* [Buildroot] [PATCH 1/5] package/libgpg-error: bump to version 1.42
@ 2021-06-21 5:47 Fabrice Fontaine
2021-06-21 5:47 ` [Buildroot] [PATCH 2/5] package/libgcrypt: security bump to version 1.9.3 Fabrice Fontaine
` (4 more replies)
0 siblings, 5 replies; 7+ messages in thread
From: Fabrice Fontaine @ 2021-06-21 5:47 UTC (permalink / raw)
To: buildroot
Drop patch (not needed since
https://dev.gnupg.org/rE1fb90a7da186ee2ee098a666f6f3a35bb1720e59)
https://dev.gnupg.org/T5194
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
---
.../0001-build-Fix-disable-threads.patch | 39 ++++++++++++++
...nfigure.ac-fix-build-without-threads.patch | 54 -------------------
package/libgpg-error/libgpg-error.hash | 6 +--
package/libgpg-error/libgpg-error.mk | 4 +-
4 files changed, 43 insertions(+), 60 deletions(-)
create mode 100644 package/libgpg-error/0001-build-Fix-disable-threads.patch
delete mode 100644 package/libgpg-error/0001-configure.ac-fix-build-without-threads.patch
diff --git a/package/libgpg-error/0001-build-Fix-disable-threads.patch b/package/libgpg-error/0001-build-Fix-disable-threads.patch
new file mode 100644
index 0000000000..2d101aad9b
--- /dev/null
+++ b/package/libgpg-error/0001-build-Fix-disable-threads.patch
@@ -0,0 +1,39 @@
+From 220a427b4f997ef6af1b2d4e82ef1dc96e0cd6ff Mon Sep 17 00:00:00 2001
+From: NIIBE Yutaka <gniibe@fsij.org>
+Date: Mon, 21 Jun 2021 12:16:20 +0900
+Subject: [PATCH] build: Fix --disable-threads.
+
+* src/gen-lock-obj.sh: Fix generating '}}}'.
+
+--
+
+GnuPG-bug-id: 5495
+Reported-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+Fixes-commit: 1fb90a7da186ee2ee098a666f6f3a35bb1720e59
+Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
+[Retrieved from:
+https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgpg-error.git;a=commit;h=220a427b4f997ef6af1b2d4e82ef1dc96e0cd6ff]
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+---
+ src/gen-lock-obj.sh | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/gen-lock-obj.sh b/src/gen-lock-obj.sh
+index 258eec6..014667f 100755
+--- a/src/gen-lock-obj.sh
++++ b/src/gen-lock-obj.sh
+@@ -121,10 +121,10 @@ while test "$i" -lt $ac_mtx_size; do
+ fi
+ i=$(( i + 1 ))
+ done
++echo '}}}'
+ fi
+
+ cat <<'EOF'
+-}}}
+ ##
+ ## Local Variables:
+ ## mode: c
+--
+2.11.0
+
diff --git a/package/libgpg-error/0001-configure.ac-fix-build-without-threads.patch b/package/libgpg-error/0001-configure.ac-fix-build-without-threads.patch
deleted file mode 100644
index 5f5147e0df..0000000000
--- a/package/libgpg-error/0001-configure.ac-fix-build-without-threads.patch
+++ /dev/null
@@ -1,54 +0,0 @@
-From 77c89f62f106d88ef2b5963f4a13755c337c793d Mon Sep 17 00:00:00 2001
-From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
-Date: Mon, 15 Feb 2021 07:56:29 +0100
-Subject: [PATCH] configure.ac: fix build without threads
-
-Cross-compilation of libgpg-error fails on toolchain without threads
-since commit 988211d3d4c1f3d5cfa6b460210f65ab636763b5,
-9ee011259f819a3cf50fe7019fa4366dbc437e0e and
-50e62b36ea01ed25d12c443088b85d4f41a2b3e1
-
-Indeed, since that time, libgpg-error assumes that pthread.h is always
-available resulting in the following error at configure time:
-
-checking for arm-unknown-linux-gnueabi-objdump... (cached) /tmp/instance-1/output-1/host/bin/arm-linux-objdump
-conftest.c:1:10: fatal error: pthread.h: No such file or directory
- 1 | #include <pthread.h>
- | ^~~~~~~~~~~
-compilation terminated.
