Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:eltorio
gpg1
gpg1.spec
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File gpg1.spec of Package gpg1
# # spec file for package gpg (Version 1.4.5) # # Copyright (c) 2007 SUSE LINUX Products GmbH, Nuernberg, Germany. # This file and all modifications and additions to the pristine # package are under the same license as the package itself. # # Please submit bugfixes or comments via http://bugs.opensuse.org/ # # norootforbuild Name: gpg BuildRequires: openldap2 openldap2-devel Version: 1.4.9 Release: 5.6 License: GPL v3 or later Group: Productivity/Security PreReq: %install_info_prereq Provides: gnupg pgpgpg Autoreqprov: on Summary: The GNU Privacy Guard: Encrypts, Decrypts, and Signs Data Source: ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-%{version}.tar.bz2 Source3: README.SuSE Source4: ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-%{version}.tar.bz2.sig Patch1: gnupg-1.2.5.return.diff Patch2: gpg-encrypt-to-opt.diff Patch3: gnupg-1.4.4.photoviewer.patch Patch4: gnupg-1.2.5.ppc64-auto.diff Patch5: gnupg-1.4.9-use-agent.patch Patch6: gnupg-1.4.7-files_are_digests.patch Patch7: forcev3.patch URL: http://www.gnupg.de Prefix: /usr BuildRoot: %{_tmppath}/%{name}-%{version}-build %description The GNU Privacy Guard is an OpenPGP (RFC2440) implementation. It allows encryption, decryption, and signatures of data and contains strong cryptographic algorithms. It is most often used with mail. It is not to be exported or reexported from the US. It is not to be used in certain countries. Please check the laws. As of version 1.0.3, support for RSA has been integrated into GnuPG, as the patent encumbrance expired 2000-09-20. Authors: -------- Werner Koch <werner.koch@guug.de> %prep -n gpg #gpg --verify %SOURCE4 %setup -n gnupg-%{version} %patch1 -p1 %patch2 -p1 %patch3 -p1 %patch4 -p1 -b .auto %patch5 -p1 %patch6 -p1 %patch7 -p1 chmod a+x checks/verify.test #chown 0:0 -R * # Needed for CVS version #cd ../gnupg-%{version} #aclocal #autoheader #automake #autoconf autoreconf %build test ! -z "$RPM_BUILD_ROOT" -a "$RPM_BUILD_ROOT" != "/" && rm -rf $RPM_BUILD_ROOT gcc_version=`gcc -dumpversion 2>&1 | sed 's/^\([0-9]\+\)\..*/\1/'` if [ $gcc_version -ge 4 ]; then echo "Compiling with PIE extension" export CFLAGS="$RPM_OPT_FLAGS -DLDAP_DEPRECATED -fPIE" export LDFLAGS="-pie" else export CFLAGS="$RPM_OPT_FLAGS -DLDAP_DEPRECATED" fi #CFLAGS+=--with-capabilities ./configure --enable-ldap --enable-external-hkp --enable-shared \ --with-gnu-ld --enable-static-rnd=linux --prefix=/usr \ --mandir=%{_mandir} --infodir=%{_infodir} --libdir=%{_libdir} \ --libexecdir=%{_libdir} --program-prefix="" %{_target_cpu}-suse-linux %ifarch %arm # make check may hang make %{?jobs:-j%jobs} %else %if %do_profiling make %{?jobs:-j%jobs} CFLAGS="$CFLAGS %cflags_profile_generate" #make -C doc make check ./g10/gpg --homedir checks --keyring checks/pubring.gpg --secret-keyring checks/secring.gpg --check-trustdb make clean make %{?jobs:-j%jobs} CFLAGS="$CFLAGS %cflags_profile_feedback" %else make %endif %endif %ifnarch %arm make check %endif %install make install DESTDIR=$RPM_BUILD_ROOT gzip -9f $RPM_BUILD_ROOT%{_mandir}/man1/gpg.1 gzip -9f $RPM_BUILD_ROOT%{_mandir}/man1/gpgv.1 #install -m 644 -o root -g root $RPM_SOURCE_DIR/gpg.1.gz $RPM_BUILD_ROOT%{_mandir}/man1/ install -d $RPM_BUILD_ROOT%{_docdir}/gpg1 for name in ABOUT-NLS AUTHORS BUGS COPYING NEWS PROJECTS README THANKS TODO VERSION do cp -p $name $RPM_BUILD_ROOT%{_docdir}/gpg1/; done sed 's#../g10/##' < tools/convert-from-106 >$RPM_BUILD_ROOT/usr/bin/gpg1-convert-from-106 cd doc for name in DETAILS FAQ HACKING OpenPGP faq.html samplekeys.asc do cp -p $name $RPM_BUILD_ROOT%{_docdir}/gpg1/; done #cp -p $RPM_SOURCE_DIR/gnupg-%{version}.security-patch1.diff $RPM_BUILD_ROOT%{_docdir}/gpg/ install -m 644 $RPM_SOURCE_DIR/README.SuSE $RPM_BUILD_ROOT%{_docdir}/gpg1/ # !!! ru.po is too buggy !!! #rm $RPM_BUILD_ROOT/usr/share/locale/ru/LC_MESSAGES/gnupg.mo # Prevent ldap dependencies to be picked up by find-requires chmod 0644 $RPM_BUILD_ROOT/%{_libdir}/gnupg/gpgkeys_ldap mv $RPM_BUILD_ROOT/usr/bin/gpg $RPM_BUILD_ROOT/usr/bin/gpg1 mv $RPM_BUILD_ROOT/usr/bin/gpgv $RPM_BUILD_ROOT/usr/bin/gpg1v mv $RPM_BUILD_ROOT/usr/bin/gpgsplit $RPM_BUILD_ROOT/usr/bin/gpg1split mv $RPM_BUILD_ROOT/usr/bin/gpg-zip $RPM_BUILD_ROOT/usr/bin/gpg1-zip mv $RPM_BUILD_ROOT%{_libdir}/gnupg $RPM_BUILD_ROOT%{_libdir}/gnupg1 mv $RPM_BUILD_ROOT/usr/share/gnupg $RPM_BUILD_ROOT/usr/share/gnupg1 mv $RPM_BUILD_ROOT%{_mandir}/man1/gpg.1.gz $RPM_BUILD_ROOT%{_mandir}/man1/gpg1.1.gz mv $RPM_BUILD_ROOT%{_mandir}/man1/gpgv.1.gz $RPM_BUILD_ROOT%{_mandir}/man1/gpg1v.1.gz %clean test ! -z "$RPM_BUILD_ROOT" -a "$RPM_BUILD_ROOT" != "/" && rm -rf $RPM_BUILD_ROOT %post %install_info --info-dir=%{_infodir} %{_infodir}/gpg1.info.gz %install_info --info-dir=%{_infodir} %{_infodir}/gpg1v.info.gz %postun %install_info_delete --info-dir=%{_infodir} %{_infodir}/gpg1.info.gz %install_info_delete --info-dir=%{_infodir} %{_infodir}/gpg1v.info.gz %files %defattr(-,root,root) #/usr/bin/gpg %attr (755,root,root) /usr/bin/gpg1 /usr/bin/gpg1v /usr/bin/gpg1split /usr/bin/gpg1-zip %attr(755,root,root) /usr/bin/gpg1-convert-from-106 %attr(755,root,root) %dir %{_libdir}/gnupg1 %attr(755,root,root) %{_libdir}/gnupg1/gpgkeys_curl %attr(755,root,root) %{_libdir}/gnupg1/gpgkeys_finger %attr(755,root,root) %{_libdir}/gnupg1/gpgkeys_hkp %attr(755,root,root) %{_libdir}/gnupg1/gpgkeys_ldap /usr/share/gnupg1 %{_mandir}/man1/gpg1.1.gz %{_mandir}/man1/gpg1v.1.gz %{_mandir}/man1/gpg.ru.1.gz %{_mandir}/man7/gnupg.7.gz %doc %{_docdir}/gpg1 %doc %{_infodir}/gnupg1.info.gz /usr/share/locale/*/LC_MESSAGES/gnupg.mo %changelog * Wed Mar 26 2008 kssingvo@suse.de - upgrade to version 1.4.9: * Fixed possible memory corruption bug in 1.4.8 while importing OpenPGP keys. * Improved AES encryption performance by more than 20%% (on ia32). Decryption is also a bit faster. - fixed use-agent patch - removed references to SUSE 8.x versions in specfile - cleaned up specfile * Mon Jan 7 2008 kssingvo@suse.de - upgrade to version 1.4.8 * Changed the license to GPLv3. * Improved detection of keyrings specified multiple times. * Changes to better cope with broken keyservers. * Minor bug fixes. * The GnuPG --openpgp mode has been updated to match the new RFC-4880 standard. * By default --require-cross-certification is now on. --rfc2440-text and --force-v3-sigs are now off. * Allow encryption using legacy Elgamal sign+encrypt keys if option option --rfc2440 is used. * Fixed the auto creation of the key stub for smartcards. * Fixed a rare bug in decryption using the OpenPGP card. * Fix RFC-4880 typo in the SHA-224 hash prefix. Old SHA-224 signatures will continue to work. * Thu Nov 29 2007 kssingvo@suse.de - upgrade to version 1.4.7 - removed duplicate overflow fixes - renamed package from "gpg" to "gpg1" - adaption in files_are_digest patch * Wed Mar 14 2007 