Content-Transfer-Encoding: 7bit
Content-Type: multipart/mixed; boundary="_----------=_1528567714140770"
MIME-Version: 1.0
Date: Sat, 9 Jun 2018 18:08:34 +0000
From: "Leonardo Taccari" <leot@netbsd.org>
Subject: CVS commit: pkgsrc/security/gnupg2
To: pkgsrc-changes@NetBSD.org
Reply-To: leot@netbsd.org
Message-Id: <20180609180834.7AF64FBEC@cvs.NetBSD.org>
Sender: pkgsrc-changes-owner@NetBSD.org
Precedence: bulk

This is a multi-part message in MIME format.

--_----------=_1528567714140770
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset="US-ASCII"

Module Name:	pkgsrc
Committed By:	leot
Date:		Sat Jun  9 18:08:34 UTC 2018

Modified Files:
	pkgsrc/security/gnupg2: Makefile distinfo

Log Message:
gnupg2: Update security/gnupg to 2.2.8

Changes:
Noteworthy changes in version 2.2.8 (2018-06-08)
------------------------------------------------
  * gpg: Decryption of messages not using the MDC mode will now lead
    to a hard failure even if a legacy cipher algorithm was used.  The
    option --ignore-mdc-error can be used to turn this failure into a
    warning.  Take care: Never use that option unconditionally or
    without a prior warning.
  * gpg: The MDC encryption mode is now always used regardless of the
    cipher algorithm or any preferences.  For testing --rfc2440 can be
    used to create a message without an MDC.
  * gpg: Sanitize the diagnostic output of the original file name in
    verbose mode.  [#4012, CVE-2018-12020]
  * gpg: Detect suspicious multiple plaintext packets in a more
    reliable way.  [#4000]
  * gpg: Fix the duplicate key signature detection code.  [#3994]
  * gpg: The options --no-mdc-warn, --force-mdc, --no-force-mdc,
    --disable-mdc and --no-disable-mdc have no more effect.
  * agent: Add DBUS_SESSION_BUS_ADDRESS and a few other envvars to the
    list of startup environment variables.  [#3947]


To generate a diff of this commit:
cvs rdiff -u -r1.89 -r1.90 pkgsrc/security/gnupg2/Makefile
cvs rdiff -u -r1.46 -r1.47 pkgsrc/security/gnupg2/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


--_----------=_1528567714140770
Content-Disposition: inline
Content-Length: 1681
Content-Transfer-Encoding: binary
Content-Type: text/x-diff; charset=us-ascii

Modified files:

Index: pkgsrc/security/gnupg2/Makefile
diff -u pkgsrc/security/gnupg2/Makefile:1.89 pkgsrc/security/gnupg2/Makefile:1.90
--- pkgsrc/security/gnupg2/Makefile:1.89	Fri Jun  8 19:59:01 2018
+++ pkgsrc/security/gnupg2/Makefile	Sat Jun  9 18:08:34 2018
@@ -1,8 +1,7 @@
-# $NetBSD: Makefile,v 1.89 2018/06/08 19:59:01 jperkin Exp $
+# $NetBSD: Makefile,v 1.90 2018/06/09 18:08:34 leot Exp $
 
-DISTNAME=	gnupg-2.2.7
+DISTNAME=	gnupg-2.2.8
 PKGNAME=	${DISTNAME:S/gnupg-/gnupg2-/}
-PKGREVISION=	2
 CATEGORIES=	security
 MASTER_SITES=	ftp://ftp.gnupg.org/gcrypt/gnupg/
 EXTRACT_SUFX=	.tar.bz2

Index: pkgsrc/security/gnupg2/distinfo
diff -u pkgsrc/security/gnupg2/distinfo:1.46 pkgsrc/security/gnupg2/distinfo:1.47
--- pkgsrc/security/gnupg2/distinfo:1.46	Fri May  4 06:08:40 2018
+++ pkgsrc/security/gnupg2/distinfo	Sat Jun  9 18:08:34 2018
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.46 2018/05/04 06:08:40 adam Exp $
+$NetBSD: distinfo,v 1.47 2018/06/09 18:08:34 leot Exp $
 
-SHA1 (gnupg-2.2.7.tar.bz2) = e222cda63409a86992369df8976f6c7511e10ea0
-RMD160 (gnupg-2.2.7.tar.bz2) = 25c9cbbce869b442063e9a812d791046561c6861
-SHA512 (gnupg-2.2.7.tar.bz2) = f858b275876d38b9d3a60e5428574f1008a73a948f67a2fa43bcf1970a5dbb60ec3f0e2b2271243229465eb9b22124e216894f0b3d72004acf3ed0c3481da33d
-Size (gnupg-2.2.7.tar.bz2) = 6631100 bytes
+SHA1 (gnupg-2.2.8.tar.bz2) = d87553a125832ea90e8aeb3ceeecf24f88de56fb
+RMD160 (gnupg-2.2.8.tar.bz2) = 200fc5ee2f8c25ca1ce9c7ac10f7479bc4f30406
+SHA512 (gnupg-2.2.8.tar.bz2) = 24271ec2663b941ed5e72e2179b48ac73d5cd838292aa9d4954952b11713f4b466f30e6af632b22c9e7c284350e300a07046d41d0ab73dcbd1639b303cd09007
+Size (gnupg-2.2.8.tar.bz2) = 6632465 bytes


--_----------=_1528567714140770--