Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.1
signing-party
signing-party.changes
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File signing-party.changes of Package signing-party
------------------------------------------------------------------- Fri May 3 11:46:01 UTC 2019 - Sebastian Wagner <sebix+novell.com@sebix.at> - Add patch cve-2019-11627.patch from https://salsa.debian.org/signing-party-team/signing-party/commit/cd69b6c0426a6160ef3de03fce9c7f112166d5a8 to fix CVE-2019-11627. ------------------------------------------------------------------- Sun Mar 17 20:08:02 UTC 2019 - Sebastian Wagner <sebix+novell.com@sebix.at> - replace broken URL in specfile ------------------------------------------------------------------- Sat Mar 16 14:36:52 UTC 2019 - Sebastian Wagner <sebix+novell.com@sebix.at> - update to version 2.9: * gpglist: + When --signer's argument is a long keyid or fingerprint, don't require the key to be present in the keyring. This enable filtering on unknown signing keys. + Don't choke on direct-key signatures. (Closes: #921331.) * gpgparticipants: + Improve quoting and replace `echo` with `printf`. + Avoid including subkey fingerprints when gpg.conf contains 'fingerprint'. - update to version 2.8: * keyart, gpgparticipants-prefill: port to python3. * keyart: + Don't print ASCII art for subkeys, only the master key. + Pass --no-auto-check-trustdb flag to gpg(1). + Fix crash with non-ASCII UIDs. Patch from Grégoire Detrez. * Fix a couple of spelling errors. Thanks to Edward Betts for the report and patch. (Closes: debian#882729) * caff: + Add the "only-sign-text-ids" to the list of gpg(1) options imported from ~/.gnupg/gpg.conf. + Ensure the terminal is "sane enough" when asking questions ('echo', 'echok', 'icanon', 'icrnl' settings are all set), and restore original settings when exit()'ing the program. (Closes: #872529) * caff, gpglist, gpgsigs: in `gpg --with-colons` output, allow signature class to be followed with an optional revocation reason. gpg(1) does that since 2.2.9. (Closes: #905097.) * caff, gpg-key2latex, gpg-key2ps, gpglist, gpgsigs, keylookup: Remove references to https://pgp-tools.alioth.debian.org/ . * caff, gpg-key2latex, gpg-key2ps, gpg-mailkeys, gpglist, gpgparticipants, gpgsigs, keylookup: Remove SVN keywords ($Id$, $Rev$, etc.) * sig2dot: Don't use the diamond operator. ------------------------------------------------------------------- Mon Feb 11 09:08:36 UTC 2019 - olaf@aepfle.de - apply conditionals also to filelist ------------------------------------------------------------------- Mon Feb 4 11:51:55 UTC 2019 - Ismail Dönmez <idonmez@suse.com> - Spec cleanup ------------------------------------------------------------------- Thu Jun 21 10:04:38 UTC 2018 - astieger@suse.com - update to 2.7: * gpg-key2ps: Add support for ECDH, ECDSA and EDDSA key types. * gpg-key2ps: Align key type & size listing to the GnuPG 2.1.x output (e.g., "rsa4096/DEADBEEF" instead of "4096R/DEADBEEF") * gpgsigs: Set UAT (jpeg photos) density to 90dpi so XeLaTeX doesn't complain that the image is too large ------------------------------------------------------------------- Mon Oct 9 09:54:16 UTC 2017 - astieger@suse.com - update to 2.6: * gpgsigs: Skip undefined UIDs. * gpgsigs: Properly handle (skip) unknown attributes. * gpgsigs: Allow digest hexadecimal characters to replace multiple '_' in the fill-in forms * gpglist: New option '--signer' to limit listed signers to the matching keys. ------------------------------------------------------------------- Wed Oct 26 06:34:34 UTC 2016 - astieger@suse.com - update to 2.5: * caff: Show how to set $ENV{'PERL_MAILERS'} to specify a sendmail binary (or use a sendmail-compatible MTA) * caff: Fix regression skipping --recv-key when 'keys-from-gnupg' isn't set. (Closes: #837406) * caff: List all UIDs contained in an email when asking whether to send it. * gpg-key2latex: Add an option '--qrcode-data' to specify the data to encode in a QR code (default: "OPENPGP4FPR:%f"). * gpg-key2ps: Fix revoked UID stroke slant with "-r strike". * gpg-key2ps: Ensure subkeys are hiden unless '--show-subkeys' is set. ------------------------------------------------------------------- Tue Sep 13 08:47:59 UTC 2016 - astieger@suse.com - update to 2.4: * caff, gpg-key2latex, gpgsigs: Ignore "KEY_CONSIDERED" status output emitted by gpg 2.1.13 and later. * caff, gpgsigs: Allow input produced by gpgparticipants(1) using gpg 2.1.13. With this version, key IDs are not displayed by default and the "Key fingerprint = " prefix is omitted. * caff: + Fix GnuPG version number comparison. + With GnuPG 2.1.13 or later, use gpgconf(1) to determine the socket paths. (It is not used on earlier