Attached below is the debdiff for gnupg2 from 2.0.26-3 to 2.0.26-4
without the l10n changes, in the hopes that this makes it past the
mailing list filters :)
Thanks,
--dkg
diff -Nru gnupg2-2.0.26/debian/changelog gnupg2-2.0.26/debian/changelog
--- gnupg2-2.0.26/debian/changelog 2014-09-30 23:39:26.000000000 -0400
+++ gnupg2-2.0.26/debian/changelog 2015-01-04 18:30:24.000000000 -0500
@@ -1,3 +1,35 @@
+gnupg2 (2.0.26-4) unstable; urgency=medium
+
+ [ David Prévot ]
+ * Update POT and PO files, and ensure the translations get rebuild
+ * Update French translation (Closes: #769574)
+ * Update Ukrainian translation, thanks to Yuri Chornoivan
+ * Update German translation, thanks to Werner Koch
+ * Update Danish translation, thanks to Joe Hansen
+ * Update Japanese translation, thanks to NIIBE Yutaka
+ * Update Chinese (traditional) translation, thanks to Jedi Lin
+ * Update Russian translation, thanks to Ineiev
+ * Update Polish translation, thanks to Jakub Bogusz
+ * Update Spanish translation, thanks to Manuel "Venturi" Porras Peralta
+ (Closes: #770727)
+ * New Dutch translation, thanks to Frans Spiesschaert (Closes: #770981)
+
+ [ Daniel Kahn Gillmor ]
+ * bugfix and cryptographic safety changes imported from upstream:
+ - Avoid regression when adding subkeys with strong s2k algorithms
+ (Closes: #772780) Thanks, NIIBE Yutaka
+ - Allow french translation to work when prompting for passphrase.
+ - add build and runtime support for larger RSA keys (Closes: #739424)
+ - fix runtime errors on bad input (Closes: #771987)
+ - deprecate insecure one-argument variant for gpg --verify of detached
+ signatures (Closes: #771992)
+ - initialize trustdb before trying to clear it (Closes: #735363)
+ - default to issuing SHA256 signatures for RSA
+ - avoid relying on MD5 signatures
+ - show v3 key fingerprints as all zero (OpenPGPv3 is deprecated)
+
+ -- Daniel Kahn Gillmor <dkg@fifthhorseman.net> Sun, 04 Jan 2015 17:17:00 -0500
+
gnupg2 (2.0.26-3) unstable; urgency=medium
* fix typo in gpg.info (closes: #760273)
diff -Nru gnupg2-2.0.26/debian/clean gnupg2-2.0.26/debian/clean
--- gnupg2-2.0.26/debian/clean 1969-12-31 19:00:00.000000000 -0500
+++ gnupg2-2.0.26/debian/clean 2015-01-04 17:30:14.000000000 -0500
@@ -0,0 +1 @@
+po/*.gmo
diff -Nru gnupg2-2.0.26/debian/patches/0001-warn-about-but-don-t-fail-on-scdaemon-options-in-gpg.patch gnupg2-2.0.26/debian/patches/0001-warn-about-but-don-t-fail-on-scdaemon-options-in-gpg.patch
--- gnupg2-2.0.26/debian/patches/0001-warn-about-but-don-t-fail-on-scdaemon-options-in-gpg.patch 2014-09-29 17:46:22.000000000 -0400
+++ gnupg2-2.0.26/debian/patches/0001-warn-about-but-don-t-fail-on-scdaemon-options-in-gpg.patch 1969-12-31 19:00:00.000000000 -0500
@@ -1,140 +0,0 @@
-commit c76117f8b0165fe5cec5e7f234f55f5a4cd7f0ab
-Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
-Date: Thu Sep 25 14:45:37 2014 -0400
-
- gpg: Warn about (but don't fail) on scdaemon options in gpg.conf.
-
- * g10/gpg.c: Add config options that should belong in scdaemon.conf
- * g10/main.h, g10/misc.c (obsolete_scdaemon_option): New.
-
- --
-
- In gpg2, the following options are only relevant for scdaemon:
-
- reader-port
- ctapi-driver
- pcsc-driver
- disable-ccid
-
- but in gpg1, they are options for gpg itself.
-
- Some users of gpg1 might have these options in their
- ~/.gnupg/gpg.conf, which causes gpg2 to fail hard if it reads that
- config file.
-
- gpg2 should not fail hard, though giving a warning (and suggesting a
- move to scdaemon.conf) seems OK.
-
- This patch does *not* reintroduce any documentation for these options
- in gpg.texi, even to indicate that they are "dummy" options, since
- scdaemon.texi contains the appropriate documentation.
-
- Debian-bug-id: 762844
-
- Program names factored out from obsolete_scdaemon_option to make
- reuse without new translations easier. -wk
-
- This is a backport of commit 371c2b14b0347209efd23b4e54e1981a12d7aeab
- with parts of 20c6da50d4f6264d26d113d7de606971f719a0ca but without those
- which would change existing translated strings. -wk
-
-diff --git a/g10/gpg.c b/g10/gpg.c
-index 1a8e6e7..12d4295 100644
---- a/g10/gpg.c
-+++ b/g10/gpg.c
-@@ -358,6 +358,10 @@ enum cmd_and_opt_values
- oKeyidFormat,
- oExitOnStatusWriteError,
- oLimitCardInsertTries,
-+ oReaderPort,
-+ octapiDriver,
-+ opcscDriver,
-+ oDisableCCID,
- oRequireCrossCert,
- oNoRequireCrossCert,
- oAutoKeyLocate,
-@@ -506,10 +510,6 @@ static ARGPARSE_OPTS opts[] = {
- ARGPARSE_s_n (oDryRun, "dry-run", N_("do not make any changes")),
- ARGPARSE_s_n (oInteractive, "interactive", N_("prompt before overwriting")),
-
-- ARGPARSE_s_n (oUseAgent, "use-agent", "@"),
-- ARGPARSE_s_n (oNoUseAgent, "no-use-agent", "@"),
-- ARGPARSE_s_s (oGpgAgentInfo, "gpg-agent-info", "@"),
--
- ARGPARSE_s_n (oBatch, "batch", "@"),
- ARGPARSE_s_n (oAnswerYes, "yes", "@"),
- ARGPARSE_s_n (oAnswerNo, "no", "@"),
-@@ -761,6 +761,15 @@ static ARGPARSE_OPTS opts[] = {
- ARGPARSE_s_s (oAutoKeyLocate, "auto-key-locate", "@"),
- ARGPARSE_s_n (oNoAutoKeyLocate, "no-auto-key-locate", "@"),
-
-+ /* Dummy options with warnings. */
-+ ARGPARSE_s_n (oUseAgent, "use-agent", "@"),
-+ ARGPARSE_s_n (oNoUseAgent, "no-use-agent", "@"),
-+ ARGPARSE_s_s (oGpgAgentInfo, "gpg-agent-info", "@"),
-+ ARGPARSE_s_s (oReaderPort, "reader-port", "@"),
-+ ARGPARSE_s_s (octapiDriver, "ctapi-driver", "@"),
-+ ARGPARSE_s_s (opcscDriver, "pcsc-driver", "@"),
-+ ARGPARSE_s_n (oDisableCCID, "disable-ccid", "@"),
-+
- ARGPARSE_end ()
- };
-
-@@ -2239,6 +2254,19 @@ main (int argc, char **argv)
- obsolete_option (configname, configlineno, "--gpg-agent-info");
- break;
-
-+ case oReaderPort:
-+ obsolete_scdaemon_option (configname, configlineno, "reader-port");
-+ break;
-+ case octapiDriver:
-+ obsolete_scdaemon_option (configname, configlineno, "ctapi-driver");
-+ break;
-+ case opcscDriver:
-+ obsolete_scdaemon_option (configname, configlineno, "pcsc-driver");
-+ break;
-+ case oDisableCCID:
-+ obsolete_scdaemon_option (configname, configlineno, "disable-ccid");
-+ break;
-+
- case oAnswerYes: opt.answer_yes = 1; break;
- case oAnswerNo: opt.answer_no = 1; break;
- case oKeyring: append_to_strlist( &nrings, pargs.r.ret_str); break;
-diff --git a/g10/main.h b/g10/main.h
-index 9904820..226898d 100644
---- a/g10/main.h
-+++ b/g10/main.h
-@@ -118,6 +118,8 @@ void deprecated_warning(const char *configname,unsigned int configlineno,
- void deprecated_command (const char *name);
- void obsolete_option (const char *configname, unsigned int configlineno,
- const char *name);
-+void obsolete_scdaemon_option (const char *configname,
-+ unsigned int configlineno, const char *name);
-
- int string_to_cipher_algo (const char *string);
- int string_to_digest_algo (const char *string);
-diff --git a/g10/misc.c b/g10/misc.c
-index 43ea0d2..ef03776 100644
---- a/g10/misc.c
-+++ b/g10/misc.c
-@@ -851,6 +851,20 @@ obsolete_option (const char *configname, unsigned int configlineno,
- }
-
-
-+void
-+obsolete_scdaemon_option (const char *configname, unsigned int configlineno,
-+ const char *name)
-+{
-+ if (configname)
-+ log_info (_("%s:%u: \"%s%s\" is obsolete in this file"
-+ " - it only has effect in %s\n"),
-+ configname, configlineno, name, "--", "scdaemon.conf");
-+ else
-+ log_info (_("WARNING: \"%s%s\" is an obsolete option"
-+ " - it has no effect except on %s\n"), "--", name, "scdaemon");
-+}
-+
-+
- /*
- * Wrapper around gcry_cipher_map_name to provide a fallback using the
- * "Sn" syntax as used by the preference strings.
diff -Nru gnupg2-2.0.26/debian/patches/0002-gpg-Allow-for-positional-parameters-in-the-passphras.patch gnupg2-2.0.26/debian/patches/0002-gpg-Allow-for-positional-parameters-in-the-passphras.patch
--- gnupg2-2.0.26/debian/patches/0002-gpg-Allow-for-positional-parameters-in-the-passphras.patch 1969-12-31 19:00:00.000000000 -0500
+++ gnupg2-2.0.26/debian/patches/0002-gpg-Allow-for-positional-parameters-in-the-passphras.patch 2015-01-04 18:29:28.000000000 -0500
@@ -0,0 +1,74 @@
+From c45b9819e8f4b35681c91ffb67abdc38dcc32a2a Mon Sep 17 00:00:00 2001
+From: Werner Koch <wk@gnupg.org>
+Date: Tue, 26 Aug 2014 10:16:04 +0200
+Subject: [PATCH 02/31] gpg: Allow for positional parameters in the passphrase
+ prompt.