-configure: generated src/lock-obj-pub.native.h using arm-unknown-linux-gnueabi-objdump and gawk
-checking whether to enable log_clock... no
-
-This error will in turn results in a build failure because
-"Can't determine mutex size" is echoed by gen-lock-obj.sh:
-
-In file included from strsource-sym.c:27:
-./gpg-error.h:1115:4: warning: missing terminating ' character
- 1115 | Can't determine mutex size
- | ^
-
-Full build log:
-http://autobuild.buildroot.org/results/334/3344c96e5627a9327b0eabe0b27f34490bbabc0d/build-end.log
-
-Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
-[Upstream status: https://dev.gnupg.org/T5296]
----
- configure.ac | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/configure.ac b/configure.ac
-index b9a2a3e..15d9fdc 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -599,7 +599,7 @@ if test x$cross_compiling = xyes; then
- case $host in
- *-*-linux*)
- AC_CHECK_TOOL(OBJDUMP, [objdump])
-- if test -n "$OBJDUMP"; then
-+ if test -n "$OBJDUMP" -a x"$gl_use_threads" != xno; then
- lock_obj_h_generated=yes
- if test ! -d src; then mkdir src; fi
- LOCK_ABI_VERSION=1 host=$host host_alias=$host_alias \
---
-2.30.0
-
diff --git a/package/libgpg-error/libgpg-error.hash b/package/libgpg-error/libgpg-error.hash
index 315c0965cf..4e124941cd 100644
--- a/package/libgpg-error/libgpg-error.hash
+++ b/package/libgpg-error/libgpg-error.hash
@@ -1,10 +1,10 @@
# From https://www.gnupg.org/download/integrity_check.html
-sha1 66d6270511a48bac0bf347330e7a12c62f3a1ab4 libgpg-error-1.41.tar.bz2
+sha1 5e620d71fc24d287a7ac2460b1d819074bb8b9bb libgpg-error-1.42.tar.bz2
# Locally calculated after checking pgp signature
-# https://gnupg.org/ftp/gcrypt/libgpg-error/libgpg-error-1.41.tar.bz2.sig
+# https://gnupg.org/ftp/gcrypt/libgpg-error/libgpg-error-1.42.tar.bz2.sig
# using key D8692123C4065DEA5E0F3AB5249B39D24F25E3B6
-sha256 64b078b45ac3c3003d7e352a5e05318880a5778c42331ce1ef33d1a0d9922742 libgpg-error-1.41.tar.bz2
+sha256 fc07e70f6c615f8c4f590a8e37a9b8dd2e2ca1e9408f8e60459c67452b925e23 libgpg-error-1.42.tar.bz2
# Locally calculated
sha256 231f7edcc7352d7734a96eef0b8030f77982678c516876fcb81e25b32d68564c COPYING
sha256 a9bdde5616ecdd1e980b44f360600ee8783b1f99b8cc83a2beb163a0a390e861 COPYING.LIB
diff --git a/package/libgpg-error/libgpg-error.mk b/package/libgpg-error/libgpg-error.mk
index 1b35e5c8f0..babcbdaded 100644
--- a/package/libgpg-error/libgpg-error.mk
+++ b/package/libgpg-error/libgpg-error.mk
@@ -4,7 +4,7 @@
#
################################################################################
-LIBGPG_ERROR_VERSION = 1.41
+LIBGPG_ERROR_VERSION = 1.42
LIBGPG_ERROR_SITE = https://www.gnupg.org/ftp/gcrypt/libgpg-error
LIBGPG_ERROR_SOURCE = libgpg-error-$(LIBGPG_ERROR_VERSION).tar.bz2
LIBGPG_ERROR_LICENSE = GPL-2.0+, LGPL-2.1+
@@ -15,8 +15,6 @@ LIBGPG_ERROR_CONFIG_SCRIPTS = gpg-error-config
LIBGPG_ERROR_DEPENDENCIES = $(TARGET_NLS_DEPENDENCIES)
LIBGPG_ERROR_CONF_OPTS = --disable-tests \
--host=$(BR2_PACKAGE_LIBGPG_ERROR_SYSCFG)
-# We're patching configure.ac
-LIBGPG_ERROR_AUTORECONF= YES
