Changes:
- src/sexp.c (do_vsexp_sscan): Return error for invalid args.
- cipher/md.c (_gcry_md_info): Fix a segv in case of calling
with wrong parameters.
- cipher/primegen.c (_gcry_generate_elg_prime): Change to return an
error code, possible NULL deref in call to prime generator.
- cipher/dsa.c (generate): Take care of new return code.
- cipher/elgamal.c (generate): Change to return an error code. Take
care of _gcry_generate_elg_prime return code.
- ecc: Support the non-standard 0x40 compression flag for EdDSA.
- mpi: Extend the internal mpi_get_buffer.
- mpi: Fix regression for powerpc-apple-darwin detection.
- Fix bug inhibiting the use of the sentinel attribute in src/gcrypt.h.in
- Fix building for the x32 target without asm modules in
mpi/generic/mpi-asm-defs.h: Use a fixed value for the x32 ABI.
- Fix ARM assembly when building __PIC__
- mpi: Fix a subtle bug setting spurious bits with in mpi_set_bit.
* mpi/mpi-bit.c (_gcry_mpi_set_bit, _gcry_mpi_set_highbit): Clear
allocated but not used bits before resizing.
* tests/t-mpi-bits.c (set_bit_with_resize): New.
- Use internal malloc function in fips.c.
* src/fips.c (check_binary_integrity): s/gcry_malloc/xtrymalloc/.
- pubkey: Re-map all deprecated RSA algo numbers.
- cipher: Fix possible NULL dereference in cipher/md.c for being NULL.
- Fix ARMv6 detection when CFLAGS modify target CPU architecture.
PR: 193264
Approved by: cpm@fbsd.es (maintainer)
- Update to 1.6.1
- Remove some unneeded patches
- Fix pkg-plist
- report configure bug upstream
https://bugs.g10code.com/gnupg/issue1668
- report API breakage downstream and find that MacPorts had the same issue
https://rt.cpan.org/Ticket/Display.html?id=97201
- bump PORTREVISION for dependent ports (approx. 100 ports)
- Thanks to exp-run by antoine@ to find ports that break
- patch ports that would otherwise break
security/shishi with PR 192164 is already committed
[1] devel/ccrtp
[2] editors/abiword
[3] security/p5-Crypt-GCrypt
PR: 191256, 192162 [1], 192163 [2], 192166 [3]
Submitted by: Carlos Jacobo Puga Medina <cjpugmed@gmail.com>
Approved by: maintainer timeout, antoine (exp-run), portmgr (implicit)
The affected ports are the ones with gettext as a run-dependency
according to ports/INDEX-7 (5007 of them) and the ones with USE_GETTEXT
in Makefile (29 of them).
PR: ports/124340
Submitted by: edwin@
Approved by: portmgr (pav)
Port changes:
* Set USE_GCC to allow build on FreeBSD 4.x
* Add WITHOUT_LIBNET knob
* Remove CC fixes, upstream makefile honours CC now
* Upgrade to 0.0.4
Upstream changes:
* Support for dropping privileges to unprivileged user
* Portability fixes
* Bug fixes
RP: ports/90722
Submitted by: Daniel Roethlisberger <daniel@roe.ch>
This is a fake IKE daemon supporting just enough of the standards and Cisco
extensions to attack commonly found insecure Cisco PSK+XAUTH VPN setups.
If you know the pre-shared key, also known as shared secret or group password,
you can impersonate the VPN gateway in IKE phase 1, and learn XAUTH user
credentials in phase 2.
PR: 90372
Submitted by: Daniel Roethlisberger <daniel@roe.ch>
