Permalink
Name already in use
A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
bee-files/gnupg.be0
Go to fileThis commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Announcement [1]: > [Announce] Security fixes for Libgcrypt and GnuPG 1.4 [CVE-2016-6316] > > Hello! > > The GnuPG Project is pleased to announce the availability of new > Libgcrypt and GnuPG versions to *fix a critical security problem*. > > Felix Dörre and Vladimir Klebanov from the Karlsruhe Institute of > Technology found a bug in the mixing functions of Libgcrypt's random > number generator: An attacker who obtains 4640 bits from the RNG can > trivially predict the next 160 bits of output. This bug exists since > 1998 in all GnuPG and Libgcrypt versions. > > > Impact > ====== > All Libgcrypt and GnuPG versions released before 2016-08-17 are affected > on all platforms. > > A first analysis on the impact of this bug in GnuPG shows that existing > RSA keys are not weakened. For DSA and Elgamal keys it is also unlikely > that the private key can be predicted from other public information. > This needs more research and I would suggest _not to_ overhasty revoke > keys. > > > Solution > ======== > If you are using a vendor supplied version of GnuPG or Libgcrypt: > > * Wait for an update from your vendor. > > If you are using a GnuPG-2 version (2.0.x or 2.1.x): > > * Update Libgcrypt. We have released these fixed versions of > Libgcrypt: 1.7.3, 1.6.6, and 1.5.6. See below for download > information. > > If you are using GnuPG-1 version (1.4.x): > > * Update as soon as possible to GnuPG 1.4.21. See below for download > information. Tested on *keineahnung*. ``` $ gpg --version gpg (GnuPG) 1.4.21 Copyright (C) 2015 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Home: ~/.gnupg Supported algorithms: Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH, CAMELLIA128, CAMELLIA192, CAMELLIA256 Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224 Compression: Uncompressed, ZIP, ZLIB, BZIP2 ``` [1] https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html
executable file
85 lines (65 sloc)
2.54 KB
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env beesh | |
| # BEE_VERSION gnupg-1.4.21-0 | |
| ## this file was created by bee init and should be executed to build a | |
| ## bee-package. (Additional hints are located at the end of this file.) | |
| ############################################################################### | |
| ## The source URL(s) define the location of the sources that will be | |
| ## downloaded. Version variables may be used to simplify reuse of this bee-file. | |
| SRCURL[0]="https://www.gnupg.org/ftp/gcrypt/gnupg/gnupg-${PKGVERSION}.tar.bz2" | |
| ############################################################################### | |
| ## Add URLs/pathes to patch files to the PATCHURL array. | |
| ## The sources will be patched in the order of the array. | |
| # PATCHURL+=() | |
| ############################################################################### | |
| ## Add filename patterns to the EXCLUDE array of files that should not | |
| ## be added to you package but may be present in the image directory. | |
| # EXCLUDE+=() | |
| ############################################################################### | |
| ## Uncomment the next statement, if the software may not be able to be built | |
| ## outside the source directory and needs to be built inside the source | |
| ## directory. | |
| # build_in_sourcedir | |
| ############################################################################### | |
| ## bee cannot detect buildtypes specified in subdirectories. | |
| ## Sometimes packages "hide" the real sources in a subdirectory named | |
| ## 'src' or 'cmake' or .. | |
| ## use 'sourcesubdir_append' to specify this directory if known. | |
| # sourcesubdir_append src | |
| ############################################################################### | |
| ## Change the default (auto-detected) steps to | |
| ## extract, patch, configure/setup, build and install the software. | |
| ## Make sure the mee_install function does install everything to the | |
| ## image directory "${D}" | |
| #mee_extract() { | |
| # bee_extract "${@}" | |
| #} | |
| #mee_patch() { | |
| # bee_patch "${@}" | |
| #} | |
| #mee_configure() { | |
| # bee_configure | |
| #} | |
| #mee_build() { | |
| # bee_build | |
| #} | |
| #mee_install() { | |
| # bee_install | |
| #} | |
| ## by default this may be 'make install DESTDIR="${D}"' | |
| ############################################################################### | |
| ## | |
| ## Additional hints: | |
| ## | |
| ## The name of this bee-file should follow the following naming convention: | |
| ## pkgname-pkgversion-pkgrevision.bee | |
| ## | |
| ## You may remove all comments as long as SRCURL[0] is set. | |
| ## | |
| ## Everything in this file will be executed in a bash environment. | |
| ## | |
| ## Build the package by executing | |
| ## './pkg-version-N.bee' or | |
| ## 'beesh ./pkg-version-N.bee' | |
| ## | |
| ## see http://beezinga.org/ | |
| ## |