gnupg2 2.2.35-3ubuntu1 source package in Ubuntu

Changelog

gnupg2 (2.2.35-3ubuntu1) kinetic; urgency=low

  * Merge from Debian unstable. Remaining changes:
    - Drop the gpgv-win32 test
    - Honor http_proxy= environment variables by default in the systemd
      user session dirmngr service.
      (debian/patches/dirmngr-honor-http-proxy.patch)
    - Export GPG_AGENT_INFO in the systemd-environment-generator too.
    - Don't declare diffutils as a test dependency, this package is
      essential so always installed; and the dependency declaration breaks
      cross-arch testing.
  * Dropped changes, included upstream:
    - debian/patches/CVE-2022-34903.patch: Fix garbled status messages in
      NOTATION_DATA in g10/cpr.c.

gnupg2 (2.2.35-3) unstable; urgency=high

  * fix security error from large notations (Thanks, Demi Marie Obenour)
    (Closes: #1014157)
  * Standards-Version: bump to 4.6.1 (no changes needed)
  * clean up lintian-overrides

gnupg2 (2.2.35-2) unstable; urgency=medium

  * Only enable wine32 test on i386

gnupg2 (2.2.35-1) unstable; urgency=medium

  * New upstream release.
  * refresh patches.
  * Correct handling of 256-bit Ed25519 secret keys (Closes: #1010171).
  * Building for Windows requires libgpg-error 1.45

gnupg2 (2.2.34-1) unstable; urgency=medium

  * New upstream release
  * Refresh patches.
  * ship gpg-check-pattern.1 from upstream
  * override another pedantic lintian warning

gnupg2 (2.2.27-4) unstable; urgency=medium

  [ Christoph Biedl ]
  * Remove myself from uploaders

  [ Daniel Kahn Gillmor ]
  * Replace Werner Koch's signing key
  * convert to DEP-14 branch name
  * standards-version: bump to 4.6.0 (no changes needed)
  * add upstream metadata
  * gpgv-static: fix up lintian-override
  * d/copyright: update years

 -- Steve Langasek <email address hidden>  Mon, 15 Aug 2022 18:01:56 -0700

Upload details

Uploaded by:
Steve Langasek
Uploaded to:
Kinetic
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
utils
Urgency:
Very Urgent

See full publishing history Publishing

Series Pocket Published Component Section
Kinetic release main utils

Downloads

File Size SHA-256 Checksum
gnupg2_2.2.35.orig.tar.bz2 6.9 MiB 340bc255938971e6e729b3d9956fa2ef4db8215d77693bf300df2bb302498690
gnupg2_2.2.35.orig.tar.bz2.asc 228 bytes 433176d7c36c03fcef5888248fed9209ebe87246b996e263c3b0f923ba99e137
gnupg2_2.2.35-3ubuntu1.debian.tar.xz 63.7 KiB 1975b64c4d3ccb14afd7dece1eef8629db52025200fe9319babb9ffa40e88220
gnupg2_2.2.35-3ubuntu1.dsc 3.9 KiB fe39398b66136f03d5f375e62bd2fe731f4bc48f865fe05d21bab7817fc962d4

View changes file

Binary packages built by this source

dirmngr: GNU privacy guard - network certificate management service

 dirmngr is a server for managing and downloading OpenPGP and X.509
 certificates, as well as updates and status signals related to those
 certificates. For OpenPGP, this means pulling from the public
 HKP/HKPS keyservers, or from LDAP servers. For X.509 this includes
 Certificate Revocation Lists (CRLs) and Online Certificate Status
 Protocol updates (OCSP). It is capable of using Tor for network
 access.
 .
 dirmngr is used for network access by gpg, gpgsm, and dirmngr-client,
 among other tools. Unless this package is installed, the parts of
 the GnuPG suite that try to interact with the network will fail.

dirmngr-dbgsym: debug symbols for dirmngr
gnupg: GNU privacy guard - a free PGP replacement

 GnuPG is GNU's tool for secure communication and data storage.
 It can be used to encrypt data and to create digital signatures.
 It includes an advanced key management facility and is compliant
 with the proposed OpenPGP Internet standard as described in RFC4880.
 .
 This package contains the full suite of GnuPG tools for cryptographic
 communications and data storage.

