aboutsummaryrefslogtreecommitdiffstats
path: root/meta/recipes-support/gnupg/gnupg_1.4.7.bb
AgeCommit message (Collapse)Author
2016-05-30gnupg.org-hosted recipes: Change SRC_URI to https siteJussi Kukkonen
https version seems more reliable and in an informal test fetching all gnupg recipes now takes <20% of the time it used to. Define GNUPG_MIRROR in bitbake.conf so future tweaks to this are easier. Replace some slower mirrors with the official ftp site and another from gnupg.org mirror list. Set UPSTREAM_CHECK_URI in all recipes that need it to "https://gnupg.org/download/index.html" as the directory listings are not up-to-date. (From OE-Core rev: dfc9178e2f2b6873ca497d981e308e00d15280b5) Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-12-16meta: Drop now pointless manual -dbg packagingRichard Purdie
With the autodebug package generation logic, specifically setting FILES_${PN}-dbg isn't needed in most cases, we can remove them. (From OE-Core rev: 3ab59d49dd7c18e194b58d1248b4b87709b5a738) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2015-07-16gnupg: fix build of GPLv2 version of gnupg with gcc 5Andre McCurdy
Force gcc's traditional handling of inline to avoid issues with gcc 5. Upstream gnupg has a more specific fix, however it was made after gnupg was relicensed to GPLv3 so may be unsafe to backport directly. http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commitdiff;h=5093bed27580e608de073bcc5953bd76b6b8b2de (From OE-Core rev: c9883a572eb92e9b846e9021495e0715fb2a4db7) Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-10-18gnupg_1.4.7: add package config libusbKai Kang
If build gnupg 1.4.7 after libusb-compat, it shows warning: WARNING: QA Issue: gnupg rdepends on libusb-compat, but it isn't a build dependency? [build-deps] Add package config libusb to fix it. (From OE-Core rev: e1c77392143e538a2305f63ee3add611ec66e877) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-10-18gnupg: CVE-2013-4242Kai Kang
GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload. Patch from commit e2202ff2b704623efc6277fb5256e4e15bac5676 in git://git.gnupg.org/libgcrypt.git (From OE-Core rev: d1e0f3e71ce9978ff0fc94d71e67b528dad84c5c) Signed-off-by: Yong Zhang <yong.zhang@windriver.com> Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-08-11gnupg: Added PACKAGECONFIG[curl]Shrikant Bobade
gnupg can be built with or without curl. This should be explicitly defined to avoid race between curl and gnupg. (From OE-Core rev: 4e5f6f95e8e791c9cfc9e3bd91f1018d83ab252f) Signed-off-by: Mikhail Durnev <mikhail_durnev@mentor.com> Signed-off-by: Shrikant Bobade <Shrikant_Bobade@mentor.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-05-02Add texinfo.bbclass; recipes that use texinfo utils at build-time inherit it.Max Eliaser
The class itself currently does nothing. The idea is to mark all recipes that make use of the texinfo utilities. In the future, this class could be used to suppress the generation/formatting of documentation for performance, explicitly track dependencies on these utilities, and eliminate Yocto's current dependency on the host system's texinfo utilities. (From OE-Core rev: e6fb2f9afe2ba6b676c46d1eb297ca9cc532d405) Signed-off-by: Max Eliaser <max.eliaser@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-03-27gnupg: CVE-2013-4576Yong Zhang
GnuPG 1.x before 1.4.16 generates RSA keys using sequences of introductions with certain patterns that introduce a side channel, which allows physically proximate attackers to extract RSA keys via a chosen-ciphertext attack and acoustic cryptanalysis during decryption. NOTE: applications are not typically expected to protect themselves from acoustic side-channel attacks, since this is arguably the responsibility of the physical device. Accordingly, issues of this type would not normally receive a CVE identifier. However, for this issue, the developer has specified a security policy in which GnuPG should offer side-channel resistance, and developer-specified security-policy violations are within the scope of CVE. (From OE-Core rev: 46b80c80b0e008820b34f4360054e1697df2650d) Signed-off-by: Yong Zhang <yong.zhang@windriver.com> Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-03-27gnupg: CVE-2013-4351Ming Liu
GnuPG 1.4.x, 2.0.x, and 2.1.x treats a key flags subpacket with all bits cleared (no usage permitted) as if it has all bits set (all usage permitted), which might allow remote attackers to bypass intended cryptographic protection mechanisms by leveraging the subkey. (From OE-Core rev: 259aebc9dbcaeb1587aaaab849942f55fa321724) Signed-off-by: Ming Liu <ming.liu@windriver.com> Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2014-01-02Replace one-line DESCRIPTION with SUMMARYPaul Eggleton
A lot of our recipes had short one-line DESCRIPTION values and no SUMMARY value set. In this case it's much better to just set SUMMARY since DESCRIPTION is defaulted from SUMMARY anyway and then the SUMMARY is at least useful. I also took the opportunity to fix up a lot of the new SUMMARY values, making them concisely explain the function of the recipe / package where possible. (From OE-Core rev: b8feee3cf21f70ba4ec3b822d2f596d4fc02a292) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2013-03-16gnupg: fix PN -> BPN in do_install for multilibsJackie Huang
(From OE-Core rev: d2e7d98ce859a3af037135d1ac7bdb7a34f4d319) Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2013-02-15gnupg: fix CVE-2012-6085Saul Wold
Code taken from Redhat [YOCTO #3813] (From OE-Core rev: 17f8e03ace51df6b94fdcb7e410acf79c7b046ce) Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2012-03-08bzip2: split into binary and library packagesAndreas Oberritter
* Create libbz2 (and -dev, -staticdev), which can be installed without the bzip2 executables. (From OE-Core rev: e27af1f273e9a7348dd8f5542df9206acd9210f3) Signed-off-by: Andreas Oberritter <obi@opendreambox.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2012-02-26gnupg: Update checksum, fix configure and compliation issuesSaul Wold
This recipe was added, but did not have the correct checksum information for the LIC_FILES_CHKSUM or the SRC_URI. Also disable Documetnation for now due to older autotools issue. [YOCTO #1966] (From OE-Core rev: e8c02ead5ce130492eb11457f58cc4d28a330132) Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2012-02-03gnupg: Add gplv2 version 1.4.7Saul Wold
(From OE-Core rev: daff80c595616de10f32e74e2881e851707c7ff9) Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-14 13:17:18 +0000