ifeq ($(BR2_TOOLCHAIN_HAS_THREADS),y)
LIBGPG_ERROR_CONF_OPTS += --enable-threads
--
2.30.2
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [Buildroot] [PATCH 2/5] package/libgcrypt: security bump to version 1.9.3
2021-06-21 5:47 [Buildroot] [PATCH 1/5] package/libgpg-error: bump to version 1.42 Fabrice Fontaine
@ 2021-06-21 5:47 ` Fabrice Fontaine
2021-07-13 21:39 ` Peter Korsgaard
2021-06-21 5:47 ` [Buildroot] [PATCH 3/5] package/libksba: bump to version 1.6.0 Fabrice Fontaine
` (3 subsequent siblings)
4 siblings, 1 reply; 7+ messages in thread
From: Fabrice Fontaine @ 2021-06-21 5:47 UTC (permalink / raw)
To: buildroot
Fix CVE-2021-33560: Libgcrypt before 1.8.8 and 1.9.x before 1.9.3
mishandles ElGamal encryption because it lacks exponent blinding to
address a side-channel attack against mpi_powm, and the window size is
not chosen appropriately. (There is also an interoperability problem
because the selection of the k integer value does not properly consider
the differences between basic ElGamal encryption and generalized ElGamal
encryption.) This, for example, affects use of ElGamal in OpenPGP.
https://dev.gnupg.org/T5305
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
---
package/libgcrypt/libgcrypt.hash | 6 +++---
package/libgcrypt/libgcrypt.mk | 2 +-
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/package/libgcrypt/libgcrypt.hash b/package/libgcrypt/libgcrypt.hash
index 978ec8b294..26ec492e10 100644
--- a/package/libgcrypt/libgcrypt.hash
+++ b/package/libgcrypt/libgcrypt.hash
@@ -1,7 +1,7 @@
# From https://www.gnupg.org/download/integrity_check.html
-sha1 29bd5d0a8f674d4521167dd518ef99b26d1e8f27 libgcrypt-1.9.2.tar.bz2
+sha1 6b18f453fee677078586279d96fb88e5df7b3f35 libgcrypt-1.9.3.tar.bz2
# Locally calculated after checking signature
-# https://gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-1.9.2.tar.bz2.sig
+# https://gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-1.9.3.tar.bz2.sig
# using key D8692123C4065DEA5E0F3AB5249B39D24F25E3B6
-sha256 b2c10d091513b271e47177274607b1ffba3d95b188bbfa8797f948aec9053c5a libgcrypt-1.9.2.tar.bz2
+sha256 97ebe4f94e2f7e35b752194ce15a0f3c66324e0ff6af26659bbfb5ff2ec328fd libgcrypt-1.9.3.tar.bz2
sha256 ca0061fc1381a3ab242310e4b3f56389f28e3d460eb2fd822ed7a21c6f030532 COPYING.LIB
diff --git a/package/libgcrypt/libgcrypt.mk b/package/libgcrypt/libgcrypt.mk
index 9c1cd32acb..26be5d2f49 100644
--- a/package/libgcrypt/libgcrypt.mk
+++ b/package/libgcrypt/libgcrypt.mk
@@ -4,7 +4,7 @@
#
################################################################################
-LIBGCRYPT_VERSION = 1.9.2
+LIBGCRYPT_VERSION = 1.9.3
LIBGCRYPT_SOURCE = libgcrypt-$(LIBGCRYPT_VERSION).tar.bz2
LIBGCRYPT_LICENSE = LGPL-2.1+
LIBGCRYPT_LICENSE_FILES = COPYING.LIB
--
2.30.2
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [Buildroot] [PATCH 3/5] package/libksba: bump to version 1.6.0
2021-06-21 5:47 [Buildroot] [PATCH 1/5] package/libgpg-error: bump to version 1.42 Fabrice Fontaine
2021-06-21 5:47 ` [Buildroot] [PATCH 2/5] package/libgcrypt: security bump to version 1.9.3 Fabrice Fontaine
