pkgsrc-changes: CVS commit: pkgsrc/security/gnupg

Subject: CVS commit: pkgsrc/security/gnupg
To: None <pkgsrc-changes@NetBSD.org>
From: Thomas Klausner <wiz@netbsd.org>
List: pkgsrc-changes
Date: 07/03/2006 21:15:14

Module Name:	pkgsrc
Committed By:	wiz
Date:		Mon Jul  3 21:15:14 UTC 2006

Modified Files:
	pkgsrc/security/gnupg: Makefile distinfo
Removed Files:
	pkgsrc/security/gnupg/patches: patch-ba

Log Message:
Update to 1.4.4:

Noteworthy changes in version 1.4.4 (2006-06-25)
------------------------------------------------

    * User IDs are now capped at 2048 byte.  This avoids a memory
      allocation attack (see CVE-2006-3082).
	[was already fixed in pkgsrc]

    * Added support for the SHA-224 hash.  Like the SHA-384 hash, it
      is mainly useful when DSS (the US Digital Signature Standard)
      compatibility is desired.

    * Added support for the latest update to DSA keys and signatures.
      This allows for larger keys than 1024 bits and hashes other than
      SHA-1 and RIPEMD/160.  Note that not all OpenPGP implementations
      can handle these new keys and signatures yet.  See
      "--enable-dsa2" in the manual for more information.


To generate a diff of this commit:
cvs rdiff -r1.86 -r1.87 pkgsrc/security/gnupg/Makefile
cvs rdiff -r1.40 -r1.41 pkgsrc/security/gnupg/distinfo
cvs rdiff -r1.1 -r0 pkgsrc/security/gnupg/patches/patch-ba

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.