head 1.39; access; symbols pkgsrc-2023Q4:1.39.0.18 pkgsrc-2023Q4-base:1.39 pkgsrc-2023Q3:1.39.0.16 pkgsrc-2023Q3-base:1.39 pkgsrc-2023Q2:1.39.0.14 pkgsrc-2023Q2-base:1.39 pkgsrc-2023Q1:1.39.0.12 pkgsrc-2023Q1-base:1.39 pkgsrc-2022Q4:1.39.0.10 pkgsrc-2022Q4-base:1.39 pkgsrc-2022Q3:1.39.0.8 pkgsrc-2022Q3-base:1.39 pkgsrc-2022Q2:1.39.0.6 pkgsrc-2022Q2-base:1.39 pkgsrc-2022Q1:1.39.0.4 pkgsrc-2022Q1-base:1.39 pkgsrc-2021Q4:1.39.0.2 pkgsrc-2021Q4-base:1.39 pkgsrc-2021Q3:1.37.0.10 pkgsrc-2021Q3-base:1.37 pkgsrc-2021Q2:1.37.0.8 pkgsrc-2021Q2-base:1.37 pkgsrc-2021Q1:1.37.0.6 pkgsrc-2021Q1-base:1.37 pkgsrc-2020Q4:1.37.0.4 pkgsrc-2020Q4-base:1.37 pkgsrc-2020Q3:1.37.0.2 pkgsrc-2020Q3-base:1.37 pkgsrc-2020Q2:1.36.0.10 pkgsrc-2020Q2-base:1.36 pkgsrc-2020Q1:1.36.0.6 pkgsrc-2020Q1-base:1.36 pkgsrc-2019Q4:1.36.0.8 pkgsrc-2019Q4-base:1.36 pkgsrc-2019Q3:1.36.0.4 pkgsrc-2019Q3-base:1.36 pkgsrc-2019Q2:1.36.0.2 pkgsrc-2019Q2-base:1.36 pkgsrc-2019Q1:1.35.0.2 pkgsrc-2019Q1-base:1.35 pkgsrc-2018Q4:1.33.0.8 pkgsrc-2018Q4-base:1.33 pkgsrc-2018Q3:1.33.0.6 pkgsrc-2018Q3-base:1.33 pkgsrc-2018Q2:1.33.0.4 pkgsrc-2018Q2-base:1.33 pkgsrc-2018Q1:1.33.0.2 pkgsrc-2018Q1-base:1.33 pkgsrc-2017Q4:1.32.0.6 pkgsrc-2017Q4-base:1.32 pkgsrc-2017Q3:1.32.0.4 pkgsrc-2017Q3-base:1.32 pkgsrc-2017Q2:1.30.0.6 pkgsrc-2017Q2-base:1.30 pkgsrc-2017Q1:1.30.0.4 pkgsrc-2017Q1-base:1.30 pkgsrc-2016Q4:1.30.0.2 pkgsrc-2016Q4-base:1.30 pkgsrc-2016Q3:1.29.0.2 pkgsrc-2016Q3-base:1.29 pkgsrc-2016Q2:1.28.0.2 pkgsrc-2016Q2-base:1.28 pkgsrc-2016Q1:1.26.0.2 pkgsrc-2016Q1-base:1.26 pkgsrc-2015Q4:1.25.0.2 pkgsrc-2015Q4-base:1.25 pkgsrc-2015Q3:1.24.0.2 pkgsrc-2015Q3-base:1.24 pkgsrc-2015Q2:1.23.0.2 pkgsrc-2015Q2-base:1.23 pkgsrc-2015Q1:1.22.0.2 pkgsrc-2015Q1-base:1.22 pkgsrc-2014Q4:1.21.0.2 pkgsrc-2014Q4-base:1.21 pkgsrc-2014Q3:1.19.0.2 pkgsrc-2014Q3-base:1.19 pkgsrc-2014Q2:1.17.0.2 pkgsrc-2014Q2-base:1.17 pkgsrc-2014Q1:1.15.0.2 pkgsrc-2014Q1-base:1.15 pkgsrc-2013Q4:1.14.0.18 pkgsrc-2013Q4-base:1.14 pkgsrc-2013Q3:1.14.0.16 pkgsrc-2013Q3-base:1.14 pkgsrc-2013Q2:1.14.0.14 pkgsrc-2013Q2-base:1.14 pkgsrc-2013Q1:1.14.0.12 pkgsrc-2013Q1-base:1.14 pkgsrc-2012Q4:1.14.0.10 pkgsrc-2012Q4-base:1.14 pkgsrc-2012Q3:1.14.0.8 pkgsrc-2012Q3-base:1.14 pkgsrc-2012Q2:1.14.0.6 pkgsrc-2012Q2-base:1.14 pkgsrc-2012Q1:1.14.0.4 pkgsrc-2012Q1-base:1.14 pkgsrc-2011Q4:1.14.0.2 pkgsrc-2011Q4-base:1.14 pkgsrc-2011Q3:1.13.0.14 pkgsrc-2011Q3-base:1.13 pkgsrc-2011Q2:1.13.0.12 pkgsrc-2011Q2-base:1.13 pkgsrc-2011Q1:1.13.0.10 pkgsrc-2011Q1-base:1.13 pkgsrc-2010Q4:1.13.0.8 pkgsrc-2010Q4-base:1.13 pkgsrc-2010Q3:1.13.0.6 pkgsrc-2010Q3-base:1.13 pkgsrc-2010Q2:1.13.0.4 pkgsrc-2010Q2-base:1.13 pkgsrc-2010Q1:1.13.0.2 pkgsrc-2010Q1-base:1.13 pkgsrc-2009Q4:1.12.0.2 pkgsrc-2009Q4-base:1.12 pkgsrc-2009Q3:1.11.0.2 pkgsrc-2009Q3-base:1.11 pkgsrc-2009Q2:1.10.0.4 pkgsrc-2009Q2-base:1.10 pkgsrc-2009Q1:1.10.0.2 pkgsrc-2009Q1-base:1.10 pkgsrc-2008Q4:1.9.0.10 pkgsrc-2008Q4-base:1.9 pkgsrc-2008Q3:1.9.0.8 pkgsrc-2008Q3-base:1.9 cube-native-xorg:1.9.0.6 cube-native-xorg-base:1.9 pkgsrc-2008Q2:1.9.0.4 pkgsrc-2008Q2-base:1.9 cwrapper:1.9.0.2 pkgsrc-2008Q1:1.8.0.4 pkgsrc-2008Q1-base:1.8 pkgsrc-2007Q4:1.8.0.2 pkgsrc-2007Q4-base:1.8 pkgsrc-2007Q3:1.7.0.4 pkgsrc-2007Q3-base:1.7 pkgsrc-2007Q2:1.7.0.2 pkgsrc-2007Q2-base:1.7 pkgsrc-2007Q1:1.6.0.2 pkgsrc-2007Q1-base:1.6 pkgsrc-2006Q4:1.5.0.2 pkgsrc-2006Q4-base:1.5 pkgsrc-2006Q3:1.4.0.2 pkgsrc-2006Q3-base:1.4 pkgsrc-2006Q2:1.3.0.2 pkgsrc-2006Q2-base:1.3 pkgsrc-2006Q1:1.1.1.1.0.2 pkgsrc-2006Q1-base:1.1.1.1 pkgsrc-base:1.1.1.1 TNF:1.1.1; locks; strict; comment @# @; 1.39 date 2021.10.26.11.17.01; author nia; state Exp; branches; next 1.38; commitid PNswNV9GDLZeojeD; 1.38 date 2021.10.07.14.53.44; author nia; state Exp; branches; next 1.37; commitid nfjKlj1wTplMcTbD; 1.37 date 2020.07.17.23.44.00; author wiz; state Exp; branches; next 1.36; commitid slzOvs2zcO0xvugC; 1.36 date 2019.05.21.19.29.52; author wiz; state Exp; branches; next 1.35; commitid MaOZkr0eYDjnH6oB; 1.35 date 2019.03.20.15.44.51; author wiz; state