svn commit: r506281 - head/security/gnupg
Adam Weinberger
adamw at FreeBSD.org
Tue Jul 9 15:54:44 UTC 2019
Author: adamw
Date: Tue Jul 9 15:54:43 2019
New Revision: 506281
URL: https://svnweb.freebsd.org/changeset/ports/506281
Log:
gnupg: Update to 2.2.17, with security fixes
* gpg: Ignore all key-signatures received from keyservers. This
change is required to mitigate a DoS due to keys flooded with
faked key-signatures. The old behaviour can be achieved by adding
keyserver-options no-self-sigs-only,no-import-clean
to your gpg.conf. [#4607]
* gpg: If an imported keyblocks is too large to be stored in the
keybox (pubring.kbx) do not error out but fallback to an import
using the options "self-sigs-only,import-clean". [#4591]
* gpg: New command --locate-external-key which can be used to
refresh keys from the Web Key Directory or via other methods
configured with --auto-key-locate.
* gpg: New import option "self-sigs-only".
* gpg: In --auto-key-retrieve prefer WKD over keyservers. [#4595]
* dirmngr: Support the "openpgpkey" subdomain feature from
draft-koch-openpgp-webkey-service-07. [#4590].
* dirmngr: Add an exception for the "openpgpkey" subdomain to the
CSRF protection. [#4603]
* dirmngr: Fix endless loop due to http errors 503 and 504. [#4600]
* dirmngr: Fix TLS bug during redirection of HKP requests. [#4566]
* gpgconf: Fix a race condition when killing components. [#4577]
Release-info: https://dev.gnupg.org/T4606
MFH: 2019Q3
Modified:
head/security/gnupg/Makefile
head/security/gnupg/distinfo
Modified: head/security/gnupg/Makefile
==============================================================================
--- head/security/gnupg/Makefile Tue Jul 9 12:21:12 2019 (r506280)
+++ head/security/gnupg/Makefile Tue Jul 9 15:54:43 2019 (r506281)
@@ -1,7 +1,7 @@
# $FreeBSD$
PORTNAME= gnupg
-PORTVERSION= 2.2.16
+PORTVERSION= 2.2.17
CATEGORIES= security
MASTER_SITES= GNUPG
Modified: head/security/gnupg/distinfo
==============================================================================
--- head/security/gnupg/distinfo Tue Jul 9 12:21:12 2019 (r506280)
+++ head/security/gnupg/distinfo Tue Jul 9 15:54:43 2019 (r506281)
@@ -1,3 +1,3 @@
-TIMESTAMP = 1559097348
-SHA256 (gnupg-2.2.16.tar.bz2) = 6cbe8d454bf5dc204621eed3016d721b66298fa95363395bb8eeceb1d2fd14cb
-SIZE (gnupg-2.2.16.tar.bz2) = 6699113
+TIMESTAMP = 1562687164
+SHA256 (gnupg-2.2.17.tar.bz2) = afa262868e39b651a2db4c071fba90415154243e83a830ca00516f9a807fd514
+SIZE (gnupg-2.2.17.tar.bz2) = 6717554
More information about the svn-ports-head
mailing list