kssingvo@suse.de - fixed issue in improper status handling CVE-2007-1263 (bugzilla#251605) * Thu Dec 7 2006 kssingvo@suse.de - fixed security issue in dfx stack handling CVE-2006-6235 (bugzilla#225694) * Tue Nov 28 2006 kssingvo@suse.de - fixed security issue with openfile in interactive mode (bugzilla#224108) * Wed Aug 2 2006 kssingvo@suse.de - update to version 1.4.5: * Reverted check for valid standard handles under Windows. * More DSA2 tweaks. * Fixed a problem uploading certain keys to the smart card. * Fixed 2 more possible memory allocation attacks. They are similar to the problem we fixed with 1.4.4. This bug can easily be be exploted for a DoS; remote code execution is not entirely impossible. * Added Norwegian translation. - added patch to sign signatures stored in files * Mon Jun 26 2006 kssingvo@suse.de - upgrade to 1.4.4 (mainly bugfix version) - removed already present (security) bugfixes - adapted SUSE specialized patches - removed s-bit as we have user mlock in kernel now (bugzilla#137562) * Wed Jun 14 2006 kssingvo@suse.de - fixed large uids issue SWAMP#4755, no CVE yet (bugzilla#180615) * Thu Mar 9 2006 kssingvo@suse.de - fixed 2nd signature security problem CVE-2006-0049 (bugzilla#155400) * Wed Feb 15 2006 kssingvo@suse.de - fixed signature security problem CVE-2006-0455 (bugzilla#150742) * Sat Feb 4 2006 aj@suse.de - Cleanup BuildRequires. * Mon Jan 30 2006 kssingvo@suse.de - fixed manpage: http_proxy -> http-proxy (bugzilla#73911) * Wed Jan 25 2006 mls@suse.de - converted neededforbuild to BuildRequires * Wed Nov 16 2005 uli@suse.de - don't run test suite on ARM (hangs sometimes in QEMU) * Mon Sep 26 2005 ro@suse.de - added LDAP_DEPRECATED to CFLAGS * Thu Sep 1 2005 kssingvo@suse.de - got official patch for mpi problem, replaced mine (bugzilla#112655) * Wed Aug 24 2005 kssingvo@suse.de - fixed size check in mpi module (bugzilla#112655) * Wed Jul 27 2005 kssingvo@suse.de - 1.4.2 is now finally released * Wed Jul 13 2005 kssingvo@suse.de - upgrade to 1.4.2rc2 for crypto freeze * Mon Jul 11 2005 kssingvo@suse.de - upgrade to 1.4.1 with all necessary adaptions - PIE is IMHO a bit better enabled (i.e. backward compatible) * Mon Jun 20 2005 ro@suse.de - build as PIE * Tue Feb 22 2005 kssingvo@suse.de - security fix for cfb-cipher issue (bugzilla#65862) * Tue Feb 1 2005 kssingvo@suse.de - update to latest version: 1.4.0 (looks stable according to gnupg-ml) * Tue Dec 14 2004 kssingvo@suse.de - updated to GnuPG-1.3.93 (last RC for release of 1.4) to see if anything breaks * Sat Aug 7 2004 meissner@suse.de - Fixed a compiler warning. * Tue Aug 3 2004 garloff@suse.de - Update to GnuPG-1.2.5: * New options: --(no-)ask-cert-level, --min-cert-level, - -max-output, --list-config, --gpgconf-list. * Performance improvements for large keyrings, --enable-key-cache * Portability fixes and simplified chnies translation. - Update README.SUSE to document the safe allocation of locked memory. * Thu Mar 25 2004 mmj@suse.de - Add postfix to # neededforbuild * Mon Mar 22 2004 garloff@suse.de - Move allocation of locked memory up and make gpg setuid root (#33570). * Wed Feb 4 2004 garloff@suse.de - Drop pgpgpg. - Add #norootforbuild and fix package accordingly. * Wed Feb 4 2004 garloff@suse.de - Update to GnuPG-1.2.4: * Experimental read-only support for bzip2 compression. * Handle msgs that are decryptable by a passphrase or secret key. * Drop most Elgamal sign+encrypt support: No signatures can be generated any more, nor keys