@ 2021-06-21 5:47 ` Fabrice Fontaine
2021-06-21 5:47 ` [Buildroot] [PATCH 4/5] package/libassuan: bump to version 2.5.5 Fabrice Fontaine
` (2 subsequent siblings)
4 siblings, 0 replies; 7+ messages in thread
From: Fabrice Fontaine @ 2021-06-21 5:47 UTC (permalink / raw)
To: buildroot
Update hash of AUTHORS file (update in year:
https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libksba.git;a=commitdiff;h=1015bea2f8a55b965dee29e17118bc73c2deca39)
https://dev.gnupg.org/T5479
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
---
package/libksba/libksba.hash | 4 ++--
package/libksba/libksba.mk | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/package/libksba/libksba.hash b/package/libksba/libksba.hash
index c8c9d6bdd7..422048be5f 100644
--- a/package/libksba/libksba.hash
+++ b/package/libksba/libksba.hash
@@ -1,8 +1,8 @@
# Locally calculated after checking pgp signature
-sha256 ae4af129216b2d7fdea0b5bf2a788cd458a79c983bb09a43f4d525cc87aba0ba libksba-1.5.0.tar.bz2
+sha256 dad683e6f2d915d880aa4bed5cea9a115690b8935b78a1bbe01669189307a48b libksba-1.6.0.tar.bz2
# Hash for license files:
-sha256 4d7ff8486176da695f3c81da2ac7ce1b9e5331e0a1667d9ebfe44057088a4220 AUTHORS
+sha256 8f1b87e551d97b2b23b6d3403a5d598c63ea89824cb8ee351f631f6cab2beaa5 AUTHORS
sha256 6197b98c6bf69838c624809c509d84333de1bc847155168c0e84527446a27076 COPYING
sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 COPYING.GPLv2
sha256 0abbff814cd00e2b0b6d08395af2b419c1a92026c4b4adacbb65ccda45fa58cf COPYING.GPLv3
diff --git a/package/libksba/libksba.mk b/package/libksba/libksba.mk
index bb02391a38..ca5fc1d749 100644
--- a/package/libksba/libksba.mk
+++ b/package/libksba/libksba.mk
@@ -4,7 +4,7 @@
#
################################################################################
-LIBKSBA_VERSION = 1.5.0
+LIBKSBA_VERSION = 1.6.0
LIBKSBA_SOURCE = libksba-$(LIBKSBA_VERSION).tar.bz2
LIBKSBA_SITE = ftp://ftp.gnupg.org/gcrypt/libksba
LIBKSBA_LICENSE = LGPL-3.0+ or GPL-2.0+ (library, headers), GPL-3.0+ (manual, tests, build system)
--
2.30.2
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [Buildroot] [PATCH 4/5] package/libassuan: bump to version 2.5.5
2021-06-21 5:47 [Buildroot] [PATCH 1/5] package/libgpg-error: bump to version 1.42 Fabrice Fontaine
2021-06-21 5:47 ` [Buildroot] [PATCH 2/5] package/libgcrypt: security bump to version 1.9.3 Fabrice Fontaine
2021-06-21 5:47 ` [Buildroot] [PATCH 3/5] package/libksba: bump to version 1.6.0 Fabrice Fontaine
@ 2021-06-21 5:47 ` Fabrice Fontaine
2021-06-21 5:47 ` [Buildroot] [PATCH 5/5] package/gnupg2: bump to version 2.2.28 Fabrice Fontaine
2021-07-03 21:13 ` [Buildroot] [PATCH 1/5] package/libgpg-error: bump to version 1.42 Thomas Petazzoni
4 siblings, 0 replies; 7+ messages in thread
From: Fabrice Fontaine @ 2021-06-21 5:47 UTC (permalink / raw)
To: buildroot
https://dev.gnupg.org/T5354
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
---
package/libassuan/libassuan.hash | 6 +++---
package/libassuan/libassuan.mk | 2 +-
