GPG. It provides: GPGSM,
gpg-agent, and a keybox library.
- Links to Base:System / gpg2
- Has a link diff
- Download package
osc -A https://api.opensuse.org checkout security:privacy/gpg2 && cd $_
- Create Badge
Source Files (show merged sources derived from linked package)
|_link||0000000119 119 Bytes|
|gnupg-2.0.9-langinfo.patch||0000000707 707 Bytes|
|gnupg-2.2.16-secmem.patch||0000001182 1.15 KB|
||0000002176 2.13 KB|
|gnupg-2.3.7.tar.bz2||0007599853 7.25 MB|
|gnupg-2.3.7.tar.bz2.sig||0000000119 119 Bytes|
||0000001218 1.19 KB|
|gnupg-add-test-cases-for-import-without-uid.patch||0000008388 8.19 KB|
|gnupg-add_legacy_FIPS_mode_option.patch||0000002617 2.56 KB|
||0000003427 3.35 KB|
|gnupg-detect_FIPS_mode.patch||0000001591 1.55 KB|
|gnupg-dont-fail-with-seahorse-agent.patch||0000000684 684 Bytes|
|gnupg-gpg-agent-ulimit.patch||0000001396 1.36 KB|
|gnupg-set_umask_before_open_outfile.patch||0000001367 1.33 KB|
|gpg2.changes||0000111595 109 KB|
|gpg2.keyring||0000005365 5.24 KB|
|gpg2.spec||0000006826 6.67 KB|
|scdaemon.udev||0000005551 5.42 KB|
Do we have an answer to https://bugs.archlinux.org/task/63147 ? Should we distribute
keyserver-options no-self-sigs-only,no-import-cleanby default in the system's
gpg.confor have there been discussions on whether this would be a good idea?
Thanks for any input!
Hi Georg, thanks for having pointed this out, my2c below.
AFAICS we're currently shipping gpg with both options enabled:
import-clean. (Please, correct me if you think I'm wrong)
Even if we use gpg within the build system and the package manager, we do not rely on WoT, hence IMO this change is for us not that bad as it was for Archlinux.
In any case I find this topic interesting and discussing about it might be beneficial for many.