[ubuntu/raring-proposed] gnupg 1.4.12-7ubuntu1 (Accepted)

[Colin Watson]

gnupg (1.4.12-7ubuntu1) raring; urgency=low

  * Resynchronise with Debian.  Remaining changes:
    - Disable mlock() test since it fails with ulimit 0 (on buildds).
    - Set gpg (or gpg2) and gpgsm to use a passphrase agent by default.
    - Only suggest gnupg-curl and libldap; recommendations are pulled into
      minimal, and we don't need the keyserver utilities in a minimal Ubuntu
      system.
    - Remove the Win32 build.
    - Update config.guess/config.sub for aarch64.

gnupg (1.4.12-7) unstable; urgency=high

  * Apply upstream patch to fix memory and key database corruption
    when importing with invalid keys (CVE-2012-6085, closes: #697108).

Date: Tue, 08 Jan 2013 10:47:07 +0000
Changed-By: Colin Watson <cjwatson at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/raring/+source/gnupg/1.4.12-7ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Tue, 08 Jan 2013 10:47:07 +0000
Source: gnupg
Binary: gnupg gnupg-curl gpgv gnupg-udeb gpgv-udeb
Architecture: source
Version: 1.4.12-7ubuntu1
Distribution: raring
Urgency: high
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Colin Watson <cjwatson at ubuntu.com>
Description: 
 gnupg      - GNU privacy guard - a free PGP replacement
 gnupg-curl - GNU privacy guard - a free PGP replacement (cURL)
 gnupg-udeb - GNU privacy guard - a free PGP replacement (udeb)
 gpgv       - GNU privacy guard - signature verification tool
 gpgv-udeb  - minimal signature verification tool (udeb)
Closes: 697108
Changes: 
 gnupg (1.4.12-7ubuntu1) raring; urgency=low
 .
   * Resynchronise with Debian.  Remaining changes:
     - Disable mlock() test since it fails with ulimit 0 (on buildds).
     - Set gpg (or gpg2) and gpgsm to use a passphrase agent by default.
     - Only suggest gnupg-curl and libldap; recommendations are pulled into
       minimal, and we don't need the keyserver utilities in a minimal Ubuntu
       system.
     - Remove the Win32 build.
     - Update config.guess/config.sub for aarch64.
 .
 gnupg (1.4.12-7) unstable; urgency=high
 .
   * Apply upstream patch to fix memory and key database corruption
     when importing with invalid keys (CVE-2012-6085, closes: #697108).
Checksums-Sha1: 
 b29bbae65731cab8a2cd3a4dbe726433041cd3db 2398 gnupg_1.4.12-7ubuntu1.dsc
 ed5c36fadc8cd040af0898ab4af5e215c112f6a8 98944 gnupg_1.4.12-7ubuntu1.debian.tar.gz
Checksums-Sha256: 
 2e1623de95ca56a7638846e1d2ae0b75f2ce86da3fe71494dce7bd7356928a07 2398 gnupg_1.4.12-7ubuntu1.dsc
 f38e72a11e1ac8cd8332e09c91adbd4bbb43561336e7744283284ea4cb155f8c 98944 gnupg_1.4.12-7ubuntu1.debian.tar.gz
Files: 
 592e0b066ef6c220fd4817f4baf40e00 2398 utils important gnupg_1.4.12-7ubuntu1.dsc
 55239116ed6b6916988e5e94932f5cdb 98944 utils important gnupg_1.4.12-7ubuntu1.debian.tar.gz
Original-Maintainer: Debian GnuPG-Maintainers <pkg-gnupg-maint at lists.alioth.debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Colin Watson <cjwatson at debian.org> -- Debian developer

iQIVAwUBUOv5Sjk1h9l9hlALAQgsXxAAgmqFaMpaDkGIeeUV+/q6ZqUNReb/IgQI
cUxNIgnZsD3tssUoScEHBKykXKyrQASsD0ljw1tlH61GpXqJwfAzyJXTkwxLyciq
Mmgge/iyS1nNqsa5CX3ZmvsPng7fUx5tIE+bPoz3qcy4+HAi1mc0QZsXR0aUEWba
O1o0BR9ewJB7TQr0qJFpHvDS9Ly1gUtWwQCVMStuK6tOfaP4atonTaShwgO2ks6X
gZxEPMWqYoeWYA5xsjquj82JH9Fnyl3M7YGUWeD3TCrhZk2WT8wMHCycBJzKLoHW
sp9TTeoyDide+/1q0d0G/ik9HJPoROnF7tvLjDBB0BYTjmTmI+gjitMAt0KUxODh
u5e1k5eDtxH8D6wvo8oztgkAN1mBotSpDfl8qwos+VuzoIUrk6mSDFvZvKDoeBOs
DhBZOld5URx/kl9NLOSQCa6nvVsq/wuePXkNJqq3k7rb6OlWk3GC3N2BFUoN4LUW
fCFApUNDTEYWKwJRxKrM20CJ1X63enSp5ZqlU6aK/BIkJaI9b0atJd/HthD4h7o3
G+eU16aF+hNdQ2gWtonMnY1s0MbA6H6ULlguZFjhwGqtUJ+a9wMSIPA/Ink8H3WT
cemqHcL7pIfdfGVC0+98nvSvmQHsQ874JLQMM7ElkCHwr2/qeRA6vzpAlhi0BRLb
RS5RSVoTz0w=
=/9hv
-----END PGP SIGNATURE-----