+
+* g10/passphrase.c (passphrase_get): Replace sprintf by xasprintf.
+--
+
+Without that at least the French translation does not always work
+because it requires positional parameters. Windows for example does
+not support them as they are not defined by C99 but by POSIX.
+---
+ g10/passphrase.c | 35 ++++++++++++-----------------------
+ 1 file changed, 12 insertions(+), 23 deletions(-)
+
+diff --git a/g10/passphrase.c b/g10/passphrase.c
+index 9752718..54caf72 100644
+--- a/g10/passphrase.c
++++ b/g10/passphrase.c
+@@ -341,38 +341,27 @@ passphrase_get ( u32 *keyid, int mode, const char *cacheid, int repeat,
+ if ( !algo_name )
+ algo_name = "?";
+
+-#define KEYIDSTRING _(" (main key ID %s)")
+-
+- maink = xmalloc ( strlen (KEYIDSTRING) + keystrlen() + 20 );
+- if( keyid[2] && keyid[3] && keyid[0] != keyid[2]
++ if (keyid[2] && keyid[3]
++ && keyid[0] != keyid[2]
+ && keyid[1] != keyid[3] )
+- sprintf( maink, KEYIDSTRING, keystr(&keyid[2]) );
++ maink = xasprintf (_(" (main key ID %s)"), keystr (&keyid[2]));
+ else
+- *maink = 0;
++ maink = xstrdup ("");
+
+ uid = get_user_id ( keyid, &uidlen );
+ timestr = strtimestamp (pk->timestamp);
+
+-#undef KEYIDSTRING
+-
+-#define PROMPTSTRING _("Please enter the passphrase to unlock the" \
+- " secret key for the OpenPGP certificate:\n" \
+- "\"%.*s\"\n" \
+- "%u-bit %s key, ID %s,\n" \
+- "created %s%s.\n" )
+-
+- atext = xmalloc ( 100 + strlen (PROMPTSTRING)
+- + uidlen + 15 + strlen(algo_name) + keystrlen()
+- + strlen (timestr) + strlen (maink) );
+- sprintf (atext, PROMPTSTRING,
+- (int)uidlen, uid,
+- nbits_from_pk (pk), algo_name, keystr(&keyid[0]), timestr,
+- maink );
++ atext = xasprintf (_("Please enter the passphrase to unlock the"
++ " secret key for the OpenPGP certificate:\n"
++ "\"%.*s\"\n"
++ "%u-bit %s key, ID %s,\n"
++ "created %s%s.\n"),
++ (int)uidlen, uid,
++ nbits_from_pk (pk), algo_name, keystr(&keyid[0]),
++ timestr, maink);
+ xfree (uid);
+ xfree (maink);
+
+-#undef PROMPTSTRING
+-
+ {
+ size_t dummy;
+ fingerprint_from_pk( pk, fpr, &dummy );
+--
+2.1.4
+
diff -Nru gnupg2-2.0.26/debian/patches/0004-gpg-Need-to-init-the-trustdb-for-import.patch gnupg2-2.0.26/debian/patches/0004-gpg-Need-to-init-the-trustdb-for-import.patch
--- gnupg2-2.0.26/debian/patches/0004-gpg-Need-to-init-the-trustdb-for-import.patch 1969-12-31 19:00:00.000000000 -0500
+++ gnupg2-2.0.26/debian/patches/0004-gpg-Need-to-init-the-trustdb-for-import.patch 2015-01-04 18:29:28.000000000 -0500
@@ -0,0 +1,35 @@
+From 07006c9916ea194ce6047d252421c08489068c4c Mon Sep 17 00:00:00 2001
+From: Kristian Fiskerstrand <kf@sumptuouscapital.com>
+Date: Wed, 13 Aug 2014 11:13:34 +0200
+Subject: [PATCH 04/31] gpg: Need to init the trustdb for import.
+
+* g10/trustdb.c (clear_ownertrusts): Init trustdb.
+
+--
+
+This was fixed in 1.4 branch in commit
+23191d7851eae2217ecdac6484349849a24fd94a but was not applied to the
+2.0 branch that exhibits the same problem. This is actually a hack
+to fix a bug introduced with commit 2528178.
+
+GnuPG-bug-id: 1622
+---
+ g10/trustdb.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/g10/trustdb.c b/g10/trustdb.c
+index f96701a..7bfef25 100644
+--- a/g10/trustdb.c
++++ b/g10/trustdb.c
+@@ -923,6 +923,8 @@ clear_ownertrusts (PKT_public_key *pk)
+ TRUSTREC rec;
+ int rc;
+
++ init_trustdb();
++
+ if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS)
+ return 0;
+
+--
+2.1.4
+
diff -Nru gnupg2-2.0.26/debian/patches/0005-gpg-Warn-about-but-don-t-fail-on-scdaemon-options-in.patch gnupg2-2.0.26/debian/patches/0005-gpg-Warn-about-but-don-t-fail-on-scdaemon-options-in.patch
--- gnupg2-2.0.26/debian/patches/0005-gpg-Warn-about-but-don-t-fail-on-scdaemon-options-in.patch 1969-12-31 19:00:00.000000000 -0500
+++ gnupg2-2.0.26/debian/patches/0005-gpg-Warn-about-but-don-t-fail-on-scdaemon-options-in.patch 2015-01-04 18:29:28.000000000 -0500
@@ -0,0 +1,154 @@
+From c76117f8b0165fe5cec5e7f234f55f5a4cd7f0ab Mon Sep 17 00:00:00 2001
+From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
+Date: Thu, 25 Sep 2014 14:45:37 -0400
+Subject: [PATCH 05/31] gpg: Warn about (but don't fail) on scdaemon options in
+ gpg.conf.
+
+* g10/gpg.c: Add config options that should belong in scdaemon.conf
+* g10/main.h, g10/misc.c (obsolete_scdaemon_option): New.
+
+--
+
+In gpg2, the following options are only relevant for scdaemon:
+
+ reader-port
+ ctapi-driver
+ pcsc-driver
+ disable-ccid
+
+but in gpg1, they are options for gpg itself.
+
+Some users of gpg1 might have these options in their
+~/.gnupg/gpg.conf, which causes gpg2 to fail hard if it reads that
+config file.
+
+gpg2 should not fail hard, though giving a warning (and suggesting a
+move to scdaemon.conf) seems OK.
+
+This patch does *not* reintroduce any documentation for these options
+in gpg.texi, even to indicate that they are "dummy" options, since
+scdaemon.texi contains the appropriate documentation.
+
+Debian-bug-id: 762844
+
+Program names factored out from obsolete_scdaemon_option to make
+reuse without new translations easier. -wk
+
+This is a backport of commit 371c2b14b0347209efd23b4e54e1981a12d7aeab
+with parts of 20c6da50d4f6264d26d113d7de606971f719a0ca but without those
+which would change existing translated strings. -wk
+---
+ g10/gpg.c | 36 ++++++++++++++++++++++++++++++++----
+ g10/main.h | 2 ++
+ g10/misc.c | 14 ++++++++++++++
+ 3 files changed, 48 insertions(+), 4 deletions(-)
+
+diff --git a/g10/gpg.c b/g10/gpg.c
+index 1a8e6e7..12d4295 100644
+--- a/g10/gpg.c
++++ b/g10/gpg.c
+@@ -358,6 +358,10 @@ enum cmd_and_opt_values
+ oKeyidFormat,
+ oExitOnStatusWriteError,
+ oLimitCardInsertTries,
++ oReaderPort,
++ octapiDriver,
++ opcscDriver,
++ oDisableCCID,
+ oRequireCrossCert,
+ oNoRequireCrossCert,
+ oAutoKeyLocate,
+@@ -506,10 +510,6 @@ static ARGPARSE_OPTS opts[] = {
+ ARGPARSE_s_n (oDryRun, "dry-run", N_("do not make any changes")),
+ ARGPARSE_s_n (oInteractive, "interactive", N_("prompt before overwriting")),
+
+- ARGPARSE_s_n (oUseAgent, "use-agent", "@"),
+- ARGPARSE_s_n (oNoUseAgent, "no-use-agent", "@"),
+- ARGPARSE_s_s (oGpgAgentInfo, "gpg-agent-info", "@"),
+-
+ ARGPARSE_s_n (oBatch, "batch", "@"),
+ ARGPARSE_s_n (oAnswerYes, "yes", "@"),
+ ARGPARSE_s_n (oAnswerNo, "no", "@"),
+@@ -761,6 +761,21 @@ static ARGPARSE_OPTS opts[] = {
+ ARGPARSE_s_s (oAutoKeyLocate, "auto-key-locate", "@"),
+ ARGPARSE_s_n (oNoAutoKeyLocate, "no-auto-key-locate", "@"),
+
++ /* Dummy options with warnings. */
++ ARGPARSE_s_n (oUseAgent, "use-agent", "@"),
++ ARGPARSE_s_n (oNoUseAgent, "no-use-agent", "@"),
++ ARGPARSE_s_s (oGpgAgentInfo, "gpg-agent-info", "@"),
++ ARGPARSE_s_s (oReaderPort, "reader-port", "@"),
++ ARGPARSE_s_s (octapiDriver, "ctapi-driver", "@"),
++ ARGPARSE_s_s (opcscDriver, "pcsc-driver", "@"),
++ ARGPARSE_s_n (oDisableCCID, "disable-ccid", "@"),
++
++ /* Dummy options. */
++ ARGPARSE_s_n (oNoop, "sk-comments", "@"),
++ ARGPARSE_s_n (oNoop, "no-sk-comments", "@"),
++ ARGPARSE_s_n (oNoop, "compress-keys", "@"),
++ ARGPARSE_s_n (oNoop, "compress-sigs", "@"),
++
+ ARGPARSE_end ()
+ };
+
+@@ -2239,6 +2254,19 @@ main (int argc, char **argv)
+ obsolete_option (configname, configlineno, "--gpg-agent-info");
+ break;
+
++ case oReaderPort:
++ obsolete_scdaemon_option (configname, configlineno, "reader-port");
++ break;
++ case octapiDriver:
++ obsolete_scdaemon_option (configname, configlineno, "ctapi-driver");
++ break;
++ case opcscDriver:
++ obsolete_scdaemon_option (configname, configlineno, "pcsc-driver");
++ break;
++ case oDisableCCID:
++ obsolete_scdaemon_option (configname, configlineno, "disable-ccid");
++ break;
++
+ case oAnswerYes: opt.answer_yes = 1; break;
+ case oAnswerNo: opt.answer_no = 1; break;
+ case oKeyring: append_to_strlist( &nrings, pargs.r.ret_str); break;
+diff --git a/g10/main.h b/g10/main.h
+index 9904820..226898d 100644
+--- a/g10/main.h
++++ b/g10/main.h
+@@ -118,6 +118,8 @@ void deprecated_warning(const char *configname,unsigned int configlineno,
+ void deprecated_command (const char *name);
+ void obsolete_option (const char *configname, unsigned int configlineno,
+ const char *name);
++void obsolete_scdaemon_option (const char *configname,
++ unsigned int configlineno, const char *name);
+
+ int string_to_cipher_algo (const char *string);
+ int string_to_digest_algo (const char *string);
+diff --git a/g10/misc.c b/g10/misc.c
+index 43ea0d2..ef03776 100644
+--- a/g10/misc.c
++++ b/g10/misc.c
+@@ -851,6 +851,20 @@ obsolete_option (const char *configname, unsigned int configlineno,
+ }
+
+
++void
++obsolete_scdaemon_option (const char *configname, unsigned int configlineno,
++ const char *name)
++{
++ if (configname)
++ log_info (_("%s:%u: \"%s%s\" is obsolete in this file"
++ " - it only has effect in %s\n"),
++ configname, configlineno, name, "--", "scdaemon.conf");
++ else
++ log_info (_("WARNING: \"%s%s\" is an obsolete option"
++ " - it has no effect except on %s\n"), "--", name, "scdaemon");
++}
++
++
+ /*
+ * Wrapper around gcry_cipher_map_name to provide a fallback using the
+ * "Sn" syntax as used by the preference strings.