be generated. Decryption still works as does generation of revoc certificates. However, Elgamal sign+encrypt is scheduled for complete removal. * Add russian and belarussian translations. * Tue Dec 2 2003 garloff@suse.de - Update to GnuPG-1.2.3: * --gnupg option disabling --openpgp and various --pgpX emulation options. * new %%g (sig key fingerprint) and %%p (prim key of sig fingerprint) expands for policy URLs. * new tru(st) record in --list-keys --with-colons. * REVKEYSIG status for --status-fd indicating a valid sig with a revoked key. * Romanian translations. - Drop setlocale patch. - Update README.SuSE. * Thu Nov 27 2003 garloff@suse.de - Fix format string bug in HKP keyserver module. - Disable possibility to create ElGamal type 20 (sign+encrypt) keys as they are vulnerable to attacks. [#33369] * Sat Jul 19 2003 garloff@suse.de - Make -passphrase-fd override use-agent option [#27843] - use : in chown rather than . to separate gid from uid. * Thu Jun 12 2003 garloff@suse.de - Package %%dir /usr/lib(64)/gnupg - Fix syntax in test [] expressions in check scripts * Wed Jun 4 2003 ro@suse.de - fix install_info --delete call and move from preun to postun * Wed Jun 4 2003 garloff@suse.de - Update to GnuPG-1.2.2: * Fix for bug #27242: The trust path did not check for the given user-ID but the most trusted one belonging to the same keyID, and consequently failed to display a warning when encrypting to (or verifying a signature from) an untrusted UID. * revuid command in edit-key menu * Compatibility with CryptoEx improved. * read-only support for SHA-256 hash * TIGER192 digest algo disabled (about to be dropped from OpenPGP std) * --enable-progress-filter for frontends * Wed Feb 26 2003 garloff@suse.de - Report version number 1.2.2-rc1-SuSE - Change defaults to have use-agent enabled - photo-viewer settings: default to kfmclient openURL * Wed Feb 19 2003 garloff@suse.de - Disable %%install_info for older distros. - Install convert-from-106 into /usr/bin/gpg-convert-from-106 * Tue Feb 18 2003 garloff@suse.de - Update to 1.2.2rc1: * convert-from-106 script to help trustdb conversion * notation names should have @ (need --expert to override) * --trust-model always for forward(!) compatibility * Prevent compiler from optimizing away memory wiping code * Skip disabled keys in selection for encryption * Minor trustdb tweaks * New translations: Finnish, Trad. Chinese - Enable external hkp interface (for gpgme/3rd party software) * Thu Feb 6 2003 ro@suse.de - use macros for install-info * Thu Oct 31 2002 ro@suse.de - re-enable autoreqprov: all required libs are part of the minimal system * Wed Oct 30 2002 garloff@suse.de - Avoid dependencies triggered by LDAP module. * Wed Oct 30 2002 garloff@suse.de - Update README.SuSE - Update to GnuPG-1.2.1: * mark secret keys generated by --export-secret-keys with # (key listing) resp. no capabilites (colon listing) * option --trusted-key is not obsolete any more * bugfixes, e.g. a recursion when reading keys for trust check - Compile with support for LDAP (openldap2) keyservers. * Fri Oct 4 2002 garloff@suse.de - Move libexec to _libdir instead of share, because the plugins will also be there. * Fri Sep 27 2002 garloff@suse.de - Use install-info in %%post and %%preun (and add acc. PreReq) - Move /usr/libexec/gnupg/gpg_keys_mailto to /usr/share/gnupg/ (it's a perl script) - Update to GnuPG-1.2.0: http://lists.gnupg.org/pipermail/gnupg-announce/2002q3/000252.html * Better docu (new