---
- branch: MAIN
  date: Sat Feb 21 09:08:53 UTC 2015
  files:
  - new: '1.58'
    old: '1.57'
    path: pkgsrc/security/gnupg2/Makefile
    pathrev: pkgsrc/security/gnupg2/Makefile@1.58
    type: modified
  - new: '1.6'
    old: '1.5'
    path: pkgsrc/security/gnupg2/PLIST
    pathrev: pkgsrc/security/gnupg2/PLIST@1.6
    type: modified
  - new: '1.34'
    old: '1.33'
    path: pkgsrc/security/gnupg2/distinfo
    pathrev: pkgsrc/security/gnupg2/distinfo@1.34
    type: modified
  id: 20150221T090853Z.30746722270137a6787bdb26e4c2dbf3c10395a6
  log: |
    Update to 2.0.27:

    Noteworthy changes in version 2.0.27 (2015-02-18)
    -------------------------------------------------

     * gpg: Detect faulty use of --verify on detached signatures.

     * gpg: New import option "keep-ownertrust".

     * gpg: Uses SHA-256 for all signature types also on RSA keys.

     * gpg: Added support for algo names when generating keys using the
       --command-fd method.

     * gpg: Unless --allow-weak-digest-algos is used the insecure MD5
       based fingerprints are shown as all zeroe

     * gpg: Fixed DoS based on bogus and overlong key packets.

     * gpg: Better error reporting for keyserver problems.

     * Fixed several bugs related to bogus keyrings and improved some
       other code.
  module: pkgsrc
  subject: 'CVS commit: pkgsrc/security/gnupg2'
  unixtime: '1424509733'
  user: wiz