+--
+2.1.4
+
diff -Nru gnupg2-2.0.26/debian/patches/0005-Update-POT-file.patch gnupg2-2.0.26/debian/patches/0005-Update-POT-file.patch
diff -Nru gnupg2-2.0.26/debian/patches/0006-Update-PO-files.patch gnupg2-2.0.26/debian/patches/0006-Update-PO-files.patch
diff -Nru gnupg2-2.0.26/debian/patches/0007-doc-Update-the-file-OpenPGP.patch gnupg2-2.0.26/debian/patches/0007-doc-Update-the-file-OpenPGP.patch
--- gnupg2-2.0.26/debian/patches/0007-doc-Update-the-file-OpenPGP.patch 1969-12-31 19:00:00.000000000 -0500
+++ gnupg2-2.0.26/debian/patches/0007-doc-Update-the-file-OpenPGP.patch 2015-01-04 18:29:28.000000000 -0500
@@ -0,0 +1,72 @@
+From ba2b8c20ee68f7ee3e7a58f7c3449d94004131d8 Mon Sep 17 00:00:00 2001
+From: Werner Koch <wk@gnupg.org>
+Date: Sat, 27 Sep 2014 11:17:07 +0200
+Subject: [PATCH 07/31] doc: Update the file OpenPGP
+
+--
+
+It should actually be completey reworked but for now I added just a
+few notes.
+---
+ doc/OpenPGP | 21 ++++++++++-----------
+ 1 file changed, 10 insertions(+), 11 deletions(-)
+
+diff --git a/doc/OpenPGP b/doc/OpenPGP
+index a511ad7..96223d7 100644
+--- a/doc/OpenPGP
++++ b/doc/OpenPGP
+@@ -1,9 +1,8 @@
+ GnuPG and OpenPGP
+ =================
+
+- See RFC2440 for a description of OpenPGP. We have an annotated version
+- of this RFC online: http://www.gnupg.org/rfc2440.html
+-
++ See RFC-4880 for a description of OpenPGP. These notes are older
++ than RFC-4880 and refer to the predecessor of the specs (RFC-2440).
+
+
+ Compatibility Notes
+@@ -12,7 +11,9 @@
+
+ * (9.2) states that IDEA SHOULD be implemented. This is not done
+ due to patent problems.
+-
++ UPDATE: Since version 1.4.13 (or GnuPG 2.x with Libgcrypt 1.6)
++ IDEA support has been added to allow decryption of old
++ PGP-2 encrypted material.
+
+ All MAY features are implemented with this exception:
+
+@@ -28,17 +29,17 @@
+ A special format of partial packet length exists for v3 packets
+ which can be considered to be in compliance with RFC1991; this
+ format is only created if a special option is active.
++ UPDATE: This support has been removed with version 1.3.6.
+
+ GnuPG uses a S2K mode of 101 for GNU extensions to the secret key
+ protection algorithms. This number is not defined in OpenPGP, but
+- given the fact that this number is in a range which used at many
+- other places in OpenPGP for private/experimenat algorithm identifiers,
+- this should be not a so bad choice. The 3 bytes "GNU" are used
+- to identify this as a GNU extension - see the file DETAILS for a
++ given that this number is in a range which is used at many other
++ places in OpenPGP for private/experimental algorithm identifiers,
++ this should be not a too bad choice. The 3 bytes "GNU" are used to
++ identify this as a GNU extension - see the file DETAILS for a
+ definition of the used data formats.
+
+
+-
+ Some Notes on OpenPGP / PGP Compatibility:
+ ==========================================
+
+@@ -104,5 +105,3 @@
+
+ The limited permissions granted above are perpetual and will not be
+ revoked by the Internet Society or its successors or assigns.
+-
+-
+--
+2.1.4
+
diff -Nru gnupg2-2.0.26/debian/patches/0007-Update-French-translation.patch gnupg2-2.0.26/debian/patches/0007-Update-French-translation.patch
diff -Nru gnupg2-2.0.26/debian/patches/0008-gpg-Default-to-SHA-256-for-all-signature-types-on-RS.patch gnupg2-2.0.26/debian/patches/0008-gpg-Default-to-SHA-256-for-all-signature-types-on-RS.patch
--- gnupg2-2.0.26/debian/patches/0008-gpg-Default-to-SHA-256-for-all-signature-types-on-RS.patch 1969-12-31 19:00:00.000000000 -0500
+++ gnupg2-2.0.26/debian/patches/0008-gpg-Default-to-SHA-256-for-all-signature-types-on-RS.patch 2015-01-04 18:29:28.000000000 -0500
@@ -0,0 +1,47 @@
+From 36179da032fa43d82042b3d31ed175d17b8e9bc4 Mon Sep 17 00:00:00 2001
+From: Werner Koch <wk@gnupg.org>
+Date: Sat, 27 Sep 2014 15:21:02 +0200
+Subject: [PATCH 08/31] gpg: Default to SHA-256 for all signature types on RSA
+ keys.
+
+* g10/main.h (DEFAULT_DIGEST_ALGO): Use SHA256 in --gnupg and SHA1 in
+strict RFC or PGP modes.
+* g10/sign.c (make_keysig_packet): Use DEFAULT_DIGEST_ALGO also for
+RSA key signatures.
+--
+
+(Backported from commit d33246700578cddd1cb8ed8164cfbba50aba4ef3)
+---
+ g10/main.h | 2 +-
+ g10/sign.c | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/g10/main.h b/g10/main.h
+index 226898d..4cf2cc7 100644
+--- a/g10/main.h
++++ b/g10/main.h
+@@ -33,7 +33,7 @@
+ issues of speed and size come into play here. */
+
+ #define DEFAULT_CIPHER_ALGO CIPHER_ALGO_CAST5
+-#define DEFAULT_DIGEST_ALGO DIGEST_ALGO_SHA1
++#define DEFAULT_DIGEST_ALGO ((GNUPG)? DIGEST_ALGO_SHA256:DIGEST_ALGO_SHA1)
+ #define DEFAULT_COMPRESS_ALGO COMPRESS_ALGO_ZIP
+ #define DEFAULT_S2K_DIGEST_ALGO DIGEST_ALGO_SHA1
+
+diff --git a/g10/sign.c b/g10/sign.c
+index 0de3321..e7e79cc 100644
+--- a/g10/sign.c
++++ b/g10/sign.c
+@@ -1425,7 +1425,7 @@ make_keysig_packet( PKT_signature **ret_sig, PKT_public_key *pk,
+ else if(sk->pubkey_algo==PUBKEY_ALGO_DSA)
+ digest_algo = match_dsa_hash (gcry_mpi_get_nbits (sk->skey[1])/8);
+ else
+- digest_algo = DIGEST_ALGO_SHA1;
++ digest_algo = DEFAULT_DIGEST_ALGO;
+ }
+
+ if ( gcry_md_open (&md, digest_algo, 0 ) )
+--
+2.1.4
+
diff -Nru gnupg2-2.0.26/debian/patches/0008-Update-Ukrainian-translation.patch gnupg2-2.0.26/debian/patches/0008-Update-Ukrainian-translation.patch
diff -Nru gnupg2-2.0.26/debian/patches/0009-gpg-Avoid-duplicate-declaration-of-no-sk-comments-no.patch gnupg2-2.0.26/debian/patches/0009-gpg-Avoid-duplicate-declaration-of-no-sk-comments-no.patch
--- gnupg2-2.0.26/debian/patches/0009-gpg-Avoid-duplicate-declaration-of-no-sk-comments-no.patch 1969-12-31 19:00:00.000000000 -0500
+++ gnupg2-2.0.26/debian/patches/0009-gpg-Avoid-duplicate-declaration-of-no-sk-comments-no.patch 2015-01-04 18:29:28.000000000 -0500
@@ -0,0 +1,39 @@
+From 3e14da863a668fb0ec1a075722bd0f7b47ae4c1b Mon Sep 17 00:00:00 2001
+From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
+Date: Mon, 29 Sep 2014 17:49:52 -0400
+Subject: [PATCH 09/31] gpg: Avoid duplicate declaration of {no-,}sk-comments
+ noops.
+
+* g10/gpg.c: Cleanup argument parsing.
+
+--
+
+With c76117f8b0165fe5cec5e7f234f55f5a4cd7f0ab, the GnuPG 2.0.x branch
+accidentally introduced a second (identical) argument parser for both
+--sk-comments, and for --no-sk-comments.
+
+This caused short versions (e.g. omitting the trailing "s", as gpgme
+does) of either command to fail with:
+
+ gpg: option "--sk-comment" is ambiguous
+---
+ g10/gpg.c | 3 ---
+ 1 file changed, 3 deletions(-)
+
+diff --git a/g10/gpg.c b/g10/gpg.c
+index 12d4295..eefd4ae 100644
+--- a/g10/gpg.c
++++ b/g10/gpg.c
+@@ -538,9 +538,6 @@ static ARGPARSE_OPTS opts[] = {
+ ARGPARSE_s_i (oAttributeFD, "attribute-fd", "@"),
+ ARGPARSE_s_s (oAttributeFile, "attribute-file", "@"),
+
+- ARGPARSE_s_n (oNoop, "sk-comments", "@"),
+- ARGPARSE_s_n (oNoop, "no-sk-comments", "@"),
+-
+ ARGPARSE_s_i (oCompletesNeeded, "completes-needed", "@"),
+ ARGPARSE_s_i (oMarginalsNeeded, "marginals-needed", "@"),
+ ARGPARSE_s_i (oMaxCertDepth, "max-cert-depth", "@" ),
+--
+2.1.4
+
diff -Nru gnupg2-2.0.26/debian/patches/0009-Update-German-translation.patch gnupg2-2.0.26/debian/patches/0009-Update-German-translation.patch
diff -Nru gnupg2-2.0.26/debian/patches/0010-gpg-compress-sigs-and-compress-keys-are-not-no-ops-i.patch gnupg2-2.0.26/debian/patches/0010-gpg-compress-sigs-and-compress-keys-are-not-no-ops-i.patch
--- gnupg2-2.0.26/debian/patches/0010-gpg-compress-sigs-and-compress-keys-are-not-no-ops-i.patch 1969-12-31 19:00:00.000000000 -0500
+++ gnupg2-2.0.26/debian/patches/0010-gpg-compress-sigs-and-compress-keys-are-not-no-ops-i.patch 2015-01-04 18:29:28.000000000 -0500
@@ -0,0 +1,38 @@
+From dcb5fa8747e8fc9f35285f168ee3ae8e6d422293 Mon Sep 17 00:00:00 2001
+From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
+Date: Mon, 29 Sep 2014 17:49:53 -0400
+Subject: [PATCH 10/31] gpg: --compress-sigs and --compress-keys are not no-ops
+ in 2.0
+
+* g10/gpg.c: Cleanup argument parsing.
+
+--
+
+c76117f8b0165fe5cec5e7f234f55f5a4cd7f0ab mistakenly marked
+compress-sigs and compress-keys as no-ops on the 2.0.x branch.
+
+These options still have an effect on the 2.0.x branch, and the
+duplicate declaration also causes the gpg argument parser to fail when
+shortened versions of the option are present, like:
+
+ gpg: option "--compress-k" is ambiguous
+---
+ g10/gpg.c | 2 --
+ 1 file changed, 2 deletions(-)
+
+diff --git a/g10/gpg.c b/g10/gpg.c
+index eefd4ae..a995796 100644
+--- a/g10/gpg.c
++++ b/g10/gpg.c
+@@ -770,8 +770,6 @@ static ARGPARSE_OPTS opts[] = {
+ /* Dummy options. */
+ ARGPARSE_s_n (oNoop, "sk-comments", "@"),
+ ARGPARSE_s_n (oNoop, "no-sk-comments", "@"),
+- ARGPARSE_s_n (oNoop, "compress-keys", "@"),
+- ARGPARSE_s_n (oNoop, "compress-sigs", "@"),
+
+ ARGPARSE_end ()
+ };
+--
+2.1.4
+
diff -Nru gnupg2-2.0.26/debian/patches/0010-Update-Danish-translation.patch gnupg2-2.0.26/debian/patches/0010-Update-Danish-translation.patch
diff -Nru gnupg2-2.0.26/debian/patches/0011-Update-Japanese-translation.patch gnupg2-2.0.26/debian/patches/0011-Update-Japanese-translation.patch
diff -Nru gnupg2-2.0.26/debian/patches/0012-gpg-Add-build-and-runtime-support-for-larger-RSA-key.patch gnupg2-2.0.26/debian/patches/0012-gpg-Add-build-and-runtime-support-for-larger-RSA-key.patch
--- gnupg2-2.0.26/debian/patches/0012-gpg-Add-build-and-runtime-support-for-larger-RSA-key.patch 1969-12-31 19:00:00.000000000 -0500
+++ gnupg2-2.0.26/debian/patches/0012-gpg-Add-build-and-runtime-support-for-larger-RSA-key.patch 2015-01-04 18:29:28.000000000 -0500
@@ -0,0 +1,187 @@
+From f952fe8c6ddf13ecca14ca72a27d1f8da6adc901 Mon Sep 17 00:00:00 2001
+From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
+Date: Fri, 3 Oct 2014 13:59:34 -0400
+Subject: [PATCH 12/31] gpg: Add build and runtime support for larger RSA keys
+
+* configure.ac: Added --enable-large-secmem option.
+* g10/options.h: Add opt.flags.large_rsa.
+* g10/gpg.c: Contingent on configure option: adjust secmem size,
+add gpg --enable-large-rsa, bound to opt.flags.large_rsa.
+* g10/keygen.c: Adjust max RSA size based on opt.flags.large_rsa
+* doc/gpg.texi: Document --enable-large-rsa.
+
+--
+
+This is a cherry-pick of 534e2876acc05f9f8d9b54c18511fe768d77dfb5 from
+STABLE-BRANCH-1-4 against STABLE-BRANCH-2-0
+
+Some older implementations built and used RSA keys up to 16Kib, but
+the larger secret keys now fail when used by more recent GnuPG, due to
+secure memory limitations.
+
+Building with ./configure --enable-large-secmem will make gpg
+capable of working with those secret keys, as well as permitting the
+use of a new gpg option --enable-large-rsa, which let gpg generate RSA
+keys up to 8Kib when used with --batch --gen-key.
+
+Debian-bug-id: 739424
+
+Minor edits by wk.
+
+GnuPG-bug-id: 1732
+---
+ configure.ac | 17 +++++++++++++++++
+ doc/gpg.texi | 9 +++++++++
+ g10/gpg.c | 22 +++++++++++++++++++++-
+ g10/keygen.c | 5 +++--
+ g10/options.h | 1 +
+ 5 files changed, 51 insertions(+), 3 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index 7137e3f..3f83bdc 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -83,6 +83,7 @@ use_exec=yes
+ disable_keyserver_path=no
+ use_ccid_driver=yes
+ use_standard_socket=no
++large_secmem=no
+
+ GNUPG_BUILD_PROGRAM(gpg, yes)
+ GNUPG_BUILD_PROGRAM(gpgsm, yes)
+@@ -174,6 +175,22 @@ AC_ARG_ENABLE(selinux-support,
+ selinux_support=$enableval, selinux_support=no)
+ AC_MSG_RESULT($selinux_support)
+
++
++AC_MSG_CHECKING([whether to allocate extra secure memory])
++AC_ARG_ENABLE(large-secmem,
++ AC_HELP_STRING([--enable-large-secmem],
++ [allocate extra secure memory]),
++ large_secmem=$enableval, large_secmem=no)
++AC_MSG_RESULT($large_secmem)
++if test "$large_secmem" = yes ; then
++ SECMEM_BUFFER_SIZE=65536
++else
++ SECMEM_BUFFER_SIZE=32768
++fi
++AC_DEFINE_UNQUOTED(SECMEM_BUFFER_SIZE,$SECMEM_BUFFER_SIZE,
++ [Size of secure memory buffer])
++
++
+ # Allow disabling of bzib2 support.
+ # It is defined only after we confirm the library is available later
+ AC_MSG_CHECKING([whether to enable the BZIP2 compression algorithm])
+diff --git a/doc/gpg.texi b/doc/gpg.texi
+index d66259e..b2c956e 100644
+--- a/doc/gpg.texi
++++ b/doc/gpg.texi
+@@ -1192,6 +1192,15 @@ the opposite meaning. The options are:
+ validation. This option is only meaningful if pka-lookups is set.
+ @end table
+
++@item --enable-large-rsa
++@itemx --disable-large-rsa
++@opindex enable-large-rsa
++@opindex disable-large-rsa
++With --gen-key and --batch, enable the creation of larger RSA secret
++keys than is generally recommended (up to 8192 bits). These large
++keys are more expensive to use, and their signatures and
++certifications are also larger.
++
+ @item --enable-dsa2
+ @itemx --disable-dsa2
+ @opindex enable-dsa2
+diff --git a/g10/gpg.c b/g10/gpg.c
+index a995796..576b88e 100644
+--- a/g10/gpg.c
++++ b/g10/gpg.c
+@@ -367,6 +367,8 @@ enum cmd_and_opt_values
+ oAutoKeyLocate,
+ oNoAutoKeyLocate,
+ oAllowMultisigVerification,
++ oEnableLargeRSA,
++ oDisableLargeRSA,
+ oEnableDSA2,
+ oDisableDSA2,
+ oAllowMultipleMessages,
+@@ -736,6 +738,8 @@ static ARGPARSE_OPTS opts[] = {
+
+ ARGPARSE_s_n (oAllowMultisigVerification,
+ "allow-multisig-verification", "@"),
++ ARGPARSE_s_n (oEnableLargeRSA, "enable-large-rsa", "@"),
++ ARGPARSE_s_n (oDisableLargeRSA, "disable-large-rsa", "@"),
+ ARGPARSE_s_n (oEnableDSA2, "enable-dsa2", "@"),
+ ARGPARSE_s_n (oDisableDSA2, "disable-dsa2", "@"),
+ ARGPARSE_s_n (oAllowMultipleMessages, "allow-multiple-messages", "@"),
+@@ -2069,7 +2073,7 @@ main (int argc, char **argv)
+ #endif
+
+ /* Initialize the secure memory. */
+- if (!gcry_control (GCRYCTL_INIT_SECMEM, 32768, 0))
++ if (!gcry_control (GCRYCTL_INIT_SECMEM, SECMEM_BUFFER_SIZE, 0))
+ got_secmem = 1;
+ #if defined(HAVE_GETUID) && defined(HAVE_GETEUID)
+ /* There should be no way to get to this spot while still carrying
+@@ -2964,6 +2968,22 @@ main (int argc, char **argv)
+ release_akl();
+ break;
+
++ case oEnableLargeRSA:
++#if SECMEM_BUFFER_SIZE >= 65536
++ opt.flags.large_rsa=1;
++#else
++ if (configname)
++ log_info("%s:%d: WARNING: gpg not built with large secure "
++ "memory buffer. Ignoring enable-large-rsa\n",
++ configname,configlineno);
++ else
++ log_info("WARNING: gpg not built with large secure "
++ "memory buffer. Ignoring --enable-large-rsa\n");
++#endif /* SECMEM_BUFFER_SIZE >= 65536 */
++ break;
++ case oDisableLargeRSA: opt.flags.large_rsa=0;
++ break;
++
+ case oEnableDSA2: opt.flags.dsa2=1; break;
+ case oDisableDSA2: opt.flags.dsa2=0; break;
+
+diff --git a/g10/keygen.c b/g10/keygen.c
+index 5841ad8..17fde7f 100644
+--- a/g10/keygen.c
++++ b/g10/keygen.c
+@@ -1431,6 +1431,7 @@ gen_rsa (int algo, unsigned nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek,
+ PKT_secret_key *sk;
+ PKT_public_key *pk;
+ gcry_sexp_t s_parms, s_key;
++ const unsigned maxsize = (opt.flags.large_rsa ? 8192 : 4096);
+
+ assert (is_RSA(algo));
+
+@@ -1442,9 +1443,9 @@ gen_rsa (int algo, unsigned nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek,
+ nbits = 2048;
+ log_info (_("keysize invalid; using %u bits\n"), nbits );
+ }
+- else if (nbits > 4096)
++ else if (nbits > maxsize)
+ {
+- nbits = 4096;
++ nbits = maxsize;
+ log_info (_("keysize invalid; using %u bits\n"), nbits );
+ }
+
+diff --git a/g10/options.h b/g10/options.h
+index 1a13841..e9c540d 100644
+--- a/g10/options.h
++++ b/g10/options.h
+@@ -232,6 +232,7 @@ struct
+ unsigned int dsa2:1;
+ unsigned int allow_multiple_messages:1;
+ unsigned int allow_weak_digest_algos:1;
++ unsigned int large_rsa:1;
+ } flags;
+
+ /* Linked list of ways to find a key if the key isn't on the local
+--
+2.1.4
+
diff -Nru gnupg2-2.0.26/debian/patches/0012-Update-Chinese-traditional-translation.patch gnupg2-2.0.26/debian/patches/0012-Update-Chinese-traditional-translation.patch
diff -Nru gnupg2-2.0.26/debian/patches/0013-gpg-Avoid-using-cached-MD5-signature-status.patch gnupg2-2.0.26/debian/patches/0013-gpg-Avoid-using-cached-MD5-signature-status.patch
--- gnupg2-2.0.26/debian/patches/0013-gpg-Avoid-using-cached-MD5-signature-status.patch 1969-12-31 19:00:00.000000000 -0500
+++ gnupg2-2.0.26/debian/patches/0013-gpg-Avoid-using-cached-MD5-signature-status.patch 2015-01-04 18:29:28.000000000 -0500
@@ -0,0 +1,163 @@
+From 9112fed78b33faae32d21ab581721758ae2e95f2 Mon Sep 17 00:00:00 2001
+From: Werner Koch <wk@gnupg.org>
+Date: Sat, 11 Oct 2014 19:41:51 +0200
+Subject: [PATCH 13/31] gpg: Avoid using cached MD5 signature status.
+
+* g10/sig-check.c (check_key_signature2): Avoid using a cached MD5
+signature status.
+* g10/keyring.c (keyring_get_keyblock): Ditto.
+(write_keyblock): Ditto.
+
+* g10/sig-check.c (do_check): Move reject warning to ...
+* g10/misc.c (print_md5_rejected_note): new.
+--
+
+Modified by dkg (2015-01-04) to avoid needless whitespace transformations.
+
+---
+ g10/keyring.c | 14 ++++++++++++--
+ g10/main.h | 7 ++++---
+ g10/misc.c | 16 ++++++++++++++++
+ g10/sig-check.c | 17 +++++------------
+ 4 files changed, 37 insertions(+), 17 deletions(-)
+
+diff --git a/g10/keyring.c b/g10/keyring.c
+index 7482724..837df5e 100644
+--- a/g10/keyring.c
++++ b/g10/keyring.c
+@@ -434,12 +434,19 @@ keyring_get_keyblock (KEYRING_HANDLE hd, KBNODE *ret_kb)
+ && (pkt->pkt.ring_trust->sigcache & 1) ) {
+ /* This is a ring trust packet with a checked signature
+ * status cache following directly a signature paket.
+- * Set the cache status into that signature packet. */
++ * Set the cache status into that signature packet.
++ *
++ * We do not use cached signatures made with MD5 to
++ * avoid using a cached status created with an older
++ * version of gpg. */
+ PKT_signature *sig = lastnode->pkt->pkt.signature;
+-
+- sig->flags.checked = 1;
+- sig->flags.valid = !!(pkt->pkt.ring_trust->sigcache & 2);
++
++ if (sig->digest_algo != DIGEST_ALGO_MD5)
++ {
++ sig->flags.checked = 1;
++ sig->flags.valid = !!(pkt->pkt.ring_trust->sigcache & 2);
++ }
+ }
+ /* Reset LASTNODE, so that we set the cache status only from
+ * the ring trust packet immediately following a signature. */
+ lastnode = NULL;
+@@ -490,9 +497,12 @@ keyring_get_keyblock (KEYRING_HANDLE hd, KBNODE *ret_kb)
+ && lastnode->pkt->pkttype == PKT_SIGNATURE
+ && (pkt->pkt.ring_trust->sigcache & 1) ) {
+ PKT_signature *sig = lastnode->pkt->pkt.signature;
+- sig->flags.checked = 1;
+- sig->flags.valid = !!(pkt->pkt.ring_trust->sigcache & 2);
++ if (sig->digest_algo != DIGEST_ALGO_MD5)
++ {
++ sig->flags.checked = 1;
++ sig->flags.valid = !!(pkt->pkt.ring_trust->sigcache & 2);
++ }
+ }
+ *ret_kb = keyblock;
+ }
+ free_packet (pkt);
+@@ -1354,7 +1364,7 @@ write_keyblock (IOBUF fp, KBNODE keyblock)
+ PKT_signature *sig = node->pkt->pkt.signature;
+ unsigned int cacheval = 0;
+
+- if (sig->flags.checked)
++ if (sig->flags.checked && sig->digest_algo != DIGEST_ALGO_MD5)
+ {
+ cacheval |= 1;
+ if (sig->flags.valid)
+diff --git a/g10/main.h b/g10/main.h
+index 9904820..2ac3854 100644
+--- a/g10/main.h
++++ b/g10/main.h
+@@ -63,9 +63,6 @@ extern int g10_errors_seen;
+ #else
+ void g10_exit(int rc);
+ #endif
+-void print_pubkey_algo_note( int algo );
+-void print_cipher_algo_note( int algo );
+-void print_digest_algo_note( int algo );
+
+ /*-- armor.c --*/
+ char *make_radix64_string( const byte *data, size_t len );
+@@ -82,6 +79,10 @@ u16 checksum( byte *p, unsigned n );
+ u16 checksum_mpi( gcry_mpi_t a );
+ u32 buffer_to_u32( const byte *buffer );
+ const byte *get_session_marker( size_t *rlen );
++void print_pubkey_algo_note( int algo );
++void print_cipher_algo_note( int algo );
++void print_digest_algo_note( int algo );
++void print_md5_rejected_note (void);
+ int map_cipher_openpgp_to_gcry (int algo);
+ #define openpgp_cipher_open(_a,_b,_c,_d) gcry_cipher_open((_a),map_cipher_openpgp_to_gcry((_b)),(_c),(_d))
+ #define openpgp_cipher_get_algo_keylen(_a) gcry_cipher_get_algo_keylen(map_cipher_openpgp_to_gcry((_a)))
+diff --git a/g10/misc.c b/g10/misc.c
+index 43ea0d2..1ca9580 100644
+--- a/g10/misc.c
++++ b/g10/misc.c
+@@ -340,6 +340,22 @@ print_digest_algo_note( int algo )
+ }
+
+
++void
++print_md5_rejected_note (void)
++{
++ static int shown;
++
++ if (!shown)
++ {
++ fflush (stdout);
++ log_info
++ (_("Note: signatures using the %s algorithm are rejected\n"),
++ "MD5");
++ shown = 1;
++ }
++}
++
++
+ /* Map OpenPGP algo numbers to those used by Libgcrypt. We need to do
+ this for algorithms we implemented in Libgcrypt after they become
+ part of OpenPGP. */
+diff --git a/g10/sig-check.c b/g10/sig-check.c
+index ed4fa89..2999693 100644
+--- a/g10/sig-check.c
++++ b/g10/sig-check.c
+@@ -272,16 +272,7 @@ do_check( PKT_public_key *pk, PKT_signature *sig, gcry_md_hd_t digest,
+ if (sig->digest_algo == GCRY_MD_MD5
+ && !opt.flags.allow_weak_digest_algos)
+ {
+- static int shown;
+-
+- if (!shown)
+- {
+- log_info
+- (_("Note: signatures using the %s algorithm are rejected\n"),
+- "MD5");
+- shown = 1;
+- }
+-
++ print_md5_rejected_note ();
+ return GPG_ERR_DIGEST_ALGO;
+ }
+
+@@ -549,9 +540,11 @@ check_key_signature2( KBNODE root, KBNODE node, PKT_public_key *check_pk,
+ /* Check whether we have cached the result of a previous signature
+ check. Note that we may no longer have the pubkey or hash
+ needed to verify a sig, but can still use the cached value. A
+- cache refresh detects and clears these cases. */
++ cache refresh detects and clears these cases.
++ For safety reasons we ignore cache entries from MD5 signatures. */
+ if ( !opt.no_sig_cache ) {
+- if (sig->flags.checked) { /*cached status available*/
++ if (sig->flags.checked && sig->digest_algo != DIGEST_ALGO_MD5) {
++ /*cached status available*/
+ if( is_selfsig ) {
+ u32 keyid[2];
+
diff -Nru gnupg2-2.0.26/debian/patches/0013-Update-Russian-translation.patch gnupg2-2.0.26/debian/patches/0013-Update-Russian-translation.patch
diff -Nru gnupg2-2.0.26/debian/patches/0014-gpg-Show-v3-key-fingerprints-as-all-zero.patch gnupg2-2.0.26/debian/patches/0014-gpg-Show-v3-key-fingerprints-as-all-zero.patch
--- gnupg2-2.0.26/debian/patches/0014-gpg-Show-v3-key-fingerprints-as-all-zero.patch 1969-12-31 19:00:00.000000000 -0500
+++ gnupg2-2.0.26/debian/patches/0014-gpg-Show-v3-key-fingerprints-as-all-zero.patch 2015-01-04 18:29:28.000000000 -0500
@@ -0,0 +1,33 @@
+From eb756e2510bfcae3339e0907a7e4cacdea59b175 Mon Sep 17 00:00:00 2001
+From: Werner Koch <wk@gnupg.org>
+Date: Sat, 11 Oct 2014 19:44:13 +0200
+Subject: [PATCH 14/31] gpg: Show v3 key fingerprints as all zero.
+
+* g10/keyid.c (fingerprint_from_pk): Show v3 fingerprints as all zero.
+--
+
+MD5 is considered broken for a long time now. To make it easier for
+users to notice that a listing shows a v3 key, the fingerprint is now
+displayed as 16 zero bytes unless --allow-weak-digest-algos is active.