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/package/libassuan/libassuan.hash b/package/libassuan/libassuan.hash
index 3506b4f858..c817a3af63 100644
--- a/package/libassuan/libassuan.hash
+++ b/package/libassuan/libassuan.hash
@@ -1,8 +1,8 @@
# From https://www.gnupg.org/download/integrity_check.html
-sha1 55a35918e95566ef94e8843879a7dd3f87de3781 libassuan-2.5.4.tar.bz2
+sha1 ec4f67c0117ccd17007c748a392ded96dc1b1ae9 libassuan-2.5.5.tar.bz2
# Locally calculated after checking signature
-# https://www.gnupg.org/ftp/gcrypt/libassuan/libassuan-2.5.4.tar.bz2.sig
+# https://www.gnupg.org/ftp/gcrypt/libassuan/libassuan-2.5.5.tar.bz2.sig
# using key D8692123C4065DEA5E0F3AB5249B39D24F25E3B6
-sha256 c080ee96b3bd519edd696cfcebdecf19a3952189178db9887be713ccbcb5fbf0 libassuan-2.5.4.tar.bz2
+sha256 8e8c2fcc982f9ca67dcbb1d95e2dc746b1739a4668bc20b3a3c5be632edb34e4 libassuan-2.5.5.tar.bz2
sha256 a9bdde5616ecdd1e980b44f360600ee8783b1f99b8cc83a2beb163a0a390e861 COPYING.LIB
sha256 fc82ca8b6fdb18d4e3e85cfd8ab58d1bcd3f1b29abe782895abd91d64763f8e7 COPYING
diff --git a/package/libassuan/libassuan.mk b/package/libassuan/libassuan.mk
index 8b618197f9..f98c13b59f 100644
--- a/package/libassuan/libassuan.mk
+++ b/package/libassuan/libassuan.mk
@@ -4,7 +4,7 @@
#
################################################################################
-LIBASSUAN_VERSION = 2.5.4
+LIBASSUAN_VERSION = 2.5.5
LIBASSUAN_SITE = ftp://ftp.gnupg.org/gcrypt/libassuan
LIBASSUAN_SOURCE = libassuan-$(LIBASSUAN_VERSION).tar.bz2
LIBASSUAN_LICENSE = LGPL-2.1+ (library), GPL-3.0 (tests, doc)
--
2.30.2
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [Buildroot] [PATCH 5/5] package/gnupg2: bump to version 2.2.28
2021-06-21 5:47 [Buildroot] [PATCH 1/5] package/libgpg-error: bump to version 1.42 Fabrice Fontaine
` (2 preceding siblings ...)
2021-06-21 5:47 ` [Buildroot] [PATCH 4/5] package/libassuan: bump to version 2.5.5 Fabrice Fontaine
@ 2021-06-21 5:47 ` Fabrice Fontaine
2021-07-03 21:13 ` [Buildroot] [PATCH 1/5] package/libgpg-error: bump to version 1.42 Thomas Petazzoni
4 siblings, 0 replies; 7+ messages in thread
From: Fabrice Fontaine @ 2021-06-21 5:47 UTC (permalink / raw)
To: buildroot
https://dev.gnupg.org/T5153
https://dev.gnupg.org/T5234
https://dev.gnupg.org/T5482
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
---
...dirmngr-Fix-build-with--disable-ldap.patch | 43 +++++++++++++++++++
package/gnupg2/gnupg2.hash | 8 ++--
package/gnupg2/gnupg2.mk | 2 +-
3 files changed, 48 insertions(+), 5 deletions(-)
create mode 100644 package/gnupg2/0001-dirmngr-Fix-build-with--disable-ldap.patch
diff --git a/package/gnupg2/0001-dirmngr-Fix-build-with--disable-ldap.patch b/package/gnupg2/0001-dirmngr-Fix-build-with--disable-ldap.patch
new file mode 100644
index 0000000000..fbdd7fa4a7
--- /dev/null
+++ b/package/gnupg2/0001-dirmngr-Fix-build-with--disable-ldap.patch
@@ -0,0 +1,43 @@
+From c6900f5723b4edc899aaea267ed599b5ad724142 Mon Sep 17 00:00:00 2001
+From: NIIBE Yutaka <gniibe@fsij.org>
+Date: Fri, 11 Jun 2021 10:30:02 +0900
+Subject: [PATCH] dirmngr: Fix build with --disable-ldap.
