diff mbox series

[master,1/2] gnupg: Upgrade 2.5.17 -> 2.5.20

Message ID 20260630130341.71014-2-roland.kovacs@est.tech
State New
Headers show
Series gnupg update and fix outstanding CVE | expand

Commit Message

Roland Kovacs June 30, 2026, 1:03 p.m. UTC 
Bug fixes included in this release:
   - gpg: Fix wrong assertion failure which could very rarely occur
     during key signature checking.  [rG693f5642f6]
   - gpg: Consider certify-only keys for revocation signature check.
     [T8196]
   - gpgsm: Fix possible double free in the CMS parser.  [T8240]
   - gpgsm: Fix possible too early removal of ephemeral keys.  [T8236]
   - gpgsm: Avoid emitting a final FAILURE status line if --status-fd
     is not used.  [rG69c27fe377]
   - gpgsm: Fix a regression in 2.5.19 for password encrypted GCM
     data.  [rG60a823c97b]
   - agent: Fix not using cache for pinentry loopback.  [rGd4b608a31f]
   - agent: Fix command PUT_SECRET by saving input line.  [rG1875bc185e]
   - keyboxd: Mark keys searched but not imported via LDAP correctly
     as ephemeral.  [T8048]
   - scdaemon: Avoid buffer overflow with SC-HSM cards providing RSA
     keys > 2k.  [T8244]
   - dirmngr: Fix uninitialized use of the dns_any union in
     dns_rr_cmp.  [T8251]
 Release-info: https://dev.gnupg.org/T7997

Signed-off-by: Roland Kovacs <roland.kovacs@est.tech>
---
 .../recipes-support/gnupg/{gnupg_2.5.17.bb => gnupg_2.5.20.bb} | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)
 rename meta/recipes-support/gnupg/{gnupg_2.5.17.bb => gnupg_2.5.20.bb} (95%)

Comments

Alexander Kanavin June 30, 2026, 1:16 p.m. UTC | #1 
On Tue, 30 Jun 2026 at 15:03, Roland Kovács via lists.openembedded.org
<roland.kovacs=est.tech@lists.openembedded.org> wrote:
>  UPSTREAM_CHECK_URI = "https://gnupg.org/ftp/gcrypt/gnupg/"
> +SRCREV = "343d0cb8910441aa44c56ce8673a78e137040c87"
>  SRC_URI = "${GNUPG_MIRROR}/${BPN}/${BPN}-${PV}.tar.bz2 \

There's a stray SRCREV here.

Alex
diff mbox series

Patch

diff --git a/meta/recipes-support/gnupg/gnupg_2.5.17.bb b/meta/recipes-support/gnupg/gnupg_2.5.20.bb
similarity index 95%
rename from meta/recipes-support/gnupg/gnupg_2.5.17.bb
rename to meta/recipes-support/gnupg/gnupg_2.5.20.bb
index fd6588769c..a1a50e2384 100644
--- a/meta/recipes-support/gnupg/gnupg_2.5.17.bb
+++ b/meta/recipes-support/gnupg/gnupg_2.5.20.bb
@@ -16,6 +16,7 @@  inherit autotools gettext texinfo pkgconfig upstream-version-is-even
 require drop-unknown-suffix.inc
 
 UPSTREAM_CHECK_URI = "https://gnupg.org/ftp/gcrypt/gnupg/"
+SRCREV = "343d0cb8910441aa44c56ce8673a78e137040c87"
 SRC_URI = "${GNUPG_MIRROR}/${BPN}/${BPN}-${PV}.tar.bz2 \
            file://0002-use-pkgconfig-instead-of-npth-config.patch \
            file://0001-Woverride-init-is-not-needed-with-gcc-9.patch \
@@ -24,7 +25,7 @@  SRC_URI:append:class-native = " file://0001-configure.ac-use-a-custom-value-for-
                                 file://relocate.patch"
 SRC_URI:append:class-nativesdk = " file://relocate.patch"
 
-SRC_URI[sha256sum] = "2c1fbe20e2958fd8fb53cf37d7c38e84a900edc0d561a1c4af4bc3a10888685d"
+SRC_URI[sha256sum] = "6461266e99c308419a379abe6c356d54c214136c4589bd65951091138989ffc6"
 
 EXTRA_OECONF = "--disable-ldap \
 		--disable-ccid-driver \