Exp; branches; next 1.34; commitid 6YInU7uFLHQIr7gB; 1.34 date 2019.02.13.19.57.11; author wiz; state Exp; branches; next 1.33; commitid VIzMrXCsoaX3YDbB; 1.33 date 2018.02.11.16.06.42; author wiz; state Exp; branches; next 1.32; commitid mgC3KAkAS9AnusqA; 1.32 date 2017.09.02.18.15.42; author tron; state Exp; branches; next 1.31; commitid 1Cr0D0r44XWlpE5A; 1.31 date 2017.08.14.20.48.02; author wiz; state Exp; branches; next 1.30; commitid cezZRRAA8rLyRd3A; 1.30 date 2016.10.09.20.57.05; author wiz; state Exp; branches; next 1.29; commitid 5RWdKhx19YTwQvpz; 1.29 date 2016.08.24.10.45.38; author wiz; state Exp; branches; next 1.28; commitid wOneuNmAuDpqWxjz; 1.28 date 2016.05.05.20.07.36; author tron; state Exp; branches; next 1.27; commitid hzp3gwXh4007Ck5z; 1.27 date 2016.05.05.11.15.57; author wiz; state Exp; branches; next 1.26; commitid F2ukVkHqltOXFh5z; 1.26 date 2015.12.27.21.32.14; author wiz; state Exp; branches; next 1.25; commitid U9SQ36QiUDlvgDOy; 1.25 date 2015.11.04.01.17.42; author agc; state Exp; branches; next 1.24; commitid agUNgZr58GM2fIHy; 1.24 date 2015.08.14.20.07.34; author wiz; state Exp; branches; next 1.23; commitid pB8hh6r4VERu8hxy; 1.23 date 2015.04.19.18.41.48; author wiz; state Exp; branches; next 1.22; commitid fJH9zeBCcZxcqeiy; 1.22 date 2015.01.04.23.15.19; author wiz; state Exp; branches; next 1.21; commitid LEv58QlQxGkkjL4y; 1.21 date 2014.11.19.12.43.36; author wiz; state Exp; branches; next 1.20; commitid dmBRv4i7d01liNYx; 1.20 date 2014.10.12.14.48.20; author wiz; state Exp; branches; next 1.19; commitid 1bDBbRGpGsMQcVTx; 1.19 date 2014.08.31.21.40.54; author wiz; state Exp; branches; next 1.18; commitid qkbD9SrFuDd3QyOx; 1.18 date 2014.07.22.11.23.11; author wiz; state Exp; branches; next 1.17; commitid EbC3cT3zaJjQHmJx; 1.17 date 2014.05.20.08.27.47; author wiz; state Exp; branches; next 1.16; commitid cWlfFDsky8xgLfBx; 1.16 date 2014.04.18.20.11.18; author wiz; state Exp; branches; next 1.15; commitid baYTDDMRdEBoGcxx; 1.15 date 2014.02.03.16.48.21; author wiz; state Exp; branches; next 1.14; commitid lBWcPusqjKUdWFnx; 1.14 date 2011.11.28.16.36.57; author wiz; state Exp; branches; next 1.13; 1.13 date 2010.02.16.11.29.42; author wiz; state Exp; branches; next 1.12; 1.12 date 2009.10.31.00.20.24; author wiz; state Exp; branches; next 1.11; 1.11 date 2009.07.10.12.30.25; author tron; state Exp; branches; next 1.10; 1.10 date 2009.03.01.15.02.02; author wiz; state Exp; branches; next 1.9; 1.9 date 2008.04.13.22.26.34; author wiz; state Exp; branches; next 1.8; 1.8 date 2007.11.30.17.22.20; author wiz; state Exp; branches; next 1.7; 1.7 date 2007.06.10.21.27.11; author tonio; state Exp; branches; next 1.6; 1.6 date 2007.01.15.21.34.43; author tonio; state Exp; branches; next 1.5; 1.5 date 2006.10.13.21.01.36; author tonio; state Exp; branches; next 1.4; 1.4 date 2006.08.16.09.53.49; author tonio; state Exp; branches; next 1.3; 1.3 date 2006.05.12.14.47.30; author tonio; state Exp; branches; next 1.2; 1.2 date 2006.05.06.12.40.44; author tonio; state Exp; branches; next 1.1; 1.1 date 2006.03.07.12.22.21; author ghen; state Exp; branches 1.1.1.1; next ; 1.1.1.1 date 2006.03.07.12.22.21; author ghen; state Exp; branches; next ; desc @@ 1.39 log @security: Replace RMD160 checksums with BLAKE2s checksums All checksums have been double-checked against existing RMD160 and SHA512 hashes Unfetchable distfiles (fetched conditionally?): ./security/cyrus-sasl/distinfo cyrus-sasl-dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d.patch.v2 @ text @$NetBSD: distinfo,v 1.38 2021/10/07 14:53:44 nia Exp $ BLAKE2s (signing-party_2.11.orig.tar.gz) = f43b008bbfc505d3f6a42f0c8004817ce9de143da0228a0bbbab97dbe2b2e81d SHA512 (signing-party_2.11.orig.tar.gz) = 9a34bde415bf779859b48eaab12e5c6a1a3f08d0292cd5cd691518e398fe40a73b878926d3ea1ef12ccca40179933478d03ec16ec4d9200fb726aaade541505d Size (signing-party_2.11.orig.tar.gz) = 224706 bytes SHA1 (patch-Makefile) = f518793a14adb3ac489cab86d040b40e451bc0da @ 1.38 log @security: Remove SHA1 hashes for distfiles @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.37 2020/07/17 23:44:00 wiz Exp $ d3 1 a3 1 RMD160 (signing-party_2.11.orig.tar.gz) = 58289ade13f85ec20d65d75569cdda5e774f6bee @ 1.37 log @caff: update to 2.11. Only packaging changes. @ text @d1 1 a1 1 $NetBSD$ a2 1 SHA1 (signing-party_2.11.orig.tar.gz) = 1eec3c552fabce05e78f73de66795d49f41be0d2 @ 1.36 log @caff: update to 2.10. signing-party (2.10-1) unstable; urgency=high * gpg-key2ps: Security fix for CVE-2018-15599: unsafe shell call enabling shell injection via a User ID. Use Perl's (core) module Encode.pm instead of shelling out to `iconv`. (Closes: #928256.) @ text @d3 5 a7 5 SHA1 (signing-party_2.10.orig.tar.gz) = 6baf98f21af48b3aa5b5d26a41c4a87646b7ee94 RMD160 (signing-party_2.10.orig.tar.gz) = 6ce5b02719ca25096daecfee3534c6ab3ba1d0f1 SHA512 (signing-party_2.10.orig.tar.gz) = 82e51b91c282a72e9d16d920b87560c66aeafc0219e91615ea47d2f1a5df903fb459201f34368e6fa7ea1e2d2ca46a73096f30a068c8c35322af2f3ea256b269 Size (signing-party_2.10.orig.tar.gz) = 222778 bytes SHA1 (patch-Makefile) = 81f3be64cd3595d0cd8671f994f6b7034b5da7be @ 1.35 log @caff: update to 2.9. No relevant changes. @ text @d3 4 a6 4 SHA1 (signing-party_2.9.orig.tar.gz) = 8483147f82ee81e12a81abe2d2421785b8184171 RMD160 (signing-party_2.9.orig.tar.gz) = bb577cef730a8c08c990c5b99369be56228e7cb5 SHA512 (signing-party_2.9.orig.tar.gz) = 31a0f15f679c0339753bafbac645609e9e16f3da2c5105c33e87e0f258453b3101f188398a7c1509fe5c005339289ac5465ccb18631a526d231c714f9ed61d96 Size (signing-party_2.9.orig.tar.gz) = 222606 bytes @ 1.34 log @caff: update to 2.8. signing-party (2.8-1) unstable; urgency=low [ Guilhem Moulin ] * caff: + Add the "only-sign-text-ids" to the list of gpg(1) options imported from ~/.gnupg/gpg.conf. + Ensure the terminal is "sane enough" when asking questions ('echo', 'echok', 'icanon', 'icrnl' settings are all set), and restore original settings when exit()'ing the program. (Closes: #872529) * caff, gpglist, gpgsigs: in `gpg --with-colons` output, allow signature class to be followed with an optional revocation reason. gpg(1) does that since 2.2.9. (Closes: #905097.) * caff, gpg-key2latex, gpg-key2ps, gpglist, gpgsigs, keylookup: Remove references to https://pgp-tools.alioth.debian.org/ . * caff, gpg-key2latex, gpg-key2ps, gpg-mailkeys, gpglist, gpgparticipants, gpgsigs, keylookup: Remove SVN keywords ($Id$, $Rev$, etc.) -- Guilhem Moulin Mon, 28 Jan 2019 03:05:33 +0100 @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.33 2018/02/11 16:06:42 wiz Exp $ d3 4 a6 4 SHA1 (signing-party_2.8.orig.tar.gz) = 7fa9b3f53f746f1df53d6d34b2713965e867d0d6 RMD160 (signing-party_2.8.orig.tar.gz) = eca5ea2c2f1ca54bdfcbaf057ea4b41e4d6f1d9b SHA512 (signing-party_2.8.orig.tar.gz) = 25e0696836791f03b761d9e5b53ff0c7352c6db00f7ab45199cc07430b4fdbd9c1e35f1f9ada80663f53424b19cc6907bacae6cddb62ee342a9af2f0ce3301da Size (signing-party_2.8.orig.tar.gz) = 222287 bytes @ 1.33 log @caff: update to 2.7. Bugfix release. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.32 2017/09/02 18:15:42 tron Exp $ d3 5 a7 5 SHA1 (signing-party_2.7.orig.tar.gz) = 53554389451e7153e5191d5c6472c282c8607e20 RMD160 (signing-party_2.7.orig.tar.gz) = 40ad3c463b027bb347ca8c16f6b049bf119c9eeb SHA512 (signing-party_2.7.orig.tar.gz) = d1599ca0cb2dd554b4688bc8c77f4a1dd907d00539bb11abe147300dd2184f8548ebe9fdf793e83e2956a220b1c4bf9e19bd543b77f724b0c8ea4794ac945985 Size (signing-party_2.7.orig.tar.gz) = 201320 bytes SHA1 (patch-Makefile) = 64a659cc698da2de7da600a34006254da90a158d @ 1.32 log @Fix bad merge on patch file which broke the build under macOS Sierra. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.31 2017/08/14 20:48:02 wiz Exp $ d3 4 a6 4 SHA1 (signing-party_2.6.orig.tar.gz) = 1c7be323c8fb27563713ee13feab39951a0749f9 RMD160 (signing-party_2.6.orig.tar.gz) = 1d700c835449e8cbe350c032f0ad4d9a26afaa17 SHA512 (signing-party_2.6.orig.tar.gz) = 094af9b354d958d382bf99a1f10a9f12585f85769686e3bc9b9b813016f68232775e4002c0a7accbc894c946f7532b32ee7f9b3e23d467b973041c092ba4efb9 Size (signing-party_2.6.orig.tar.gz) = 201210 bytes @ 1.31 log @Updated caff to 2.6. Bugfixes. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.30 2016/10/09 20:57:05 wiz Exp $ d7 1 a7 1 SHA1 (patch-Makefile) = 8ec25bd7aa0ec6aea0efafb673a359d0dcbc01c8 @ 1.30 log @Updated caff to 2.5. Mostly documentation fixes. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.29 2016/08/24 10:45:38 wiz Exp $ d3 5 a7 5 SHA1 (signing-party_2.5.orig.tar.gz) = 5163847c3a957bfa305ec69cf4326351ad065429 RMD160 (signing-party_2.5.orig.tar.gz) = a6685f376e816d870efb681e6561dbf1ce5ad73f SHA512 (signing-party_2.5.orig.tar.gz) = a04875bfaef791a6505134dd2530148d5e6baaa8aa5610e75d42fbf59e884fafffb5de2486425bb53e6464ff3fd35b974684d8bc85291750e4a7bd8bb82b0da3 Size (signing-party_2.5.orig.tar.gz) = 198105 bytes SHA1 (patch-Makefile) = 728bb40fa8be2f0ac63254f2e86b37ee9fa1199f @ 1.29 log @Updated caff to 2.4. signing-party (2.4-1) unstable; urgency=medium * caff, gpg-key2latex, gpgsigs: Ignore "KEY_CONSIDERED" status output emitted by gpg 2.1.13 and later. * caff, gpgsigs: Allow input produced by gpgparticipants(1) using gpg 2.1.13. With this version, key IDs are not displayed by default and the "Key fingerprint = " prefix is omitted. * caff: + Fix GnuPG version number comparison. + With GnuPG 2.1.13 or later, use gpgconf(1) to determine the socket paths. (It is not used on earlier gpg since earlier gpgconf do not support --homedir.) This fixes compatibility with GnuPG 2.1.13. (Closes: #834984) + When ~/.caff/gnupghome/gpg.conf does not exist, instead of creating a temporary file (as it's done since signing-party 2.3), parse ~/.gnup/gpg.conf and pass the GnuPG options that are known to be safe (and useful) for caff to gpg(1) using command line options. This soves the problem of lingering configuration files in case caff is killed. + Use full fingerprints internally to avoid collisions. (However $CONFIG{'keyid'} and $CONFIG{'local-users'} are kept to 64-bits key IDs as per RFC 4880 full fingerprints are not available in key signatures, and thus not exposed by `gpg --with-colons --list-sigs`.) + Automatically import the $CONFIG{'also-encrypt-to'} from the normal GnuPGHOME when possible. * d/source.lintian-overrides: Add 'debian-watch-file-is-missing' as we're upstream. * d/control: Remove Franck Joncourt from the Uploaders list per request of the MIA team. (Closes: #831321) -- Guilhem Moulin Mon, 22 Aug 2016 00:19:48 +0200 @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.28 2016/05/05 20:07:36 tron Exp $ d3 4 a6 4 SHA1 (signing-party_2.4.orig.tar.gz) = 2a3b7b79afd9508e87293a0fb216b2a454058118 RMD160 (signing-party_2.4.orig.tar.gz) = 68c939e68a4db9f1c99931d04ff3a3e30eb52b59 SHA512 (signing-party_2.4.orig.tar.gz) = 0ab18af70314839193d25053c6b3de31afba173ae70a39b84e19aad8ec4864bbd95f9b685b3bc807674310c35af2dc75145eb6eb9d03d6a0ce84ce45ac7f29c0 Size (signing-party_2.4.orig.tar.gz) = 197731 bytes @ 1.28 log @Don't attempt to build "keyanalyze" and friends. We don't install those programs anyway and it breaks the build under at least Mac OS X. After this change we also don't need various "auto*" tools during the build phase. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.27 2016/05/05 11:15:57 wiz Exp $ d3 4 a6 4 SHA1 (signing-party_2.3.orig.tar.gz) = eb65e32668e0b3fccd8c5e4d73b2aa66761a7e86 RMD160 (signing-party_2.3.orig.tar.gz) = b87a56883d8e93632e4973e73ae1d40a476a80b7 SHA512 (signing-party_2.3.orig.tar.gz) = 5c901a491a4349fd0ab92aa7358c78da141f4616572140f5a4d22f6ba7152e877d5d9734fa0b26477e7c9a49bd972b1fc3047a115f4fd868969387df572fd231 Size (signing-party_2.3.orig.tar.gz) = 196864 bytes @ 1.27 log @Updated caff to 2.3. No changelog found, but changes look like caff will take over more from the users default config. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.26 2015/12/27 21:32:14 wiz Exp $ d7 1 @ 1.26 log @Update caff to 2.2. Pattern fixes for signature recognition. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.25 2015/11/04 01:17:42 agc Exp $ d3 4 a6 5 SHA1 (signing-party_2.2.orig.tar.gz) = 8402f7a8f162df4381c5242825b6ac7b81807a8e RMD160 (signing-party_2.2.orig.tar.gz) = 147e66e54214178775e81f7fc9d99c1e0d10df42 SHA512 (signing-party_2.2.orig.tar.gz) = bf4b741364cf100f17047900e61c16a8df2f31a3143ce40de64afdb19b8ed251c716389661787988d03526ade4453e096b1d76fa51777e74d6fa84ecd2c5f09d Size (signing-party_2.2.orig.tar.gz) = 237612 bytes SHA1 (patch-keyanalyze_pgpring_configure.in) = 970a31b75721abb885cd6d7af3bad8efc73c11a2 @ 1.25 log @Add SHA512 digests for distfiles for security category Problems found locating distfiles: Package f-prot-antivirus6-fs-bin: missing distfile fp-NetBSD.x86.32-fs-6.2.3.tar.gz Package f-prot-antivirus6-ws-bin: missing distfile fp-NetBSD.x86.32-ws-6.2.3.tar.gz Package libidea: missing distfile libidea-0.8.2b.tar.gz Package openssh: missing distfile openssh-7.1p1-hpn-20150822.diff.bz2 Package uvscan: missing distfile vlp4510e.tar.Z Otherwise, existing SHA1 digests verified and found to be the same on the machine holding the existing distfiles (morden). All existing SHA1 digests retained for now as an audit trail. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.24 2015/08/14 20:07:34 wiz Exp $ d3 4 a6 4 SHA1 (signing-party_2.1.orig.tar.gz) = 021161fbb3365ded4a9c9bee0eacc870300863bd RMD160 (signing-party_2.1.orig.tar.gz) = d50a5f1e9c366d0102341e38fd4606a228d13737 SHA512 (signing-party_2.1.orig.tar.gz) = 939415b5fd5538a2a8831c7ea37f4395fd56fc216700116ab39a3d3acd6ad7239b730d43f624593c2d89292251d0fc0c443164e26be1f9643b5b410efc75d33b Size (signing-party_2.1.orig.tar.gz) = 237478 bytes @ 1.24 log @Update to 2.1: make gnupg executable configurable find out its version @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.23 2015/04/19 18:41:48 wiz Exp $ d5 1 @ 1.23 log @Update to 2.0: Allow configuring the GPG executable, improve documentation. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.22 2015/01/04 23:15:19 wiz Exp $ d3 3 a5 3 SHA1 (signing-party_2.0.orig.tar.gz) = 110fdd81e99e92ae1e27015105ca4a4d7d0be166 RMD160 (signing-party_2.0.orig.tar.gz) = 6d1bda32cd549a9c17d18e3cf3f4793153c00d57 Size (signing-party_2.0.orig.tar.gz) = 236249 bytes @ 1.22 log @Update to 1.1.12: Allow option to set subject. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.21 2014/11/19 12:43:36 wiz Exp $ d3 3 a5 3 SHA1 (signing-party_1.1.12.orig.tar.gz) = bfe0c97c097d0c682a37c98ea03cd7d47c8a7cb8 RMD160 (signing-party_1.1.12.orig.tar.gz) = 5bd05b4adfe00d683af9029dc4383be9d93c6c55 Size (signing-party_1.1.12.orig.tar.gz) = 234388 bytes @ 1.21 log @Update to 1.1.11: locale improvements. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.20 2014/10/12 14:48:20 wiz Exp $ d3 3 a5 3 SHA1 (signing-party_1.1.11.orig.tar.gz) = 97d373292b29f47a47123e0279b58b4864360780 RMD160 (signing-party_1.1.11.orig.tar.gz) = 6f765433b8e4ca5715043d71e1c958c28d61453f Size (signing-party_1.1.11.orig.tar.gz) = 233965 bytes @ 1.20 log @Update to 1.1.10: locale improvements. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.19 2014/08/31 21:40:54 wiz Exp $ d3 3 a5 3 SHA1 (signing-party_1.1.10.orig.tar.gz) = 909182aaadc2e6e7bd1edefb3722b7b97c9abd86 RMD160 (signing-party_1.1.10.orig.tar.gz) = 7dbf2c881185eb00eb48dc4c10a5b00c37ac43de Size (signing-party_1.1.10.orig.tar.gz) = 228577 bytes @ 1.19 log @Update to 1.1.9: Diff looks like perl style cleanups. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.18 2014/07/22 11:23:11 wiz Exp $ d3 3 a5 3 SHA1 (signing-party_1.1.9.orig.tar.gz) = e33e26395d6dd2b0eba727087ac4786b451101f2 RMD160 (signing-party_1.1.9.orig.tar.gz) = fca39bbb96781b387c70097943091f419f73c984 Size (signing-party_1.1.9.orig.tar.gz) = 228269 bytes @ 1.18 log @Update to 1.1.8. New keyart binary (not installed) documenation improvements. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.17 2014/05/20 08:27:47 wiz Exp $ d3 3 a5 3 SHA1 (signing-party_1.1.8.orig.tar.gz) = 58b3c94b60d3637689fd1bc7aaa2f5c1527416fb RMD160 (signing-party_1.1.8.orig.tar.gz) = b6f019c9588a4432065d59a35fb7a4acd2807613 Size (signing-party_1.1.8.orig.tar.gz) = 228408 bytes @ 1.17 log @Update to 1.1.7, changes not found. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.16 2014/04/18 20:11:18 wiz Exp $ d3 3 a5 3 SHA1 (signing-party_1.1.7.orig.tar.gz) = 8bb854eab064b67740a23c44c1bb2eb497d9fdeb RMD160 (signing-party_1.1.7.orig.tar.gz) = 2608c87010a273cce9cc52f217c4f6e362c33c64 Size (signing-party_1.1.7.orig.tar.gz) = 220479 bytes @ 1.16 log @Update to 1.1.6, changes not found. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.15 2014/02/03 16:48:21 wiz Exp $ d3 3 a5 3 SHA1 (signing-party_1.1.6.orig.tar.gz) = b39aa742fc24766c92753953fd2295fe40b3e144 RMD160 (signing-party_1.1.6.orig.tar.gz) = 8bf7992c66e54d33f4e1c7c9724fbd953c95ff42 Size (signing-party_1.1.6.orig.tar.gz) = 220552 bytes @ 1.15 log @Update to 1.1.5: bugfixes, e.g. for perl-5.18 compat. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.14 2011/11/28 16:36:57 wiz Exp $ d3 4 a6 3 SHA1 (signing-party_1.1.5.orig.tar.gz) = 79b4aae0b8c23adda8a6438138154f3fb8d348ea RMD160 (signing-party_1.1.5.orig.tar.gz) = e1bb708697b83dc20dafbc3621b56796ecc46e27 Size (signing-party_1.1.5.orig.tar.gz) = 230579 bytes @ 1.14 log @Update to 1.1.4: signing-party (1.1.4-1) unstable; urgency=low . [ Thijs Kinkhorst ] * caff: + Correct path of ~/.caffrc in informational messages (Closes: #582603). + Be more verbose on unexpected key ID (Closes: #645792). * gpg-key2ps: + Apply patch from Uwe Kleine-König to deal with latin1 characters (Closes: #596377). . [ Franck Joncourt ] * gpg-mailkeys: + Correct path of ~/.gpg-mailkeysrc and ~/.signature in manpage. + Add new environment variable SENDMAIL_ARGS to allow user to pass arguments to sendmail (closes: #599409). * caff: + Refactor import of own key and import for keys to sign from keyrings. + Also automatically import keys to sign from the user's normal gpg keyrings. + Use --no-auto-check-trustdb when importing keys from files or the user's normal gpg keyrings (closes: #539643). . [ Peter Palfrader ] * caff: + manpage: Refer to all of /usr/share/doc/signing-party/caff/ and not just to /usr/share/doc/signing-party/caff/caffrc.sample (closes: #568052). + Fix horrible &function calls used because of broken prototypes. + Even if all keys to sign were found in the user's normal gpg keyrings we still need to import them (again) from any keyrings passed with --key-files - the keys there might be newer, containing new subkeys (for encryption), uids (for signing) or revocations. + Make importing of keys to be signed from the normal gpg optional (--keys-from-gnupg). + refactor copying of command line options into global config variable. + Create the mail files in ~/.caff/keys even if mail is not sent (closes: #590666). @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.13 2010/02/16 11:29:42 wiz Exp $ d3 3 a5 3 SHA1 (signing-party_1.1.4.orig.tar.gz) = 092b7d644b7a8a8d2e82fd6ddb453ca58020ed31 RMD160 (signing-party_1.1.4.orig.tar.gz) = fb7024f00b2c9f192004a8fa649d6122551f2471 Size (signing-party_1.1.4.orig.tar.gz) = 230259 bytes @ 1.13 log @Update to 1.1.3: * keylookup: + Fixed typo noticed by lintian in manpage keylookup.1. * caff: + Set the Sender header with the email address which is used for the From header. This overrides the default value which was set by the MIME::Entity Perl module based on the local hostname. (Closes: #556782) @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.12 2009/10/31 00:20:24 wiz Exp $ d3 3 a5 3 SHA1 (signing-party_1.1.3.orig.tar.gz) = 072c306e8c63e205aff07b6c4165140a7d59cdba RMD160 (signing-party_1.1.3.orig.tar.gz) = cfbc658854e0e9f562bd31221eaa0e1a25bcb742 Size (signing-party_1.1.3.orig.tar.gz) = 223459 bytes @ 1.12 log @Update to 1.1.2: * gpgsigs: + Added patch from Roland Rosenfeld to support RIPEMD160 checksum. (Closes: #533747). + Updated man page to mention support for