+
+* dirmngr/dirmngr.c (parse_rereadable_options) [USE_LDAP]:
+Conditionalize.
+
+--
+
+Reported-by: Phil Pennock
+Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
+(cherry picked from commit c8b2162c0e7eb42b74811b7ed225fa0f56be4083)
+[Retrieved from:
+https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=c6900f5723b4edc899aaea267ed599b5ad724142]
+Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
+---
+ dirmngr/dirmngr.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/dirmngr/dirmngr.c b/dirmngr/dirmngr.c
+index 915e0e601..330983f3f 100644
+--- a/dirmngr/dirmngr.c
++++ b/dirmngr/dirmngr.c
+@@ -770,6 +770,7 @@ parse_rereadable_options (gpgrt_argparse_t *pargs, int reread)
+ case oRecursiveResolver: enable_recursive_resolver (1); break;
+
+ case oLDAPServer:
++#if USE_LDAP
+ {
+ ldap_server_t server;
+ char *p;
+@@ -791,6 +792,7 @@ parse_rereadable_options (gpgrt_argparse_t *pargs, int reread)
+ opt.ldapservers = server;
+ }
+ }
++#endif
+ break;
+
+ case oKeyServer:
+--
+2.11.0
+
diff --git a/package/gnupg2/gnupg2.hash b/package/gnupg2/gnupg2.hash
index 2b376ea0b5..023ec9bb1e 100644
--- a/package/gnupg2/gnupg2.hash
+++ b/package/gnupg2/gnupg2.hash
@@ -1,7 +1,7 @@
-# From https://lists.gnupg.org/pipermail/gnupg-announce/2020q4/000450.html
-sha1 074b21dd07419575fa31c0c5d3116596d5544cbd gnupg-2.2.25.tar.bz2
+# From https://lists.gnupg.org/pipermail/gnupg-announce/2021q2/000460.html
+sha1 5f92b7b32d594cf21ea2b48cdaa2e460daccd6e3 gnupg-2.2.28.tar.bz2
# Calculated based on the hash above and signature
-# https://gnupg.org/ftp/gcrypt/gnupg/gnupg-2.2.25.tar.bz2.sig
+# https://gnupg.org/ftp/gcrypt/gnupg/gnupg-2.2.28.tar.bz2.sig
# using key D8692123C4065DEA5E0F3AB5249B39D24F25E3B6
-sha256 c55307b247af4b6f44d2916a25ffd1fb64ce2e509c3c3d028dbe7fbf309dc30a gnupg-2.2.25.tar.bz2
+sha256 6ff891fc7583a9c3fb9f097ee0d1de0a12469d4b53997e7ba5064950637dfaec gnupg-2.2.28.tar.bz2
sha256 bc2d6664f6276fa0a72d57633b3ae68dc7dcb677b71018bf08c8e93e509f1357 COPYING
diff --git a/package/gnupg2/gnupg2.mk b/package/gnupg2/gnupg2.mk
index 2f62890db6..6bd957683b 100644
--- a/package/gnupg2/gnupg2.mk
+++ b/package/gnupg2/gnupg2.mk
@@ -4,7 +4,7 @@
#
################################################################################
-GNUPG2_VERSION = 2.2.25
+GNUPG2_VERSION = 2.2.28
GNUPG2_SOURCE = gnupg-$(GNUPG2_VERSION).tar.bz2
GNUPG2_SITE = https://gnupg.org/ftp/gcrypt/gnupg
GNUPG2_LICENSE = GPL-3.0+
--
2.30.2
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [Buildroot] [PATCH 1/5] package/libgpg-error: bump to version 1.42
2021-06-21 5:47 [Buildroot] [PATCH 1/5] package/libgpg-error: bump to version 1.42 Fabrice Fontaine
` (3 preceding siblings ...)