gnupg(7) manpage, gpgv info file) * options file move to ~/.gnupg/gpg.conf * Modules linked statically (except for deprecated idea plugin) * Restrictions executing other helper programs configurable * group command to work with several keys * --interactive works as expected when importing keys now * Full revocation key support * export option leaving off attribute packets (e.g. photo ID to not confuse keyservers) * Workaround for HKP server subkey mangling bug in --import * --atribute-fd support (photo ID) * ElGamal encrypt AND sign as well as RSA E&S only available in expert mode key generation * MDC use increased * preferred hash algos of a key are respected * --pgp7 option sets all parameters for maximum PGP7 compat * Permission/Ownership checks of keyrings clarified * LDAP v1 keyserver support * v3 keys can be self-signed with v4 signatures (for prefs) * Default character set taken from current locale * Fri Jul 26 2002 adrian@suse.de - fix neededforbuild * Tue Jun 18 2002 meissner@suse.de - powerpc64 is powerpc64, fixed MPI asm links. * Mon May 13 2002 garloff@suse.de - Fix german --keyserver-options help text. * Sat May 11 2002 garloff@suse.de - Update to gpg-1.0.7: See http://lists.gnupg.org/pipermail/gnupg-announce/2002q2/000251.html * Secret keys are now SHA-1 protected (protection against Rosa/ Klima attacks). --simple-sk-checksum disables this. * Default cipher now CAST5, hash SHA-1. * Symmetric encrypted messages use fixed file size if possible. (Improved compatibility with PGP2,6,7; breaks PGP5.) * Photographic user ID support (external viewer required). * Enhanced keyserver support via plugins (NAI LDAP, HKP email). * Support nonrevocable signatures (be careful!). * Multiple signature classes. * --pgp2,--pgp6 modes for messages to PGP2/6 users. * Signatures can have expiration date as well now. * Designated revocation keys supported (can not yet be generated though). * Permission checks for ~/.gnupg/ directory. * New tool gpgsplit. * Command "primary" in the edit menu to change primary UID. * RSA key generation supported. * Keyring managemanet reworked. * Signature status storage changed. (Use --rebuild-keydb-caches). * Key validation process (trustdb) reworked. See man page entries for --update-trustdb, --check-trustdb and - -no-auto-check-trustdb * Read-only keyrings now handled as expected. * Many more ... - Default RSA keysize to 1536 (instead of 1024) - Default Photo ID viewer to kview (instead of xloadimage) * Sat May 11 2002 garloff@suse.de - Add two patches for 1.0.6 from Werner Koch (for Woody): * RNG fix (non critical) * compatibility with keyrings produced with 1.0.6b or later * Mon Sep 10 2001 garloff@suse.de - Fixed typos in README.SuSE - Fix message telling user about allowed keysizes for the DSA case (bug #9295). * Thu May 31 2001 draht@suse.de - update to 1.0.6 to fix the do_get format string error ru locale is gone. * Fri May 18 2001 garloff@suse.de - Many more problems found and (partially) corrected in the translations (.po files) which could lead to similar trouble. - Disabled ru translations as they are too buggy for me to fix. * Wed May 16 2001 garloff@suse.de - Fix bug in tr locale triggered by gpg -v (bugzilla #8457) * Tue May 8 2001 garloff@suse.de - Put (commented out) encrypt-to option in options skeleton to help users finding a way to read their encrypted mail ... * Sun Apr 29 2001 garloff@suse.de - Update to 1.0.5: * Bugfixes and translations in addition to 1.0.4h changes. * Fri Apr 