SHA256 and RIPEMD160 checksum. + Made removal of nonexistent photos quiet by the use of the force option. + Updated generated tex file in latex mode so that it uses the grffile package. This allows pdflatex to process our tex file assuming the photos are previously converted to PDF. (Closes: #542478) * caff: Updated check for the local-user keyids. + Moved the current check to a new function get_local_user_keys(). + Warned the user if a local-user keyid is not listed as a keyid in ./caffrc. (Closes: #540165). * gpgdir: New upstream release. * gpg-mailkeys: + The charset for the text of the message is deduced from the charset used by ~/.gpg-mailkeysrc and ~/.signature. The text message is encoded in quoted printable and thus it requires a new dependency on qprint in debian/control. (Closes: #545186) + Mentionned both the .gpg-mailkeysrc and .signature files in the manpage. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.11 2009/07/10 12:30:25 tron Exp $ d3 3 a5 3 SHA1 (signing-party_1.1.2.orig.tar.gz) = 353a260510c7c12df80441145a85db8d93574291 RMD160 (signing-party_1.1.2.orig.tar.gz) = e6cf9e892b6946d4ce6d68c2ff0490467a7354b9 Size (signing-party_1.1.2.orig.tar.gz) = 223410 bytes @ 1.11 log @Update the "caff" package to version 1.1.1. The changes are undocumented. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.10 2009/03/01 15:02:02 wiz Exp $ d3 3 a5 3 SHA1 (signing-party_1.1.1.orig.tar.gz) = 543c4e84296b172ed02e5617523ba736ef384656 RMD160 (signing-party_1.1.1.orig.tar.gz) = 7169d234aed22c2a91f7328baaa5944704c64df6 Size (signing-party_1.1.1.orig.tar.gz) = 222086 bytes @ 1.10 log @Update to 1.1, changes undocumented. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.9 2008/04/13 22:26:34 wiz Exp $ d3 3 a5 3 SHA1 (signing-party_1.1.orig.tar.gz) = e3567c9d111590389ef557f3876cca27b0d64b7c RMD160 (signing-party_1.1.orig.tar.gz) = 5914702388876d8f5c2633620c430a7922764640 Size (signing-party_1.1.orig.tar.gz) = 221910 bytes @ 1.9 log @Update to 1.0: Ignore temporary build files make make install install stuff. Bump NEWS.Debian. Proposed solution for #462897: unconditionally sync keys between normal gnupg home and caff gnupg home on startup, to cope with changed keys. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.8 2007/11/30 17:22:20 wiz Exp $ d3 3 a5 3 SHA1 (signing-party_1.0.orig.tar.gz) = caffdd9f48cf0b2d3c5651ed1f6845e5cac56c67 RMD160 (signing-party_1.0.orig.tar.gz) = 35bb353c239447fac4974c0906e24667cf55f16e Size (signing-party_1.0.orig.tar.gz) = 63552 bytes @ 1.8 log @Update to 0.4.13: Changes unknown. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.7 2007/06/10 21:27:11 tonio Exp $ d3 3 a5 3 SHA1 (signing-party_0.4.13.orig.tar.gz) = ddd01d6008ebbd24252f07e654926555e07e7b6f RMD160 (signing-party_0.4.13.orig.tar.gz) = 012e27a847711bbb128939c1c1d3c95aa0afff47 Size (signing-party_0.4.13.orig.tar.gz) = 46886 bytes @ 1.7 log @Update security/caff to 0.4.10 signing-party (0.4.10-1) unstable; urgency=low * caff: + Fix syntax error in example config variables (Closes: #413020). + Fix perl warnings when calling pgp-fixkey with unknown keyid or with empty signature create date. * gpg-key2ps: + Add '-1' option to only display one column of slips, for extra wide keys (Closes: #399474). * keylookup: + Fix perl warnings caused by empty lines from gpg output. * Drop transitional and now obsolete keylookup package. * Remove no longer needed dependency on mailx. