ports/122348: [patch] Upgrade security/gnupg1 to 1.4.9

Nick Barkas snb at threerings.net
Tue Apr 1 18:30:02 UTC 2008 

>Number:         122348
>Category:       ports
>Synopsis:       [patch] Upgrade security/gnupg1 to 1.4.9
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          update
>Submitter-Id:   current-users
>Arrival-Date:   Tue Apr 01 18:30:02 UTC 2008
>Closed-Date:
>Last-Modified:
>Originator:     Nick Barkas
>Release:        FreeBSD 6.2-RELEASE-p11 i386
>Organization:
Three Rings Design, Inc.
>Environment:
System: FreeBSD mail1.earth.threerings.net 6.2-RELEASE-p11 FreeBSD 6.2-RELEASE-p11 #0: Wed Feb 13 07:00:04 UTC 2008 root at i386-builder.daemonology.net:/usr/obj/usr/src/sys/SMP i386
>Description:
This is just a patch to update the security/gnupg1 port to the latest version,
which fixes a possible security vulnerability involving memory corruption from
importing malicious keys.
>How-To-Repeat:
>Fix:
--- gnupg1.patch begins here ---
diff -urN gnupg1.orig/Makefile gnupg1/Makefile
--- gnupg1.orig/Makefile	Sat Jan 12 00:53:44 2008
+++ gnupg1/Makefile	Tue Apr  1 10:47:02 2008
@@ -6,7 +6,7 @@
 #
 
 PORTNAME=	gnupg
-PORTVERSION=	1.4.8
+PORTVERSION=	1.4.9
 CATEGORIES=	security
 MASTER_SITES=	${MASTER_SITE_GNUPG}
 MASTER_SITE_SUBDIR=	gnupg
diff -urN gnupg1.orig/distinfo gnupg1/distinfo
--- gnupg1.orig/distinfo	Sat Jan 12 00:53:44 2008
+++ gnupg1/distinfo	Tue Apr  1 10:52:07 2008
@@ -1,6 +1,6 @@
-MD5 (gnupg-1.4.8.tar.bz2) = e5be39ea81bb07de006e7dd44439cb76
-SHA256 (gnupg-1.4.8.tar.bz2) = 119d2574deafe8c2d4444e53051ebad215d375f94f29c520ff891275f14e006c
-SIZE (gnupg-1.4.8.tar.bz2) = 3320100
-MD5 (gnupg-1.4.8.tar.bz2.sig) = 66089a7c49e3436803d4bdef7e51b775
-SHA256 (gnupg-1.4.8.tar.bz2.sig) = 10848cd421d257b3963635f68dbf154f303ca6d7e3c263902b49902a6057279d
-SIZE (gnupg-1.4.8.tar.bz2.sig) = 158
+MD5 (gnupg-1.4.9.tar.bz2) = cc52393087480ac8d245625004a6a30c
+SHA256 (gnupg-1.4.9.tar.bz2) = 3ca5abcd93eeed4ed832995463db3308bfa552a072ef86fab4940e195fab06dd
+SIZE (gnupg-1.4.9.tar.bz2) = 3328743
+MD5 (gnupg-1.4.9.tar.bz2.sig) = c1dbb1e28502593635bf0349b74ca33a
+SHA256 (gnupg-1.4.9.tar.bz2.sig) = 8d325632b0bb1e2abaff84be67295ad64d12ff38e2bc7a183ae1cb90cbf739ad
+SIZE (gnupg-1.4.9.tar.bz2.sig) = 158
diff -urN gnupg1.orig/pkg-plist gnupg1/pkg-plist
--- gnupg1.orig/pkg-plist	Sat May 19 13:22:31 2007
+++ gnupg1/pkg-plist	Tue Apr  1 11:06:37 2008
@@ -2,11 +2,13 @@
 bin/gpg-zip
 bin/gpgsplit
 bin/gpgv
+%%NLS%%lib/charset.alias
 %%WITH_LDAP%%libexec/gnupg/gpgkeys_ldap
 libexec/gnupg/gpgkeys_curl
 libexec/gnupg/gpgkeys_finger
 libexec/gnupg/gpgkeys_hkp
 @dirrm libexec/gnupg
+%%NLS%%share/locale/locale.alias
 %%NLS%%share/locale/be/LC_MESSAGES/gnupg.mo
 %%NLS%%share/locale/ca/LC_MESSAGES/gnupg.mo
 %%NLS%%share/locale/cs/LC_MESSAGES/gnupg.mo
--- gnupg1.patch ends here ---


>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-ports-bugs mailing list