Sat Jun 9 18:08:34 2018 UTC ()
gnupg2: Update security/gnupg to 2.2.8

Changes:
Noteworthy changes in version 2.2.8 (2018-06-08)
------------------------------------------------
  * gpg: Decryption of messages not using the MDC mode will now lead
    to a hard failure even if a legacy cipher algorithm was used.  The
    option --ignore-mdc-error can be used to turn this failure into a
    warning.  Take care: Never use that option unconditionally or
    without a prior warning.
  * gpg: The MDC encryption mode is now always used regardless of the
    cipher algorithm or any preferences.  For testing --rfc2440 can be
    used to create a message without an MDC.
  * gpg: Sanitize the diagnostic output of the original file name in
    verbose mode.  [#4012, CVE-2018-12020]
  * gpg: Detect suspicious multiple plaintext packets in a more
    reliable way.  [#4000]
  * gpg: Fix the duplicate key signature detection code.  [#3994]
  * gpg: The options --no-mdc-warn, --force-mdc, --no-force-mdc,
    --disable-mdc and --no-disable-mdc have no more effect.
  * agent: Add DBUS_SESSION_BUS_ADDRESS and a few other envvars to the
    list of startup environment variables.  [#3947]


(leot)
diff -r1.89 -r1.90 pkgsrc/security/gnupg2/Makefile
diff -r1.46 -r1.47 pkgsrc/security/gnupg2/distinfo
cvs diff -r1.89 -r1.90 pkgsrc/security/gnupg2/Makefile (expand / switch to unified diff)

--- pkgsrc/security/gnupg2/Makefile 2018/06/08 19:59:01 1.89
+++ pkgsrc/security/gnupg2/Makefile 2018/06/09 18:08:34 1.90
@@ -1,18 +1,17 @@ @@ -1,18 +1,17 @@
1# $NetBSD: Makefile,v 1.89 2018/06/08 19:59:01 jperkin Exp $ 1# $NetBSD: Makefile,v 1.90 2018/06/09 18:08:34 leot Exp $
2 2
3DISTNAME= gnupg-2.2.7 3DISTNAME= gnupg-2.2.8
4PKGNAME= ${DISTNAME:S/gnupg-/gnupg2-/} 4PKGNAME= ${DISTNAME:S/gnupg-/gnupg2-/}
5PKGREVISION= 2 
6CATEGORIES= security 5CATEGORIES= security
7MASTER_SITES= ftp://ftp.gnupg.org/gcrypt/gnupg/ 6MASTER_SITES= ftp://ftp.gnupg.org/gcrypt/gnupg/
8EXTRACT_SUFX= .tar.bz2 7EXTRACT_SUFX= .tar.bz2
9 8
10MAINTAINER= ada@netbsdfr.org 9MAINTAINER= ada@netbsdfr.org
11HOMEPAGE= https://www.gnupg.org/ 10HOMEPAGE= https://www.gnupg.org/
12COMMENT= GnuPG with OpenPGP and S/MIME capabilities 11COMMENT= GnuPG with OpenPGP and S/MIME capabilities
13LICENSE= gnu-gpl-v3 12LICENSE= gnu-gpl-v3
14 13
15DEPENDS+= pinentry-[0-9]*:../../security/pinentry 14DEPENDS+= pinentry-[0-9]*:../../security/pinentry
16 15
17CONFLICTS+= dirmngr-[0-9]* 16CONFLICTS+= dirmngr-[0-9]*
18SUPERSEDES+= dirmngr-[0-9]* 17SUPERSEDES+= dirmngr-[0-9]*
cvs diff -r1.46 -r1.47 pkgsrc/security/gnupg2/distinfo (expand / switch to unified diff)

--- pkgsrc/security/gnupg2/distinfo 2018/05/04 06:08:40 1.46
+++ pkgsrc/security/gnupg2/distinfo 2018/06/09 18:08:34 1.47
@@ -1,6 +1,6 @@ @@ -1,6 +1,6 @@
1$NetBSD: distinfo,v 1.46 2018/05/04 06:08:40 adam Exp $ 1$NetBSD: distinfo,v 1.47 2018/06/09 18:08:34 leot Exp $
2 2
3SHA1 (gnupg-2.2.7.tar.bz2) = e222cda63409a86992369df8976f6c7511e10ea0 3SHA1 (gnupg-2.2.8.tar.bz2) = d87553a125832ea90e8aeb3ceeecf24f88de56fb
4RMD160 (gnupg-2.2.7.tar.bz2) = 25c9cbbce869b442063e9a812d791046561c6861 4RMD160 (gnupg-2.2.8.tar.bz2) = 200fc5ee2f8c25ca1ce9c7ac10f7479bc4f30406
5SHA512 (gnupg-2.2.7.tar.bz2) = f858b275876d38b9d3a60e5428574f1008a73a948f67a2fa43bcf1970a5dbb60ec3f0e2b2271243229465eb9b22124e216894f0b3d72004acf3ed0c3481da33d 5SHA512 (gnupg-2.2.8.tar.bz2) = 24271ec2663b941ed5e72e2179b48ac73d5cd838292aa9d4954952b11713f4b466f30e6af632b22c9e7c284350e300a07046d41d0ab73dcbd1639b303cd09007
6Size (gnupg-2.2.7.tar.bz2) = 6631100 bytes 6Size (gnupg-2.2.8.tar.bz2) = 6632465 bytes