20 2001 garloff@suse.de - Update to gnupg-1.0.4h: * gpg could segfault on --check-sigs in fixup_uidnode, if either uid of sig are 0. * Thu Apr 12 2001 garloff@suse.de - Update to 1.0.4g: * includes the security patches (secret key import, detached signature checking) * More bugfixes * time.h fixes already included * Warn user if signing with invalid signature (which prevents the attack by altering the secret key) * Wed Feb 7 2001 pthomas@suse.de - If system supports LC_MESSAGES, set LC_CTYPE along with LC_MESSAGES. Required for correct i18n support in glibc2.2. - Include time.h where necessary. * Fri Dec 15 2000 garloff@suse.de - Include patch to require --allow-secret-key-import. Secret keys are no longer silently imported. * Wed Dec 6 2000 bk@suse.de - add /usr/lib/gnupg and /usr/share/gnupg to %%files(obsoletes /*'s) - doc: %%doc %%{_docdir}/gpg adds %%{_docdir}/gpg to %%files, marks everything below it as documentation(obsoletes other %%doc macros) * Fri Dec 1 2000 garloff@suse.de - Added gnupg-1.0.4.security-patch1.diff from GnuPG site: When checking detached signatures, gnupg could have been make believe that the sig file contains the text to be checked, so the real text would not have been checked :-( * Tue Oct 24 2000 garloff@suse.de - Put it as updates on ftp servers. * Mon Oct 23 2000 garloff@suse.de - Update to GnuPG-1.0.4: * GnuPG <= 1.0.3 did incorrectly report messages with multiple signatures to be correct, even if some sigs are not. Fixed. * Rijndael support. * gpgv binary to just check signatures. * Tue Sep 19 2000 garloff@suse.de - Update to GnuPG-1.0.3: Bugfixes: * --trusted-key option * expiration time of primary key can be changed again * display Revoked with --list-key (if appropriate) New features: * --merge-only, --try-all-secrets * Twofish and MDC support * faq.html and last but not least: * RSA support * Wed Aug 9 2000 garloff@suse.de - Update to 1.0.2 (Finally get rid of the devel version) - Updated README. * Sat Jun 17 2000 garloff@suse.de - Added tcl & expect to neededforbuild (needed for the checks) * Wed May 24 2000 garloff@suse.de - Disable DEVELOPMENT VERSION warning * Fri May 19 2000 garloff@suse.de - Added BuildRoot. * Fri May 19 2000 garloff@suse.de - Fixed usage of %%{_docdir} * Fri May 19 2000 garloff@suse.de - Update to 1.01e-SuSE. - Moved docs to %%{_docdir}. * Sat Mar 4 2000 garloff@suse.de - Fixed typo in german translation. - Version renamed to 1.0.1c-SuSE. * Sun Feb 27 2000 garloff@suse.de - Fixed perms of README.SuSE 755->644. * Tue Feb 22 2000 garloff@suse.de - Updated to 1.0.1c (test version) after a discussion with WK. Last workaround obsoleted by that. * Mon Feb 21 2000 garloff@suse.de - Turned a fatal error (gpg: 231: read expected rec type 3, got 6) into a warning. * Sat Feb 5 2000 garloff@suse.de - Moved manpages to /usr/share/man. * Wed Jan 5 2000 garloff@suse.de - Upgrade to version 1.0.1. * Wed Oct 13 1999 garloff@suse.de - Back to 1.0.0. Developers obviously don't want us to use devel versions. * Wed Oct 13 1999 garloff@suse.de - Upgrade to 1.0.0e. Fixed typos in README.SuSE. * Fri Sep 24 1999 garloff@suse.de - Fixed filelist. * Wed Sep 22 1999 garloff@suse.de - Upgraded to version 1.0.0. Updated source locations. Added README.SuSE. * Mon Sep 13 1999 bs@suse.de - ran old prepare_spec on spec file to switch to new prepare_spec. * Mon Aug 23 1999 garloff@suse.de - Initial check in of gpg-0.9.10 and pgpgpg-0.13
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor