From 965683336816eba7cb0548e59faf224f74b306b1 Mon Sep 17 00:00:00 2001 From: Saul Wold Date: Wed, 9 Sep 2020 17:46:32 -0700 Subject: gnupg: uprev 2.2.22 -> 2.2.23 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This addresses CVE-2020-25125 and provides some other minor updates and translations. Updated commits for reference: e234d04c3 Werner Koch Release 2.2.23 aeb8272ca Werner Koch gpg: Fix AEAD preference list overflow 038314665 Werner Koch po: auto update 1a4b0fd79 Yuri Chornoivan po: Update Ukrainian translation 93d10403a Jakub Bogusz po: Update Polish translation a8a8105bc Werner Koch po: Add key-check.c to the list of translatable sources. cad9955ac Petr Pisar po: Update Czech translation. 896c528ba Werner Koch gpg: Fix segv importing certain keys. 0a9665187 NIIBE Yutaka scd: Fix a regression for OpenPGP card. bcae9cd4e Nagy Ferenc László po: Minor update to the Hungarian translation. d2fe2ffd7 Werner Koch sm: Fix a bug in the rfc2253 parser f799b3ddb Werner Koch Post release updates Signed-off-by: Saul Wold Signed-off-by: Richard Purdie --- meta/recipes-support/gnupg/gnupg_2.2.22.bb | 80 ------------------------------ meta/recipes-support/gnupg/gnupg_2.2.23.bb | 80 ++++++++++++++++++++++++++++++ 2 files changed, 80 insertions(+), 80 deletions(-) delete mode 100644 meta/recipes-support/gnupg/gnupg_2.2.22.bb create mode 100644 meta/recipes-support/gnupg/gnupg_2.2.23.bb (limited to 'meta/recipes-support') diff --git a/meta/recipes-support/gnupg/gnupg_2.2.22.bb b/meta/recipes-support/gnupg/gnupg_2.2.22.bb deleted file mode 100644 index 161add79f4..0000000000 --- a/meta/recipes-support/gnupg/gnupg_2.2.22.bb +++ /dev/null @@ -1,80 +0,0 @@ -SUMMARY = "GNU Privacy Guard - encryption and signing tools (2.x)" -HOMEPAGE = "http://www.gnupg.org/" -LICENSE = "GPLv3 & LGPLv3" -LIC_FILES_CHKSUM = "file://COPYING;md5=189af8afca6d6075ba6c9e0aa8077626 \ - file://COPYING.LGPL3;md5=a2b6bf2cb38ee52619e60f30a1fc7257" - -DEPENDS = "npth libassuan libksba zlib bzip2 readline libgcrypt" - -inherit autotools gettext texinfo pkgconfig - -UPSTREAM_CHECK_URI = "https://gnupg.org/download/index.html" -SRC_URI = "${GNUPG_MIRROR}/${BPN}/${BPN}-${PV}.tar.bz2 \ - file://0001-Use-pkg-config-to-find-pth-instead-of-pth-config.patch \ - file://0002-use-pkgconfig-instead-of-npth-config.patch \ - file://0003-dirmngr-uses-libgpg-error.patch \ - file://0004-autogen.sh-fix-find-version-for-beta-checking.patch \ - file://0001-Woverride-init-is-not-needed-with-gcc-9.patch \ - " -SRC_URI_append_class-native = " file://0001-configure.ac-use-a-custom-value-for-the-location-of-.patch \ - file://relocate.patch" -SRC_URI_append_class-nativesdk = " file://relocate.patch" - -SRC_URI[sha256sum] = "7c1370565e1910b9d8c4e0fb57b9de34aa062ec7bb91abad5803d791f38d855b" - -EXTRA_OECONF = "--disable-ldap \ - --disable-ccid-driver \ - --with-zlib=${STAGING_LIBDIR}/.. \ - --with-bzip2=${STAGING_LIBDIR}/.. \ - --with-readline=${STAGING_LIBDIR}/.. \ - --enable-gpg-is-gpg2 \ - " - -# A minimal package containing just enough to run gpg+gpgagent (E.g. use gpgme in opkg) -PACKAGES =+ "${PN}-gpg" -FILES_${PN}-gpg = " \ - ${bindir}/gpg \ - ${bindir}/gpg2 \ - ${bindir}/gpg-agent \ -" - -# Normal package (gnupg) should depend on minimal package (gnupg-gpg) -# to ensure all tools are included. This is done only in non-native -# builds. Native builds don't have sub-packages, so appending RDEPENDS -# in this case breaks recipe parsing. -RDEPENDS_${PN} += "${@ "" if ("native" in d.getVar("PN")) else (d.getVar("PN") + "-gpg")}" - -RRECOMMENDS_${PN} = "pinentry" - -do_configure_prepend () { - # Else these could be used in prefernce to those in aclocal-copy - rm -f ${S}/m4/gpg-error.m4 - rm -f ${S}/m4/libassuan.m4 - rm -f ${S}/m4/ksba.m4 - rm -f ${S}/m4/libgcrypt.m4 -} - -do_install_append() { - ln -sf gpg2 ${D}${bindir}/gpg - ln -sf gpgv2 ${D}${bindir}/gpgv -} - -do_install_append_class-native() { - create_wrappers ${STAGING_BINDIR_NATIVE} -} - -do_install_append_class-nativesdk() { - create_wrappers ${SDKPATHNATIVE}${bindir_nativesdk} -} - -create_wrappers() { - for i in gpg2 gpgconf gpg-agent gpg-connect-agent; do - create_wrapper ${D}${bindir}/$i GNUPG_BINDIR=$1 - done -} - -PACKAGECONFIG ??