gnupg-agent: GNU privacy guard - cryptographic agent (dummy transitional package)

 GnuPG is GNU's tool for secure communication and data storage.
 It can be used to encrypt data and to create digital signatures.
 It includes an advanced key management facility and is compliant
 with the proposed OpenPGP Internet standard as described in RFC4880.
 .
 This is a dummy transitional package; please use gpg-agent instead.

gnupg-l10n: GNU privacy guard - localization files

 GnuPG is GNU's tool for secure communication and data storage.
 It can be used to encrypt data and to create digital signatures.
 It includes an advanced key management facility and is compliant
 with the proposed OpenPGP Internet standard as described in RFC 4880.
 .
 This package contains the translation files for the use of GnuPG in
 non-English locales.

gnupg-utils: GNU privacy guard - utility programs

 GnuPG is GNU's tool for secure communication and data storage.
 .
 This package contains several useful utilities for manipulating
 OpenPGP data and other related cryptographic elements. It includes:
 .
  * addgnupghome -- create .gnupg home directories
  * applygnupgdefaults -- run gpgconf --apply-defaults for all users
  * gpgcompose -- an experimental tool for constructing arbitrary
                  sequences of OpenPGP packets (e.g. for testing)
  * gpgparsemail -- parse an e-mail message into annotated format
  * gpgsplit -- split a sequence of OpenPGP packets into files
  * gpgtar -- encrypt or sign files in an archive
  * kbxutil -- list, export, import Keybox data
  * lspgpot -- convert PGP ownertrust values to GnuPG
  * migrate-pubring-from-classic-gpg -- use only "modern" formats
  * symcryptrun -- use simple symmetric encryption tool in GnuPG framework
  * watchgnupg -- watch socket-based logs

gnupg-utils-dbgsym: debug symbols for gnupg-utils
gnupg2: GNU privacy guard - a free PGP replacement (dummy transitional package)

 GnuPG is GNU's tool for secure communication and data storage.
 It can be used to encrypt data and to create digital signatures.
 It includes an advanced key management facility and is compliant
 with the proposed OpenPGP Internet standard as described in RFC4880.
 .
 This is a dummy transitional package that provides symlinks from gpg2
 to gpg.

gpg: GNU Privacy Guard -- minimalist public key operations

 GnuPG is GNU's tool for secure communication and data storage.
 It can be used to encrypt data and to create digital signatures.
 It includes an advanced key management facility and is compliant
 with the proposed OpenPGP Internet standard as described in RFC4880.
 .
 This package contains /usr/bin/gpg itself, and is useful on its own
 only for public key operations (encryption, signature verification,
 listing OpenPGP certificates, etc). If you want full capabilities
 (including secret key operations, network access, etc), please
 install the "gnupg" package, which pulls in the full suite of tools.

gpg-agent: GNU privacy guard - cryptographic agent

 GnuPG is GNU's tool for secure communication and data storage.
 It can be used to encrypt data and to create digital signatures.
 It includes an advanced key management facility and is compliant
 with the proposed OpenPGP Internet standard as described in RFC4880.
 .
 This package contains the agent program gpg-agent which handles all
 secret key material for OpenPGP and S/MIME use. The agent also
 provides a passphrase cache, which is used by pre-2.1 versions of
 GnuPG for OpenPGP operations. Without this package, trying to do
 secret-key operations with any part of the modern GnuPG suite will
 fail.

gpg-agent-dbgsym: debug symbols for gpg-agent
gpg-dbgsym: debug symbols for gpg
gpg-wks-client: GNU privacy guard - Web Key Service client

 GnuPG is GNU's tool for secure communication and data storage.
 It can be used to encrypt data and to create digital signatures.
 It includes an advanced key management facility and is compliant
 with the proposed OpenPGP Internet standard as described in RFC4880.
 .
 This package provides the GnuPG client for the Web Key Service
 protocol.
 .
 A Web Key Service is a service that allows users to upload keys per
 mail to be verified over https as described in
 https://tools.ietf.org/html/draft-koch-openpgp-webkey-service
 .
 For more information see: https://wiki.gnupg.org/WKS

gpg-wks-client-dbgsym: debug symbols for gpg-wks-client
gpg-wks-server: GNU privacy guard - Web Key Service server