2021-06-21 5:47 ` [Buildroot] [PATCH 5/5] package/gnupg2: bump to version 2.2.28 Fabrice Fontaine
@ 2021-07-03 21:13 ` Thomas Petazzoni
4 siblings, 0 replies; 7+ messages in thread
From: Thomas Petazzoni @ 2021-07-03 21:13 UTC (permalink / raw)
To: buildroot
On Mon, 21 Jun 2021 07:47:43 +0200
Fabrice Fontaine <fontaine.fabrice@gmail.com> wrote:
> Drop patch (not needed since
> https://dev.gnupg.org/rE1fb90a7da186ee2ee098a666f6f3a35bb1720e59)
>
> https://dev.gnupg.org/T5194
>
> Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
> ---
> .../0001-build-Fix-disable-threads.patch | 39 ++++++++++++++
> ...nfigure.ac-fix-build-without-threads.patch | 54 -------------------
> package/libgpg-error/libgpg-error.hash | 6 +--
> package/libgpg-error/libgpg-error.mk | 4 +-
> 4 files changed, 43 insertions(+), 60 deletions(-)
> create mode 100644 package/libgpg-error/0001-build-Fix-disable-threads.patch
> delete mode 100644 package/libgpg-error/0001-configure.ac-fix-build-without-threads.patch
Series applied, thanks!
Thomas
--
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Buildroot] [PATCH 2/5] package/libgcrypt: security bump to version 1.9.3
2021-06-21 5:47 ` [Buildroot] [PATCH 2/5] package/libgcrypt: security bump to version 1.9.3 Fabrice Fontaine
@ 2021-07-13 21:39 ` Peter Korsgaard
0 siblings, 0 replies; 7+ messages in thread
From: Peter Korsgaard @ 2021-07-13 21:39 UTC (permalink / raw)
To: buildroot
>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice@gmail.com> writes:
> Fix CVE-2021-33560: Libgcrypt before 1.8.8 and 1.9.x before 1.9.3
> mishandles ElGamal encryption because it lacks exponent blinding to
> address a side-channel attack against mpi_powm, and the window size is
> not chosen appropriately. (There is also an interoperability problem
> because the selection of the k integer value does not properly consider
> the differences between basic ElGamal encryption and generalized ElGamal
> encryption.) This, for example, affects use of ElGamal in OpenPGP.
> https://dev.gnupg.org/T5305
> Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Committed to 2021.02.x and 2021.05.x, thanks.
--
Bye, Peter Korsgaard
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2021-07-13 21:39 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-06-21 5:47 [Buildroot] [PATCH 1/5] package/libgpg-error: bump to version 1.42 Fabrice Fontaine
2021-06-21 5:47 ` [Buildroot] [PATCH 2/5] package/libgcrypt: security bump to version 1.9.3 Fabrice Fontaine
2021-07-13 21:39 ` Peter Korsgaard
2021-06-21 5:47 ` [Buildroot] [PATCH 3/5] package/libksba: bump to version 1.6.0 Fabrice Fontaine
2021-06-21 5:47 ` [Buildroot] [PATCH 4/5] package/libassuan: bump to version 2.5.5 Fabrice Fontaine
2021-06-21 5:47 ` [Buildroot] [PATCH 5/5] package/gnupg2: bump to version 2.2.28 Fabrice Fontaine
2021-07-03 21:13 ` [Buildroot] [PATCH 1/5] package/libgpg-error: bump to version 1.42 Thomas Petazzoni
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).