= "gnutls" -PACKAGECONFIG[gnutls] = "--enable-gnutls, --disable-gnutls, gnutls" -PACKAGECONFIG[sqlite3] = "--enable-sqlite, --disable-sqlite, sqlite3" - -BBCLASSEXTEND = "native nativesdk" diff --git a/meta/recipes-support/gnupg/gnupg_2.2.23.bb b/meta/recipes-support/gnupg/gnupg_2.2.23.bb new file mode 100644 index 0000000000..c624b67a0b --- /dev/null +++ b/meta/recipes-support/gnupg/gnupg_2.2.23.bb @@ -0,0 +1,80 @@ +SUMMARY = "GNU Privacy Guard - encryption and signing tools (2.x)" +HOMEPAGE = "http://www.gnupg.org/" +LICENSE = "GPLv3 & LGPLv3" +LIC_FILES_CHKSUM = "file://COPYING;md5=189af8afca6d6075ba6c9e0aa8077626 \ + file://COPYING.LGPL3;md5=a2b6bf2cb38ee52619e60f30a1fc7257" + +DEPENDS = "npth libassuan libksba zlib bzip2 readline libgcrypt" + +inherit autotools gettext texinfo pkgconfig + +UPSTREAM_CHECK_URI = "https://gnupg.org/download/index.html" +SRC_URI = "${GNUPG_MIRROR}/${BPN}/${BPN}-${PV}.tar.bz2 \ + file://0001-Use-pkg-config-to-find-pth-instead-of-pth-config.patch \ + file://0002-use-pkgconfig-instead-of-npth-config.patch \ + file://0003-dirmngr-uses-libgpg-error.patch \ + file://0004-autogen.sh-fix-find-version-for-beta-checking.patch \ + file://0001-Woverride-init-is-not-needed-with-gcc-9.patch \ + " +SRC_URI_append_class-native = " file://0001-configure.ac-use-a-custom-value-for-the-location-of-.patch \ + file://relocate.patch" +SRC_URI_append_class-nativesdk = " file://relocate.patch" + +SRC_URI[sha256sum] = "10b55e49d78b3e49f1edb58d7541ecbdad92ddaeeb885b6f486ed23d1cd1da5c" + +EXTRA_OECONF = "--disable-ldap \ + --disable-ccid-driver \ + --with-zlib=${STAGING_LIBDIR}/.. \ + --with-bzip2=${STAGING_LIBDIR}/.. \ + --with-readline=${STAGING_LIBDIR}/.. \ + --enable-gpg-is-gpg2 \ + " + +# A minimal package containing just enough to run gpg+gpgagent (E.g. use gpgme in opkg) +PACKAGES =+ "${PN}-gpg" +FILES_${PN}-gpg = " \ + ${bindir}/gpg \ + ${bindir}/gpg2 \ + ${bindir}/gpg-agent \ +" + +# Normal package (gnupg) should depend on minimal package (gnupg-gpg) +# to ensure all tools are included. This is done only in non-native +# builds. Native builds don't have sub-packages, so appending RDEPENDS +# in this case breaks recipe parsing. +RDEPENDS_${PN} += "${@ "" if ("native" in d.getVar("PN")) else (d.getVar("PN") + "-gpg")}" + +RRECOMMENDS_${PN} = "pinentry" + +do_configure_prepend () { + # Else these could be used in prefernce to those in aclocal-copy + rm -f ${S}/m4/gpg-error.m4 + rm -f ${S}/m4/libassuan.m4 + rm -f ${S}/m4/ksba.m4 + rm -f ${S}/m4/libgcrypt.m4 +} + +do_install_append() { + ln -sf gpg2 ${D}${bindir}/gpg + ln -sf gpgv2 ${D}${bindir}/gpgv +} + +do_install_append_class-native() { + create_wrappers ${STAGING_BINDIR_NATIVE} +} + +do_install_append_class-nativesdk() { + create_wrappers ${SDKPATHNATIVE}${bindir_nativesdk} +} + +create_wrappers() { + for i in gpg2 gpgconf gpg-agent gpg-connect-agent; do + create_wrapper ${D}${bindir}/$i GNUPG_BINDIR=$1 + done +} + +PACKAGECONFIG ??= "gnutls" +PACKAGECONFIG[gnutls] = "--enable-gnutls, --disable-gnutls, gnutls" +PACKAGECONFIG[sqlite3] = "--enable-sqlite, --disable-sqlite, sqlite3" + +BBCLASSEXTEND = "native nativesdk" -- cgit 1.2.3-korg