gpg since earlier gpgconf do not support --homedir.) This fixes compatibility with GnuPG 2.1.13. + When ~/.caff/gnupghome/gpg.conf does not exist, instead of creating a temporary file (as it's done since signing-party 2.3), parse ~/.gnup/gpg.conf and pass the GnuPG options that are known to be safe (and useful) for caff to gpg(1) using command line options. This soves the problem of lingering configuration files in case caff is killed. + Use full fingerprints internally to avoid collisions. (However $CONFIG{'keyid'} and $CONFIG{'local-users'} are kept to 64-bits key IDs as per RFC 4880 full fingerprints are not available in key signatures, and thus not exposed by `gpg --with-colons --list-sigs`.) + Automatically import the $CONFIG{'also-encrypt-to'} from the normal GnuPGHOME when possible. ------------------------------------------------------------------- Sat Aug 27 11:58:34 UTC 2016 - mpluskal@suse.com - Rename pgpgring to avoid file conflict with mutt ------------------------------------------------------------------- Sat Jul 23 14:50:12 UTC 2016 - mpluskal@suse.com - Build also pgpring ------------------------------------------------------------------- Tue Jun 28 07:02:58 UTC 2016 - olaf@aepfle.de - Correct path to _defaultdocdir in caff(1) ------------------------------------------------------------------- Sun May 8 15:32:20 UTC 2016 - astieger@suse.com - update to 2.3: * caff: + Deprecate $CONFIG{'keyserver'}. Users of GnuPG <2.1 should put the option in caff's GnuPG configuration file (~/.caff/gnupghome/gpg.conf by default) instead. GnuPG 2.1 delegates network access to another process (dirmngr), hence for 2.1 the keyserver should be set in ~/.gnupg/dirmngr.conf instead. + When caff's own GnuPG configuration file (~/.caff/gnupghome/gpg.conf) does not exist, automatically generate it with the GnuPG options found in ~/.gnup/gpg.conf that are known to be safe (and useful) for caff. This includes "keyserver", "keyserver-options", "ask-cert-level" and "cert-digest-algo" (among many others). Hence in the absence of its own GnuPG configuration file caff now uses the certification options from the user's GnuPG configuration file. + Perl < 5.20 compatibiliey (drop caff-perl_5.18_compatibility.patch) * gpgsigs, gpg-key2latex: + Use "Noto Mono" as default font when compiling with XeLaTeX or LuaLaTeX; and "Noto Sans Mono CJK" as CJK font when compiling with XeLaTeX. * gpg-key2latex: + Don't show capabilities of the entire key when --show-subkeys is set. (Instead, the capabilities of the master key and each subkey are shown independently in uppercase.) + Enclose (sub)key capabilities in square brackets, to match GnuPG 2.1.11+'s output. + For ECDH, ECDSA, EDDSA (sub)keys, show the curve name instead of the public key algorithm and length. This matches GnuPG 2.1.x's output. + The master key's fingerprint was incorrectly set to the last unusable (eg, expired or revoked) subkey fingerprint, if any. (Closes: #815721) * keyart: + Print the public key algorithm and length as shown by GnuPG 2.1 (e.g., "rsa4096" instead of "4096R"); for ECDH, ECDSA and EDDSA keys, show the curve name instead. ------------------------------------------------------------------- Tue Dec 15 02:10:43 UTC 2015 - astieger@suse.com - update to 2.2: * caff: + "gpgparticipants"-formated input: accept key blocks not starting with a number such as [x] Fingerprint(s) OK [x] ID OK This makes caff able to process the Debconf 15 KSP file. * gpglist: + Don't prune revoked UIDs with a subsequent selfsig. + Add an option '--show-revoked' to show revoked UIDs. + Mention in the manpage that the path to the gpg binary is taken from the GNUPGBIN environment variable, if defined. ------------------------------------------------------------------- Fri Nov 27 08:25:29 UTC 2015 - astieger@suse.com - Require srm ------------------------------------------------------------------- Thu Nov 26 21:34:56 UTC 2015 - vcizek@suse.com - fix an incompatibility with perl 5.18 (boo#955986) * caff 2.x is using hash slices which were introduced in Perl 5.20 * added caff-perl_5.18_compatibility.patch ------------------------------------------------------------------- Sat Aug 22 21:26:21 UTC 2015 - astieger@suse.com - update to 2.1: * caff: + Only consider non-expired/invalid/revoked keys and UIDs when generating the caffrc. + Proper RFC 5322 validation of email addresses. + Prefix the signature by "-- \n" in the email template. + Automatically mkdir ~/.caff if it doesn't exit. ------------------------------------------------------------------- Mon Jun 22 10:45:24 UTC 2015 - astieger@suse.com - update to 2.0 [boo#918402] * caff: + Fix broken compatibility with GnuPG 2.1 (2.1.3 and later only) + Default $CONFIG{'local-user'} to $CONFIG{'keyid'} rather than importing the public part of *all* keys found in the secret keyring. + error output handling improvements + Add a --debug flag to enable debug messages. + Send attachements and non RFC 2822 UIDs to *all* signed addresses, not only those for which the UID is exported. This is useful when the signee has some already signed RFC 2822 UIDs and a freshly added attribute, for instance. + color ouput ($CONFIG{colors}) + Prune keys with import-{clean,minimal} not export-{clean,minimal}. + Fix $CONFIG{'also-lsign-in-gnupghome'}: local signatures are directly imported from caff's GNUPGHOME to our own; in auto-lsign'ing mode, lsign UID for which we have an exportable signature (preserving the signer and cert level). + Pass the 'keyserver-options' specified in ~/.gnupg/gpg.conf to $CONFIG{keyserver} when it is left unset. * gpgsigs: + Add a legend with the different signature types. + Mark local signatures as 'L' (formerly they were marked as 'S'), and expiring -- but not expired -- signatures as 'x'. * caff, pgp-clean, pgp-fixkey, gpg-key2latex, gpg-key2ps, gpg-mailkeys, gpgdir, gpgparticipants, gpgsigs, keyart, keylookup: + Add the possibility to choose the gpg binary via the "GNUPGBIN" environment variable. (Default: "gpg".) ------------------------------------------------------------------- Wed Feb 18 13:31:10 UTC 2015 - meissner@suse.com - require new perl module in 1.1.12 perl-Net-IDN-Encode ------------------------------------------------------------------- Wed Feb 18 12:26:26 UTC 2015 - astieger@suse.com - signing-party 1.1.12: * new keyart command * new options and commands * bug and compatibility fixes ------------------------------------------------------------------- Sat Jan 5 11:28:44 UTC 2013 - joop.boonen@opensuse.org - Corrected the Url that links to the main page ------------------------------------------------------------------- Thu Mar 22 14:42:18 UTC 2012 - cfarrell@suse.com - license update: GPL-2.0+ Various Open Source Licenses is not acceptable as a spec file license. For this package, GPL-2.0+ seems to be the most accurate license choice ------------------------------------------------------------------- Wed Mar 14 16:56:24 UTC 2012 - joop.boonen@opensuse.org - Build version 1.1.4 * gpg-key2ps: + Apply patch from Uwe Kleine-König to deal with latin1 characters * gpg-mailkeys: + Correct path of ~/.gpg-mailkeysrc and ~/.signature in manpage. + Add new environment variable SENDMAIL_ARGS to allow user to pass arguments to sendmail * caff: + Correct path of ~/.caffrc in informational messages + Be more verbose on unexpected key ID + Refactor import of own key and import for keys to sign from keyrings. + Also automatically import keys to sign from the user's normal gpg keyrings. + Use --no-auto-check-trustdb when importing keys from files or the user's normal gpg keyrings + manpage: Refer to all of /usr/share/doc/signing-party/caff/ and not just to /usr/share/doc/signing-party/caff/caffrc.sample + Fix horrible &function calls used because of broken prototypes. + Even if all keys to sign were found in the user's normal gpg keyrings we still need to import them (again) from any keyrings passed with --key-files - the keys there might be newer, containing new subkeys (for encryption), uids (for signing) or revocations. + Make importing of keys to be signed from the normal gpg optional (--keys-from-gnupg). + refactor copying of command line options into global config variable. + Create the mail files in ~/.caff/keys even if mail is not sent ------------------------------------------------------------------- Wed Oct 12 14:50:52 UTC 2011 - aj@suse.de - Fix caff manpage (bnc#722626) - Run spec file through spec-cleaner ------------------------------------------------------------------- Tue Oct 26 09:00:39 UTC 2010 - aj@suse.de - Make package noarch. ------------------------------------------------------------------- Tue Jun 29 00:00:01 CEST 2010 - joop.boonen@opensuse.org - Build version 1.1.3 ------------------------------------------------------------------- Sat Sep 19 21:03:52 CEST 2009 - aj@suse.de - Fix Requires. ------------------------------------------------------------------- Wed Aug 12 15:35:36 CEST 2009 - aj@suse.de - Update to version 1.1.1. - Many bugfixes. - New tools: keyanalyze, sig2dot, springgraph. - Drop keylookup. ------------------------------------------------------------------- Sat Mar 3 19:20:03 CET 2007 - aj@suse.de - Add missing requires for caff. - Update to version 0.4.9. ------------------------------------------------------------------- Wed Sep 13 09:43:45 CEST 2006 - aj@suse.de - Initial package.
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor