---
- branch: MAIN
  date: Sun Jan 13 16:23:55 UTC 2008
  files:
  - new: '1.95'
    old: '1.94'
    path: pkgsrc/security/gnupg/Makefile
    pathrev: pkgsrc/security/gnupg/Makefile@1.95
    type: modified
  - new: '1.47'
    old: '1.46'
    path: pkgsrc/security/gnupg/distinfo
    pathrev: pkgsrc/security/gnupg/distinfo@1.47
    type: modified
  id: 20080113T162355Z.490ce3a0798871924e0df417fdee1e68d1440e5a
  log: |
    Update to 1.4.8:

    Noteworthy changes in version 1.4.8 (2007-12-20)
    ------------------------------------------------

                 *******************************************
                 * A decade of GnuPG: g10-0.0.0.tar.gz was *
                 *      released exactly 10 years ago.     *
                 *******************************************

        * Changed the license to GPLv3.

        * Improved detection of keyrings specified multiple times.

        * Changes to better cope with broken keyservers.

        * Minor bug fixes.

        * The new OpenPGP standard is now complete, and has been published
          as RFC-4880.  The GnuPG --openpgp mode (note this is not the
          default) has been updated to match the new standard.  The
          --rfc2440 option can be used to return to the older RFC-2440
          behavior.  The main differences between the two are
          "--enable-dsa2 --no-rfc2440-text --escape-from-lines
          --require-cross-certification".

        * By default (i.e. --gnupg mode), --require-cross-certification is
          now on.  --rfc2440-text and --force-v3-sigs are now off.

        * Allow encryption using legacy Elgamal sign+encrypt keys if
          option --rfc2440 is used.

        * Fixed the auto creation of the key stub for smartcards.

        * Fixed a rare bug in decryption using the OpenPGP card.

        * Fix RFC-4880 typo in the SHA-224 hash prefix.  Old SHA-224
          signatures will continue to work.
  module: pkgsrc
  subject: 'CVS commit: pkgsrc/security/gnupg'
  unixtime: '1200241435'
  user: wiz