 GnuPG is GNU's tool for secure communication and data storage.
 It can be used to encrypt data and to create digital signatures.
 It includes an advanced key management facility and is compliant
 with the proposed OpenPGP Internet standard as described in RFC4880.
 .
 This package provides the GnuPG server for the Web Key Service
 protocol.
 .
 A Web Key Service is a service that allows users to upload keys per
 mail to be verified over https as described in
 https://tools.ietf.org/html/draft-koch-openpgp-webkey-service
 .
 For more information see: https://wiki.gnupg.org/WKS

gpg-wks-server-dbgsym: debug symbols for gpg-wks-server
gpgconf: GNU privacy guard - core configuration utilities

 GnuPG is GNU's tool for secure communication and data storage.
 .
 This package contains core utilities used by different tools in the
 suite offered by GnuPG. It can be used to programmatically edit
 config files for tools in the GnuPG suite, to launch or terminate
 per-user daemons (if installed), etc.

gpgconf-dbgsym: debug symbols for gpgconf
gpgsm: GNU privacy guard - S/MIME version

 GnuPG is GNU's tool for secure communication and data storage.
 It can be used to encrypt data and to create digital signatures.
 It includes an advanced key management facility and is compliant
 with the proposed OpenPGP Internet standard as described in RFC4880.
 .
 This package contains the gpgsm program. gpgsm is a tool to provide
 digital encryption and signing services on X.509 certificates and the
 CMS protocol. gpgsm includes complete certificate management.

gpgsm-dbgsym: debug symbols for gpgsm
gpgv: GNU privacy guard - signature verification tool

 GnuPG is GNU's tool for secure communication and data storage.
 .
 gpgv is actually a stripped-down version of gpg which is only able
 to check signatures. It is somewhat smaller than the fully-blown gpg
 and uses a different (and simpler) way to check that the public keys
 used to make the signature are valid. There are no configuration
 files and only a few options are implemented.

gpgv-dbgsym: debug symbols for gpgv
gpgv-static: minimal signature verification tool (static build)

 GnuPG is GNU's tool for secure communication and data storage.
 It can be used to encrypt data and to create digital signatures.
 It includes an advanced key management facility and is compliant
 with the proposed OpenPGP Internet standard as described in RFC 4880.
 .
 This is GnuPG's signature verification tool, gpgv, built statically
 so that it can be directly used on any platform that is running on
 the Linux kernel. Android and ChromeOS are two well known examples,
 but there are many other platforms that this will work for, like
 embedded Linux OSes. This gpgv in combination with debootstrap and
 the Debian archive keyring allows the secure creation of chroot
 installs on these platforms by using the full Debian signature
 verification that is present in all official Debian mirrors.

gpgv-static-dbgsym: debug symbols for gpgv-static
gpgv-win32: GNU privacy guard - signature verification tool (win32 build)

 GnuPG is GNU's tool for secure communication and data storage.
 .
 gpgv is a stripped-down version of gnupg which is only able to check
 signatures. It is smaller than the full-blown gnupg and uses a
 different (and simpler) way to check that the public keys used to
 make the signature are trustworthy.
 .
 This is a win32 version of gpgv. It's meant to be used by the win32-loader
 component of Debian-Installer.

gpgv2: GNU privacy guard - signature verification tool (dummy transitional package)

 GnuPG is GNU's tool for secure communication and data storage. gpgv
 is a stripped-down version of gpg which is only able to check
 signatures.
 .
 This is a dummy transitional package that provides symlinks from gpgv2
 to gpgv.

scdaemon: GNU privacy guard - smart card support

 GnuPG is GNU's tool for secure communication and data storage.
 It can be used to encrypt data and to create digital signatures.
 It includes an advanced key management facility and is compliant
 with the proposed OpenPGP Internet standard as described in RFC4880.
 .
 This package contains the smart card program scdaemon, which is used
 by gpg-agent to access OpenPGP smart cards.

scdaemon-dbgsym: debug symbols for scdaemon