Subject: CVS commit: pkgsrc
To: None <>
From: Thomas Klausner <>
List: pkgsrc-changes
Date: 05/14/2001 16:40:05
Module Name:	pkgsrc
Committed By:	wiz
Date:		Mon May 14 13:40:05 UTC 2001

Modified Files:
	pkgsrc/security/gnupg: Makefile distinfo
	pkgsrc/security/gnupg/pkg: PLIST
Removed Files:
	pkgsrc/security/gnupg/patches: patch-aa patch-ab

Log Message:
Update to 1.0.5, provided by Mark White in private mail.
Some pkg related changes by me.
Changes since 1.0.4:
* WARNING: The semantics of --verify have changed to address a
  problem with detached signature detection. --verify now ignores
  signed material given on stdin unless this is requested by using
  a "-" as the name for the file with the signed material.  Please
  check all your detached signature handling applications and make
  sure that they don't pipe the signed material to stdin without
  using a filename together with "-" on the the command line.

* WARNING: Corrected hash calculation for input data larger than
  512M - it was just wrong, so you might notice bad signature in
  some very big files.  It may be wise to keep an old copy of
  GnuPG around.

* Secret keys are no longer imported unless you use the new option
  --allow-secret-key-import.  This is a kludge and future versions will
  handle it in another way.

* New command "showpref" in the --edit-key menu to show an easier
  to understand preference listing.

* There is now the notation of a primary user ID.  For example, it
  is printed with a signature verification as the first user ID;
  revoked user IDs are not printed there anymore.  In general the
  primary user ID is the one with the latest self-signature.

* New --charset=utf-8 to bypass all internal conversions.

* Large File Support (LFS) is now working.

* New options: --ignore-crc-error, --no-sig-create-check,
  --no-sig-cache, --fixed_list_mode, --no-expensive-trust-checks,
  --enable-special-filenames and --use-agent.  See man page.

* New command --pipemode, which can be used to run gpg as a
  co-process.  Currently only the verification of detached
  signatures are working.  See doc/DETAILS.

* Rewritten key selection code so that GnuPG can better cope with
  multiple subkeys, expire dates and so.  The drawback is that it
  is slower.

* A whole lot of bug fixes.

* The verification status of self-signatures are now cached. To
  increase the speed of key list operations for existing keys you
  can do the following in your GnuPG homedir (~/.gnupg):
     $ cp pubring.gpg && $ gpg --export-all >x && \
      rm pubring.gpg && gpg --import x
  Only v4 keys (i.e not the old RSA keys) benefit from this caching.

* New translations: Estonian, Turkish.

To generate a diff of this commit:
cvs rdiff -r1.24 -r1.25 pkgsrc/security/gnupg/Makefile
cvs rdiff -r1.2 -r1.3 pkgsrc/security/gnupg/distinfo
cvs rdiff -r1.4 -r0 pkgsrc/security/gnupg/patches/patch-aa
cvs rdiff -r1.10 -r0 pkgsrc/security/gnupg/patches/patch-ab
cvs rdiff -r1.8 -r1.9 pkgsrc/security/gnupg/pkg/PLIST

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.