+
+Signed-off-by: Werner Koch <wk@gnupg.org>
+---
+ g10/keyid.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/g10/keyid.c b/g10/keyid.c
+index d7a877b..10eadef 100644
+--- a/g10/keyid.c
++++ b/g10/keyid.c
+@@ -672,7 +672,7 @@ fingerprint_from_pk( PKT_public_key *pk, byte *array, size_t *ret_len )
+
+ if ( pk->version < 4 )
+ {
+- if ( is_RSA(pk->pubkey_algo) )
++ if ( is_RSA(pk->pubkey_algo) && opt.flags.allow_weak_digest_algos)
+ {
+ /* RSA in version 3 packets is special. */
+ gcry_md_hd_t md;
+--
+2.1.4
+
diff -Nru gnupg2-2.0.26/debian/patches/0014-Update-Polish-translation.patch gnupg2-2.0.26/debian/patches/0014-Update-Polish-translation.patch
diff -Nru gnupg2-2.0.26/debian/patches/0015-gpg-Add-import-option-keep-ownertrust.patch gnupg2-2.0.26/debian/patches/0015-gpg-Add-import-option-keep-ownertrust.patch
--- gnupg2-2.0.26/debian/patches/0015-gpg-Add-import-option-keep-ownertrust.patch 1969-12-31 19:00:00.000000000 -0500
+++ gnupg2-2.0.26/debian/patches/0015-gpg-Add-import-option-keep-ownertrust.patch 2015-01-04 18:29:28.000000000 -0500
@@ -0,0 +1,106 @@
+From da95d0d37841b34e2f3d7047f14ab4d98a7c0c56 Mon Sep 17 00:00:00 2001
+From: Werner Koch <wk@gnupg.org>
+Date: Wed, 12 Nov 2014 09:56:40 +0100
+Subject: [PATCH 15/31] gpg: Add import option "keep-ownertrust".
+
+* g10/options.h (IMPORT_KEEP_OWNERTTRUST): New.
+* g10/import.c (parse_import_options): Add "keep-ownertrust".
+(import_one): Act upon new option.
+--
+
+This option is in particular useful to convert from a pubring.gpg to
+the new pubring.kbx in GnuPG 2.1 or vice versa:
+
+gpg1 --export | gpg2 --import-options keep-ownertrust --import
+
+(cherry-picked from commit ffc2307843ce6c4ac3c8d99ba8c70ffa1ae28e39)
+---
+ doc/gpg.texi | 9 +++++++++
+ g10/import.c | 15 +++++++++++++--
+ g10/options.h | 1 +
+ 3 files changed, 23 insertions(+), 2 deletions(-)
+
+diff --git a/doc/gpg.texi b/doc/gpg.texi
+index b2c956e..0689cb5 100644
+--- a/doc/gpg.texi
++++ b/doc/gpg.texi
+@@ -2039,6 +2039,15 @@ opposite meaning. The options are:
+ generally useful unless a shared keyring scheme is being used.
+ Defaults to no.
+
++ @item import-keep-ownertrust
++ Normally possible still existing ownertrust values of a key are
++ cleared if a key is imported. This is in general desirable so that
++ a formerly deleted key does not automatically gain an ownertrust
++ values merely due to import. On the other hand it is sometimes
++ necessary to re-import a trusted set of keys again but keeping
++ already assigned ownertrust values. This can be achived by using
++ this option.
++
+ @item repair-pks-subkey-bug
+ During import, attempt to repair the damage caused by the PKS keyserver
+ bug (pre version 0.9.6) that mangles keys with multiple subkeys. Note
+diff --git a/g10/import.c b/g10/import.c
+index 1bf4090..8e509dd 100644
+--- a/g10/import.c
++++ b/g10/import.c
+@@ -95,18 +95,28 @@ parse_import_options(char *str,unsigned int *options,int noisy)
+ {
+ {"import-local-sigs",IMPORT_LOCAL_SIGS,NULL,
+ N_("import signatures that are marked as local-only")},
++
+ {"repair-pks-subkey-bug",IMPORT_REPAIR_PKS_SUBKEY_BUG,NULL,
+ N_("repair damage from the pks keyserver during import")},
++
++ {"keep-ownertrust", IMPORT_KEEP_OWNERTTRUST, NULL,
++ N_("do not clear the ownertrust values during import")},
++
+ {"fast-import",IMPORT_FAST,NULL,
+ N_("do not update the trustdb after import")},
++
+ {"convert-sk-to-pk",IMPORT_SK2PK,NULL,
+ N_("create a public key when importing a secret key")},
++
+ {"merge-only",IMPORT_MERGE_ONLY,NULL,
+ N_("only accept updates to existing keys")},
++
+ {"import-clean",IMPORT_CLEAN,NULL,
+ N_("remove unusable parts from key after import")},
++
+ {"import-minimal",IMPORT_MINIMAL|IMPORT_CLEAN,NULL,
+ N_("remove as much as possible from key after import")},
++
+ /* Aliases for backward compatibility */
+ {"allow-local-sigs",IMPORT_LOCAL_SIGS,NULL,NULL},
+ {"repair-hkp-subkey-bug",IMPORT_REPAIR_PKS_SUBKEY_BUG,NULL,NULL},
+@@ -890,12 +900,13 @@ import_one( const char *fname, KBNODE keyblock, struct stats_s *stats,
+ if (rc)
+ log_error (_("error writing keyring `%s': %s\n"),
+ keydb_get_resource_name (hd), g10_errstr(rc));
+- else
++ else if (!(opt.import_options & IMPORT_KEEP_OWNERTTRUST))
+ {
+ /* This should not be possible since we delete the
+ ownertrust when a key is deleted, but it can happen if
+ the keyring and trustdb are out of sync. It can also
+- be made to happen with the trusted-key command. */
++ be made to happen with the trusted-key command and by
++ importing and locally exported key. */
+
+ clear_ownertrusts (pk);
+ if(non_self)
+diff --git a/g10/options.h b/g10/options.h
+index e9c540d..9b12b77 100644
+--- a/g10/options.h
++++ b/g10/options.h
+@@ -324,6 +324,7 @@ EXTERN_UNLESS_MAIN_MODULE int memory_stat_debug_mode;
+ #define IMPORT_MINIMAL (1<<5)
+ #define IMPORT_CLEAN (1<<6)
+ #define IMPORT_NO_SECKEY (1<<7)
++#define IMPORT_KEEP_OWNERTTRUST (1<<8)
+
+ #define EXPORT_LOCAL_SIGS (1<<0)
+ #define EXPORT_ATTRIBUTES (1<<1)
+--
+2.1.4
+
diff -Nru gnupg2-2.0.26/debian/patches/0015-Update-Spanish-translation.patch gnupg2-2.0.26/debian/patches/0015-Update-Spanish-translation.patch
diff -Nru gnupg2-2.0.26/debian/patches/0016-gpg-Make-the-use-of-verify-FILE-for-detached-sigs-ha.patch gnupg2-2.0.26/debian/patches/0016-gpg-Make-the-use-of-verify-FILE-for-detached-sigs-ha.patch
--- gnupg2-2.0.26/debian/patches/0016-gpg-Make-the-use-of-verify-FILE-for-detached-sigs-ha.patch 1969-12-31 19:00:00.000000000 -0500
+++ gnupg2-2.0.26/debian/patches/0016-gpg-Make-the-use-of-verify-FILE-for-detached-sigs-ha.patch 2015-01-04 18:29:28.000000000 -0500
@@ -0,0 +1,253 @@
+From a5ca45e6168e75aa6f3743b764d601ab3df966b7 Mon Sep 17 00:00:00 2001
+From: Werner Koch <wk@gnupg.org>
+Date: Fri, 14 Nov 2014 09:36:19 +0100
+Subject: [PATCH 16/31] gpg: Make the use of "--verify FILE" for detached sigs
+ harder.
+
+* g10/openfile.c (open_sigfile): Factor some code out to ...
+(get_matching_datafile): new function.
+* g10/plaintext.c (hash_datafiles): Do not try to find matching file
+in batch mode.
+* g10/mainproc.c (check_sig_and_print): Print a warning if a possibly
+matching data file is not used by a standard signatures.
+--
+
+Allowing to use the abbreviated form for detached signatures is a long
+standing bug which has only been noticed by the public with the
+release of 2.1.0. :-(
+
+What we do is to remove the ability to check detached signature in
+--batch using the one file abbreviated mode. This should exhibit
+problems in scripts which use this insecure practice. We also print a
+warning if a matching data file exists but was not considered because
+the detached signature was actually a standard signature:
+
+ gpgv: Good signature from "Werner Koch (dist sig)"
+ gpgv: WARNING: not a detached signature; \
+ file 'gnupg-2.1.0.tar.bz2' was NOT verified!
+
+We can only print a warning because it is possible that a standard
+signature is indeed to be verified but by coincidence a file with a
+matching name is stored alongside the standard signature.
+
+Reported-by: Simon Nicolussi (to gnupg-users on Nov 7)
+Signed-off-by: Werner Koch <wk@gnupg.org>
+
+(backported from commit 69384568f66a48eff3968bb1714aa13925580e9f)
+(modified by dkg 2015-01-04 to avoid a needless whitespace change)
+---
+ g10/main.h | 3 ++-
+ g10/mainproc.c | 38 ++++++++++++++++++++++++++
+ g10/openfile.c | 83 ++++++++++++++++++++++++++++++++++++++-------------------
+ g10/plaintext.c | 32 +++++++++++++---------
+ 4 files changed, 116 insertions(+), 40 deletions(-)
+
+diff --git a/g10/main.h b/g10/main.h
+index e97b936..b55a184 100644
+--- a/g10/main.h
++++ b/g10/main.h
+@@ -253,7 +253,8 @@ int overwrite_filep( const char *fname );
+ char *make_outfile_name( const char *iname );
+ char *ask_outfile_name( const char *name, size_t namelen );
+ int open_outfile( const char *iname, int mode, iobuf_t *a );
+-iobuf_t open_sigfile( const char *iname, progress_filter_context_t *pfx );
++char *get_matching_datafile (const char *sigfilename);
++iobuf_t open_sigfile (const char *sigfilename, progress_filter_context_t *pfx);
+ void try_make_homedir( const char *fname );
+
+ /*-- seskey.c --*/
+diff --git a/g10/mainproc.c b/g10/mainproc.c
+index 551ab58..3abcb15 100644
+--- a/g10/mainproc.c
++++ b/g10/mainproc.c
+@@ -1959,6 +1959,44 @@ check_sig_and_print( CTX c, KBNODE node )
+ sig->sig_class==0x01?_("textmode"):_("unknown"),
+ gcry_md_algo_name (sig->digest_algo));
+
++ if (!rc && !c->signed_data.used)
++ {
++ /* Signature is basically good but we test whether the
++ deprecated command
++ gpg --verify FILE.sig
++ was used instead of
++ gpg --verify FILE.sig FILE
++ to verify a detached signature. If we figure out that a
++ data file with a matching name exists, we print a warning.
++
++ The problem is that the first form would also verify a
++ standard signature. This behavior could be used to
++ create a made up .sig file for a tarball by creating a
++ standard signature from a valid detached signature packet
++ (for example from a signed git tag). Then replace the
++ sig file on the FTP server along with a changed tarball.
++ Using the first form the verify command would correctly
++ verify the signature but don't even consider the tarball. */
++ kbnode_t n;
++ char *dfile;
++
++ dfile = get_matching_datafile (c->sigfilename);
++ if (dfile)
++ {
++ for (n = c->list; n; n = n->next)
++ if (n->pkt->pkttype != PKT_SIGNATURE)
++ break;
++ if (n)
++ {
++ /* Not only signature packets in the tree thus this
++ is not a detached signature. */
++ log_info (_("WARNING: not a detached signature; "
++ "file '%s' was NOT verified!\n"), dfile);
++ }
++ xfree (dfile);
++ }
++ }
++
+ if( rc )
+ g10_errors_seen = 1;
+ if( opt.batch && rc )
+diff --git a/g10/openfile.c b/g10/openfile.c
+index db5cdc2..dc9dfd0 100644
+--- a/g10/openfile.c
++++ b/g10/openfile.c
+@@ -287,41 +287,70 @@ open_outfile( const char *iname, int mode, IOBUF *a )
+ }
+
+
++/* Find a matching data file for the signature file SIGFILENAME and
++ return it as a malloced string. If no matching data file is found,
++ return NULL. */
++char *
++get_matching_datafile (const char *sigfilename)
++{
++ char *fname = NULL;
++ size_t len;
++
++ if (iobuf_is_pipe_filename (sigfilename))
++ return NULL;
++
++ len = strlen (sigfilename);
++ if (len > 4
++ && (!strcmp (sigfilename + len - 4, EXTSEP_S "sig")
++ || (len > 5 && !strcmp(sigfilename + len - 5, EXTSEP_S "sign"))
++ || !strcmp(sigfilename + len - 4, EXTSEP_S "asc")))
++ {
++
++ fname = xstrdup (sigfilename);
++ fname[len-(fname[len-1]=='n'?5:4)] = 0 ;
++ if (access (fname, R_OK ))
++ {
++ /* Not found or other error. */
++ xfree (fname);
++ fname = NULL;
++ }
++ }
++
++ return fname;
++}
++
++
+ /****************
+ * Try to open a file without the extension ".sig" or ".asc"
+ * Return NULL if such a file is not available.
+ */
+-IOBUF
+-open_sigfile( const char *iname, progress_filter_context_t *pfx )
++iobuf_t
++open_sigfile (const char *sigfilename, progress_filter_context_t *pfx)
+ {
+- IOBUF a = NULL;
+- size_t len;
+-
+- if( !iobuf_is_pipe_filename (iname) ) {
+- len = strlen(iname);
+- if( len > 4 && ( !strcmp(iname + len - 4, EXTSEP_S "sig")
+- || ( len > 5 && !strcmp(iname + len - 5, EXTSEP_S "sign") )
+- || !strcmp(iname + len - 4, EXTSEP_S "asc")) ) {
+- char *buf;
+- buf = xstrdup(iname);
+- buf[len-(buf[len-1]=='n'?5:4)] = 0 ;
+- a = iobuf_open( buf );
+- if (a && is_secured_file (iobuf_get_fd (a)))
+- {
+- iobuf_close (a);
+- a = NULL;
+- errno = EPERM;
+- }
+- if( a && opt.verbose )
+- log_info(_("assuming signed data in `%s'\n"), buf );
+- if (a && pfx)
+- handle_progress (pfx, a, buf);
+- xfree(buf);
+- }
++ iobuf_t a = NULL;
++ char *buf;
++
++ buf = get_matching_datafile (sigfilename);
++ if (buf)
++ {
++ a = iobuf_open (buf);
++ if (a && is_secured_file (iobuf_get_fd (a)))
++ {
++ iobuf_close (a);
++ a = NULL;
++ gpg_err_set_errno (EPERM);
++ }
++ if (a)
++ log_info (_("assuming signed data in '%s'\n"), buf);
++ if (a && pfx)
++ handle_progress (pfx, a, buf);
++ xfree (buf);
+ }
+- return a;
++
++ return a;
+ }
+
++
+ /****************
+ * Copy the option file skeleton to the given directory.
+ */
+diff --git a/g10/plaintext.c b/g10/plaintext.c
+index 3777648..d24c640 100644
+--- a/g10/plaintext.c
++++ b/g10/plaintext.c
+@@ -546,17 +546,25 @@ hash_datafiles( gcry_md_hd_t md, gcry_md_hd_t md2, strlist_t files,
+ pfx = new_progress_context ();
+
+ if( !files ) {
+- /* check whether we can open the signed material */
+- fp = open_sigfile( sigfilename, pfx );
+- if( fp ) {
+- do_hash( md, md2, fp, textmode );
+- iobuf_close(fp);
+- release_progress_context (pfx);
+- return 0;
+- }
+- log_error (_("no signed data\n"));
+- release_progress_context (pfx);
+- return gpg_error (GPG_ERR_NO_DATA);
++ /* Check whether we can open the signed material. We avoid
++ trying to open a file if run in batch mode. This assumed
++ data file for a sig file feature is just a convenience thing
++ for the command line and the user needs to read possible
++ warning messages. */
++ if (!opt.batch)
++ {
++ fp = open_sigfile( sigfilename, pfx );
++ if( fp )
++ {
++ do_hash( md, md2, fp, textmode );
++ iobuf_close(fp);
++ release_progress_context (pfx);
++ return 0;
++ }
++ }
++ log_error (_("no signed data\n"));
++ release_progress_context (pfx);
++ return gpg_error (GPG_ERR_NO_DATA);
+ }
+
+
+--
+2.1.4
+
diff -Nru gnupg2-2.0.26/debian/patches/0016-New-Dutch-translation.patch gnupg2-2.0.26/debian/patches/0016-New-Dutch-translation.patch
diff -Nru gnupg2-2.0.26/debian/patches/0018-gpg-Fix-a-NULL-deref-for-invalid-input-data.patch gnupg2-2.0.26/debian/patches/0018-gpg-Fix-a-NULL-deref-for-invalid-input-data.patch
--- gnupg2-2.0.26/debian/patches/0018-gpg-Fix-a-NULL-deref-for-invalid-input-data.patch 1969-12-31 19:00:00.000000000 -0500
+++ gnupg2-2.0.26/debian/patches/0018-gpg-Fix-a-NULL-deref-for-invalid-input-data.patch 2015-01-04 18:29:28.000000000 -0500
@@ -0,0 +1,59 @@
+From 92a7949ae6331b5e188480b76ce29a86ede6e89e Mon Sep 17 00:00:00 2001
+From: Werner Koch <wk@gnupg.org>
+Date: Mon, 24 Nov 2014 18:19:31 +0100
+Subject: [PATCH 18/31] gpg: Fix a NULL-deref for invalid input data.
+
+* g10/mainproc.c (proc_encrypted): Take care of canceled passpharse
+entry.
+--
+
+GnuPG-bug-id: 1761
+Signed-off-by: Werner Koch <wk@gnupg.org>
+
+(backported from commit 32e85668b82f6fbcb824eea9548970804fb41d9e)
+---
+ g10/mainproc.c | 12 +++++++++---
+ 1 file changed, 9 insertions(+), 3 deletions(-)
+
+diff --git a/g10/mainproc.c b/g10/mainproc.c
+index 3abcb15..6288030 100644
+--- a/g10/mainproc.c
++++ b/g10/mainproc.c
+@@ -520,7 +520,9 @@ proc_encrypted( CTX c, PACKET *pkt )
+ result = -1;
+ else if( !c->dek && !c->last_was_session_key ) {
+ int algo;
+- STRING2KEY s2kbuf, *s2k = NULL;
++ STRING2KEY s2kbuf;
++ STRING2KEY *s2k = NULL;
++ int canceled;
+
+ if(opt.override_session_key)
+ {
+@@ -562,9 +564,13 @@ proc_encrypted( CTX c, PACKET *pkt )
+ log_info (_("assuming %s encrypted data\n"), "IDEA");
+ }
+
+- c->dek = passphrase_to_dek ( NULL, 0, algo, s2k, 3, NULL, NULL );
++ c->dek = passphrase_to_dek ( NULL, 0, algo, s2k, 3, NULL,&canceled);
+ if (c->dek)
+ c->dek->algo_info_printed = 1;
++ else if (canceled)
++ result = gpg_error (GPG_ERR_CANCELED);
++ else
++ result = gpg_error (GPG_ERR_INV_PASSPHRASE);
+ }
+ }
+ else if( !c->dek )
+@@ -585,7 +591,7 @@ proc_encrypted( CTX c, PACKET *pkt )
+ else if(!opt.no_mdc_warn)
+ log_info (_("WARNING: message was not integrity protected\n"));
+ }
+- else if( result == G10ERR_BAD_SIGN ) {
++ else if( gpg_err_code (result) == G10ERR_BAD_SIGN ) {
+ log_error(_("WARNING: encrypted message has been manipulated!\n"));
+ write_status( STATUS_BADMDC );
+ write_status( STATUS_DECRYPTION_FAILED );
+--
+2.1.4
+
diff -Nru gnupg2-2.0.26/debian/patches/0019-gpg-Fix-off-by-one-read-in-the-attribute-subpacket-p.patch gnupg2-2.0.26/debian/patches/0019-gpg-Fix-off-by-one-read-in-the-attribute-subpacket-p.patch
--- gnupg2-2.0.26/debian/patches/0019-gpg-Fix-off-by-one-read-in-the-attribute-subpacket-p.patch 1969-12-31 19:00:00.000000000 -0500
+++ gnupg2-2.0.26/debian/patches/0019-gpg-Fix-off-by-one-read-in-the-attribute-subpacket-p.patch 2015-01-04 18:29:28.000000000 -0500
@@ -0,0 +1,43 @@
+From 7a068ac50bc48de26e93cfeadf412b37257f97d5 Mon Sep 17 00:00:00 2001
+From: Werner Koch <wk@gnupg.org>
+Date: Mon, 24 Nov 2014 19:12:37 +0100
+Subject: [PATCH 19/31] gpg: Fix off-by-one read in the attribute subpacket
+ parser.
