[ubuntu/trusty-proposed] gnupg 1.4.15-1.1ubuntu1 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Sun Nov 3 18:51:16 UTC 2013 

gnupg (1.4.15-1.1ubuntu1) trusty; urgency=low

  * Resynchronise with Debian.  Remaining changes:
    - Disable mlock() test since it fails with ulimit 0 (on buildds).
    - Set gpg (or gpg2) and gpgsm to use a passphrase agent by default.
    - Only suggest gnupg-curl and libldap; recommendations are pulled into
      minimal, and we don't need the keyserver utilities in a minimal Ubuntu
      system.
    - Remove the Win32 build.
  * Dropped upstreamed patches:
    - debian/patches/CVE-2013-4351.patch
    - debian/patches/CVE-2013-4402.patch

gnupg (1.4.15-1.1) unstable; urgency=high

  * Non-maintainer upload, by request of Thijs Kinkhorst.
  * Add patch revert_trustdb_changes:
   - Revert upstream GIT a1a59e6a539e597996976d0afb6aa3062e954188
     which breaks popularity-contest (closes: #725889).

gnupg (1.4.15-1) unstable; urgency=high

  * New upstream release (closes: #725718).
    - Fixed possible denial of service in the compressed packet
      parser (CVE-2013-4402, closes: #725439).
    - Documents limitations of the verify command (closes: #704645).

Date: Wed, 30 Oct 2013 15:30:58 -0700
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/trusty/+source/gnupg/1.4.15-1.1ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 30 Oct 2013 15:30:58 -0700
Source: gnupg
Binary: gnupg gnupg-curl gpgv gnupg-udeb gpgv-udeb
Architecture: source
Version: 1.4.15-1.1ubuntu1
Distribution: trusty
Urgency: high
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description: 
 gnupg      - GNU privacy guard - a free PGP replacement
 gnupg-curl - GNU privacy guard - a free PGP replacement (cURL)
 gnupg-udeb - GNU privacy guard - a free PGP replacement (udeb)
 gpgv       - GNU privacy guard - signature verification tool
 gpgv-udeb  - minimal signature verification tool (udeb)
Closes: 704645 725439 725718 725889
Changes: 
 gnupg (1.4.15-1.1ubuntu1) trusty; urgency=low
 .
   * Resynchronise with Debian.  Remaining changes:
     - Disable mlock() test since it fails with ulimit 0 (on buildds).
     - Set gpg (or gpg2) and gpgsm to use a passphrase agent by default.
     - Only suggest gnupg-curl and libldap; recommendations are pulled into
       minimal, and we don't need the keyserver utilities in a minimal Ubuntu
       system.
     - Remove the Win32 build.
   * Dropped upstreamed patches:
     - debian/patches/CVE-2013-4351.patch
     - debian/patches/CVE-2013-4402.patch
 .
 gnupg (1.4.15-1.1) unstable; urgency=high
 .
   * Non-maintainer upload, by request of Thijs Kinkhorst.
   * Add patch revert_trustdb_changes:
    - Revert upstream GIT a1a59e6a539e597996976d0afb6aa3062e954188
      which breaks popularity-contest (closes: #725889).
 .
 gnupg (1.4.15-1) unstable; urgency=high
 .
   * New upstream release (closes: #725718).
     - Fixed possible denial of service in the compressed packet
       parser (CVE-2013-4402, closes: #725439).
     - Documents limitations of the verify command (closes: #704645).
Checksums-Sha1: 
 bd7eb6078267de000ecb910bc874590572373676 2356 gnupg_1.4.15-1.1ubuntu1.dsc
 2881c8174c15bb86ecf2e879cb7ca22c91fbcf93 5066798 gnupg_1.4.15.orig.tar.gz
 ccb6d3ac4a37b1484812033e3d4f5ad179d0435a 32944 gnupg_1.4.15-1.1ubuntu1.debian.tar.gz
Checksums-Sha256: 
 5ff40a6a5de62b43d62bcb6c2119dda1c056c3bd131137cc15594bca2d5db1da 2356 gnupg_1.4.15-1.1ubuntu1.dsc
 0b91e293e8566e5b841f280329b1e6fd773f7d3826844c69bec676124e0a0bb3 5066798 gnupg_1.4.15.orig.tar.gz
 9a60287e433b43e830d5a8c71193b6191e452d55b82d9ec1486699fdcf75f930 32944 gnupg_1.4.15-1.1ubuntu1.debian.tar.gz
Files: 
 ec276ec5f66c13c5db3d6d389b23c86d 2356 utils important gnupg_1.4.15-1.1ubuntu1.dsc
 c04ba3eb68766c01ac26cabee1af1eac 5066798 utils important gnupg_1.4.15.orig.tar.gz
 e38769a61bbc7a6b9e5e51998c2003c4 32944 utils important gnupg_1.4.15-1.1ubuntu1.debian.tar.gz
Original-Maintainer: Debian GnuPG-Maintainers <pkg-gnupg-maint at lists.alioth.debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)

iQIcBAEBCgAGBQJSdpqsAAoJEGVp2FWnRL6TW04QAK7EW7/oDNHryOi2uzDKuWVW
LwCwR7wRAcqF0aoeT30BcWBaSPGzFyVQH4U00MnXQOWuGYaA55KXpImTKsIHDDyt
0d+w/HFvh7xlom8Q+yWRKQh9afkByliFimCmnVc/Qa4SZqds4WL3EDkiMpV3snph
JTTwqsR33yL0JXwjooUwNoH4CZt2tzV6wSt8LRcJLDN4bnt4XEvR9MqBgYpWU2U4
E5Z2jYrvgODOCR/TWr4j02Ocxprp7+PB9FSSs/mLfcZ45lhbqw05RetAEGlFTw9Z
h+PnjSxOqkxGlVfwHecwvMDpFk/jnTRkQk8mR1zOJ1YEVOSUM9Y+ITKG+I/tTXq5
XqOpH5EunM1bu73BvBi+MrUj121vmSZOaIUjg/Zrk0VMnSzHYDAHZDvHVH5kuUmk
n20G7LMi3lnWuc6ezkyvYaFTtrg6IunUFqaLYHqAGaTqVqzLAWbE1SdYJIZ5zX5Z
n75ThKTBfQvxJm5pKFunuTSWwgmipc0m/d9cFenfP7W9KCk6Pt84LkIJAKJYQNNk
ZWSjE7v6iZ8i2vq5furSgcZUIR4jrGvfGlRviMAbQUpOuWmbR5gDJJBhjf21GADC
jPd9BKkn/nB9v+oLNQutN9fC7zA0YbM2AsP1NFd1rFanYI19hy8mgq9AZ+++4yX5
yxwci4A0zStOPyvVtf7/
=9mRg
-----END PGP SIGNATURE-----

More information about the Trusty-changes mailing list