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.6 2007/01/15 21:34:43 tonio Exp $ d3 3 a5 3 SHA1 (signing-party_0.4.10.orig.tar.gz) = e29104086553f3eb5f4aeb8d06a276dab376a0d0 RMD160 (signing-party_0.4.10.orig.tar.gz) = 0753d673e95c55eb1a50f874cd4190daebd8458a Size (signing-party_0.4.10.orig.tar.gz) = 44311 bytes @ 1.6 log @Update security/caff to 0.4.9 Changelog: * caff: + Fix a bug with checking if we have exactly one or more keys that failed downloading. + Mention in manpage that keyserver-options is a useful setting in .caff/gnupghome/gpg.conf (Closes: #392811). + q-p-encode From: header (Closes: #366745). @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.5 2006/10/13 21:01:36 tonio Exp $ d3 3 a5 3 SHA1 (signing-party_0.4.9.orig.tar.gz) = 353aadfb48a3a0293279acb144b32c9a8bfc75c3 RMD160 (signing-party_0.4.9.orig.tar.gz) = d5cc2e9ed1e2c32f1dff23bdc9588869f99f5be5 Size (signing-party_0.4.9.orig.tar.gz) = 44741 bytes @ 1.5 log @Update security/caff to 0.4.8 Changelog: * gpglist: do not die with with-fingerprint (Closes: #382019). * gpg-key2ps: add --list-key to gpg call (works around #382794). * caff: when set, use $ENV{'GNUPGHOME'} to find secring.gpg. Suggested by Gerfried Fuchs. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.4 2006/08/16 09:53:49 tonio Exp $ d3 3 a5 3 SHA1 (signing-party_0.4.8.orig.tar.gz) = 5fc53581ecc4a7e850edb1d851249ff7e8ba0f7f RMD160 (signing-party_0.4.8.orig.tar.gz) = df5fa14884d226b689102a5edb33b8c5df11ae8e Size (signing-party_0.4.8.orig.tar.gz) = 44727 bytes @ 1.4 log @Update security/caff to 0.4.7 From debian changelog: signing-party (0.4.7-1) unstable; urgency=low * gpg-mailkeys: use right content-type for attached key, thanks Wesley Landaker * gpgsigs: recognize rvk (revoker), found in ksp-dc6.txt. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.3 2006/05/12 14:47:30 tonio Exp $ d3 3 a5 3 SHA1 (signing-party_0.4.7.orig.tar.gz) = 434ab476816e055186cf242e5c9c766b787cdb65 RMD160 (signing-party_0.4.7.orig.tar.gz) = 2b53d371816705547d4c8bc7234077225d42efd6 Size (signing-party_0.4.7.orig.tar.gz) = 44500 bytes @ 1.3 log @Update security/caff to 0.4.6 Remove the hostname subst, since it was fixed upstream Changelog: caff: - try hostname without -f first to be compatible with BSD - make local-user a config option, and let it accept a list of keyids pkg-clean: - add option to allow importing subkeys @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.2 2006/05/06 12:40:44 tonio Exp $ d3 3 a5 3 SHA1 (signing-party_0.4.6.orig.tar.gz) = 9519f24050eec62e571a9a653326e640242bada5 RMD160 (signing-party_0.4.6.orig.tar.gz) = d377631a9c68ab41f90da9b161be9163680b776f Size (signing-party_0.4.6.orig.tar.gz) = 44523 bytes @ 1.2 log @Update security/caff to 0.4.5 Changelog: * Update FSF addresses. * caff: tweak documentation. * caff: note that mailed keys are encrypted (suggested by Sune Vuorela). * caff: You can now specify additional arguments to pass to the send method of Mail::Mailer. This allows you to send mails via SMTP and use authentication for instance. Thanks to Martin von Gagern. * gpg-key2ps, keylookup: make them less dependent on specific installation paths and thus better portable outside of Debian (Closes: #354142). @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.1.1.1 2006/03/07 12:22:21 ghen Exp $ d3 3 a5 3 SHA1 (signing-party_0.4.5.orig.tar.gz) = 6600c8977111e0a319e83a409b8a5faebd190dd0 RMD160 (signing-party_0.4.5.orig.tar.gz) = a0987d70de0d53bceec78fe02dd6f21735ea7f39 Size (signing-party_0.4.5.orig.tar.gz) = 43670 bytes @ 1.1 log @Initial revision @ text @d1 1 a1 1 $NetBSD$ d3 3 a5 3 SHA1 (signing-party_0.4.4.orig.tar.gz) = 9203a9bb9ab1d86763c1f189ff648e115ef5ea25 RMD160 (signing-party_0.4.4.orig.tar.gz) = d6296a6659d4459effd4592cf44ad6467b9f973d Size (signing-party_0.4.4.orig.tar.gz) = 42499 bytes @ 1.1.1.1 log @Import caff from the Debian PGP Tools. caff is a script that helps you in keysigning. It takes a list of keyids on the command line, fetches them from a keyserver and calls GnuPG so that you can sign it. It then mails each key to all its email addresses - only including the one UID that we send to in each mail. Features: * Easy to setup. * Attaches only the very UID that we send to in the mail. * Prunes the key from all signatures that are not self sigs and not done by you, thereby greatly reducing the size of mails. * Sends the mail encrypted if possible, will warn before sending unencrypted mail (sign only keys) * Creates proper PGP MIME messages. * Uses separate GNUPGHOME for all its operations. @ text @@