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+* g10/parse-packet.c (parse_attribute_subpkts): Check that the
+attribute packet is large enough for the subpacket type.
+--
+
+Reported-by: Hanno Böck
+Signed-off-by: Werner Koch <wk@gnupg.org>
+
+(backported from commit 0988764397f99db4efef1eabcdb8072d6159af76)
+---
+ g10/parse-packet.c | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git a/g10/parse-packet.c b/g10/parse-packet.c
+index f1d7f71..99ff7b7 100644
+--- a/g10/parse-packet.c
++++ b/g10/parse-packet.c
+@@ -2102,6 +2102,14 @@ parse_attribute_subpkts(PKT_user_id *uid)
+ if( buflen < n )
+ goto too_short;
+
++ if (!n)
++ {
++ /* Too short to encode the subpacket type. */
++ if (opt.verbose)
++ log_info ("attribute subpacket too short\n");
++ break;
++ }
++
+ attribs=xrealloc(attribs,(count+1)*sizeof(struct user_attribute));
+ memset(&attribs[count],0,sizeof(struct user_attribute));
+
+--
+2.1.4
+
diff -Nru gnupg2-2.0.26/debian/patches/0020-gpg-Fix-use-of-uninit.value-in-listing-sig-subpkts.patch gnupg2-2.0.26/debian/patches/0020-gpg-Fix-use-of-uninit.value-in-listing-sig-subpkts.patch
--- gnupg2-2.0.26/debian/patches/0020-gpg-Fix-use-of-uninit.value-in-listing-sig-subpkts.patch 1969-12-31 19:00:00.000000000 -0500
+++ gnupg2-2.0.26/debian/patches/0020-gpg-Fix-use-of-uninit.value-in-listing-sig-subpkts.patch 2015-01-04 18:29:28.000000000 -0500
@@ -0,0 +1,44 @@
+From 1f9dfe1fedad215140011257d9b1bb21bc368179 Mon Sep 17 00:00:00 2001
+From: Werner Koch <wk@gnupg.org>
+Date: Mon, 24 Nov 2014 19:24:47 +0100
+Subject: [PATCH 20/31] gpg: Fix use of uninit.value in listing sig subpkts.
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+* g10/parse-packet.c (dump_sig_subpkt): Print regex subpacket
+sanitized.
+--
+
+We may not use "%s" to print an arbitrary buffer. At least "%.*s"
+should have been used. However, it is in general preferable to escape
+control characters while printf user data.
+
+Reported-by: Hanno Böck
+Signed-off-by: Werner Koch <wk@gnupg.org>
+
+(backported from commit 596ae9f5433ca3b0e01f7acbe06fd2e424c42ae8)
+---
+ g10/parse-packet.c | 6 +++++-
+ 1 file changed, 5 insertions(+), 1 deletion(-)
+
+diff --git a/g10/parse-packet.c b/g10/parse-packet.c
+index 99ff7b7..63b97f0 100644
+--- a/g10/parse-packet.c
++++ b/g10/parse-packet.c
+@@ -972,7 +972,11 @@ dump_sig_subpkt( int hashed, int type, int critical,
+ if(!length)
+ p="[invalid regexp subpacket]";
+ else
+- fprintf (listfp, "regular expression: \"%s\"",buffer);
++ {
++ fprintf (listfp, "regular expression: \"");
++ print_string (listfp, buffer, length, '\"');
++ p = "\"";
++ }
+ break;
+ case SIGSUBPKT_REVOCABLE:
+ if( length )
+--
+2.1.4
+
diff -Nru gnupg2-2.0.26/debian/patches/0031-gpg-release-DEK-soon-after-its-use.patch gnupg2-2.0.26/debian/patches/0031-gpg-release-DEK-soon-after-its-use.patch
--- gnupg2-2.0.26/debian/patches/0031-gpg-release-DEK-soon-after-its-use.patch 1969-12-31 19:00:00.000000000 -0500
+++ gnupg2-2.0.26/debian/patches/0031-gpg-release-DEK-soon-after-its-use.patch 2015-01-04 18:29:28.000000000 -0500
@@ -0,0 +1,45 @@
+From 4f0d526b7df871318508f8c3d2f57e7069c47e6f Mon Sep 17 00:00:00 2001
+From: NIIBE Yutaka <gniibe@fsij.org>
+Date: Fri, 12 Dec 2014 17:41:56 +0900
+Subject: [PATCH 31/31] gpg: release DEK soon after its use.
+
+* g10/keygen.c (generate_subkeypair): Release DEK soon.
+
+--
+
+This fixes the out_of_core error in the test case of adding
+RSA-4096 subkey to RSA-4096 primary key with configuration:
+
+ s2k-cipher-algo S10
+
+Debian-bug-id: 772780
+
+Cherry-picked da66ad5bba4215b9ddd0cb927a89aa75355632aa from
+STABLE-BRANCH-1-4 branch.
+---
+ g10/keygen.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/g10/keygen.c b/g10/keygen.c
+index 17fde7f..10cca7d 100644
+--- a/g10/keygen.c
++++ b/g10/keygen.c
+@@ -3823,6 +3823,7 @@ generate_subkeypair (KBNODE pub_keyblock, KBNODE sec_keyblock)
+ if (!rc)
+ rc = do_create (algo, nbits, pub_keyblock, sec_keyblock,
+ dek, s2k, &sub_sk, cur_time, expire, 1 );
++ xfree (dek);
+ if (!rc)
+ rc = write_keybinding (pub_keyblock, pub_keyblock, pri_sk, sub_sk,
+ use, cur_time);
+@@ -3839,7 +3839,6 @@ generate_subkeypair (KBNODE pub_keyblock, KBNODE sec_keyblock)
+ if (rc)
+ log_error (_("Key generation failed: %s\n"), g10_errstr(rc) );
+ xfree (passphrase);
+- xfree (dek);
+ xfree (s2k);
+ /* Release the copy of the (now unprotected) secret keys. */
+ if (pri_sk)
+--
+2.1.4
+
diff -Nru gnupg2-2.0.26/debian/patches/fix_751266.patch gnupg2-2.0.26/debian/patches/fix_751266.patch
--- gnupg2-2.0.26/debian/patches/fix_751266.patch 2014-09-26 15:03:38.000000000 -0400
+++ gnupg2-2.0.26/debian/patches/fix_751266.patch 1969-12-31 19:00:00.000000000 -0500
@@ -1,30 +0,0 @@
-commit 07006c9916ea194ce6047d252421c08489068c4c
-Author: Kristian Fiskerstrand <kf@sumptuouscapital.com>
-Date: Wed Aug 13 11:13:34 2014 +0200
-
- gpg: Need to init the trustdb for import.
-
- * g10/trustdb.c (clear_ownertrusts): Init trustdb.
-
- --
-
- This was fixed in 1.4 branch in commit
- 23191d7851eae2217ecdac6484349849a24fd94a but was not applied to the
- 2.0 branch that exhibits the same problem. This is actually a hack
- to fix a bug introduced with commit 2528178.
-
- GnuPG-bug-id: 1622
-
-diff --git a/g10/trustdb.c b/g10/trustdb.c
-index f96701a..7bfef25 100644
---- a/g10/trustdb.c
-+++ b/g10/trustdb.c
-@@ -923,6 +923,8 @@ clear_ownertrusts (PKT_public_key *pk)
- TRUSTREC rec;
- int rc;
-
-+ init_trustdb();
-+
- if (trustdb_args.no_trustdb && opt.trust_model == TM_ALWAYS)
- return 0;
-
diff -Nru gnupg2-2.0.26/debian/patches/series gnupg2-2.0.26/debian/patches/series
--- gnupg2-2.0.26/debian/patches/series 2014-09-26 15:03:53.000000000 -0400
+++ gnupg2-2.0.26/debian/patches/series 2015-01-04 18:30:49.000000000 -0500
@@ -1,4 +1,30 @@
01-gnupg2-rename.diff
fix_760273.patch
-0001-warn-about-but-don-t-fail-on-scdaemon-options-in-gpg.patch
-fix_751266.patch
+0005-Update-POT-file.patch
+0006-Update-PO-files.patch
+0007-Update-French-translation.patch
+0008-Update-Ukrainian-translation.patch
+0009-Update-German-translation.patch
+0010-Update-Danish-translation.patch
+0011-Update-Japanese-translation.patch
+0012-Update-Chinese-traditional-translation.patch
+0013-Update-Russian-translation.patch
+0014-Update-Polish-translation.patch
+0015-Update-Spanish-translation.patch
+0016-New-Dutch-translation.patch
+0002-gpg-Allow-for-positional-parameters-in-the-passphras.patch
+0004-gpg-Need-to-init-the-trustdb-for-import.patch
+0005-gpg-Warn-about-but-don-t-fail-on-scdaemon-options-in.patch
+0007-doc-Update-the-file-OpenPGP.patch
+0008-gpg-Default-to-SHA-256-for-all-signature-types-on-RS.patch
+0009-gpg-Avoid-duplicate-declaration-of-no-sk-comments-no.patch
+0010-gpg-compress-sigs-and-compress-keys-are-not-no-ops-i.patch
+0012-gpg-Add-build-and-runtime-support-for-larger-RSA-key.patch
+0013-gpg-Avoid-using-cached-MD5-signature-status.patch
+0014-gpg-Show-v3-key-fingerprints-as-all-zero.patch
+0015-gpg-Add-import-option-keep-ownertrust.patch
+0016-gpg-Make-the-use-of-verify-FILE-for-detached-sigs-ha.patch
+0018-gpg-Fix-a-NULL-deref-for-invalid-input-data.patch
+0019-gpg-Fix-off-by-one-read-in-the-attribute-subpacket-p.patch
+0020-gpg-Fix-use-of-uninit.value-in-listing-sig-subpkts.patch
+0031-gpg-release-DEK-soon-after-its-use.patch
diff -Nru gnupg2-2.0.26/debian/rules gnupg2-2.0.26/debian/rules
--- gnupg2-2.0.26/debian/rules 2014-09-18 17:14:47.000000000 -0400
+++ gnupg2-2.0.26/debian/rules 2015-01-04 18:29:28.000000000 -0500
@@ -27,6 +27,7 @@
override_dh_auto_configure:
dh_auto_configure -- --libexecdir=\$${prefix}/lib/gnupg2 \
+ --enable-large-secmem \
--enable-symcryptrun
override_dh_shlibdeps:
Attachment:
signature.asc
Description: PGP signature