| Commit message (Collapse) | Author | Age |
|---|
| | |
|
| |
|
|
|
|
|
| |
* gnupg: use libusb1
This fixes scdaemon's direct ccid support.
* systemd: fix gnupg-minimal
|
| | |
|
| |
|
|
|
| |
See https://lists.gnu.org/archive/html/info-gnu/2020-03/msg00008.html
for release information.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds a patch series which allows GnuPG to import updates
(revocations and subkeys) from certificates that contain no user ids.
This is relevant for refreshing keys from the default keyserver
keys.openpgp.org, where only user ids that contain verified email
addresses will be distributed, and revoked keys never contain any user
ids.
This patch series was originally authored and submitted to upstream half
a year ago (by me), but now comes from Debian packaging where it's been
included since then.
Relates to the following upstream issue: https://dev.gnupg.org/T4393
|
| |
|
|
|
| |
See https://lists.gnu.org/archive/html/info-gnu/2019-12/msg00001.html
for release information.
|
| |
|
|
|
| |
See https://lists.gnu.org/archive/html/info-gnu/2019-11/msg00010.html
for release information
|
| |
|
|
| |
Basically a flavour of gnugpg, which solely containts `bin/gnupg`.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This solves the dependency cycle in gcr alternatively so there won't be
two gnupg store paths in a standard NixOS system which has udisks2 enabled
by default.
NixOS users are expected to use the gpg-agent user service to pull in the
appropriate pinentry flavour or install it on their systemPackages and set
it in their local gnupg agent config instead.
Co-authored-by: Florian Klink <flokli@flokli.de>
|
| | |
|
| |
|
|
|
|
|
|
|
| |
treewide replacement of
stdenv.mkDerivation rec {
name = "*-${version}";
version = "*";
to pname
|
| | |
|
| |
|
|
| |
https://lists.gnupg.org/pipermail/gnupg-announce/2019q3/000439.html
|
| |
|
|
|
|
| |
This quickly became a 404 upstream.
Fixes https://github.com/NixOS/nixpkgs/64256.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
See discussion at
https://github.com/NixOS/nixpkgs/pull/63952#issuecomment-507048690.
Upstream commit:
commit 1c9cc97e9d47d73763810dcb4a36b6cdf31a2254
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Sun Jun 30 11:54:35 2019 -0400
dirmngr: Only use SKS pool CA for SKS pool
* dirmngr/http.c (http_session_new): when checking whether the
keyserver is the HKPS pool, check specifically against the pool name,
as ./configure might have been used to select a different default
keyserver. It makes no sense to apply Kristian's certificate
authority to anything other than the literal host
hkps.pool.sks-keyservers.net.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
GnuPG-Bug-Id: 4593
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
See https://gist.github.com/rjhansen/67ab921ffb4084c865b3618d6955275f.
The SKS network is vulnerable to certificate poisoning, which can
destroy GnuPG installations. keys.openpgp.org is a new non-SKS keyserver
that is resistant to this type of attack.
With such an attack being possible, it is unsafe to use SKS keyservers
for almost anything, and so we should protect our users from a now
unsafe default. keys.openpgp.org offers some (but not all) functionality
of SKS, and is better than nothing.
This default is only present in gnupg22. gnupg20 and gnupg1orig are not
affected.
|
| |
|
|
| |
https://dev.gnupg.org/T4509
|
| |\
| |
| | |
gnupg: 2.2.14 -> 2.2.15
|
| | |
| |
| |
| | |
https://dev.gnupg.org/T4434
|
| |\ \
| |/
|/| |
gnupg: use config flags to find lib prefix instead of their binary tools
|
| | | |
|
| |/
|
|
| |
https://lists.gnupg.org/pipermail/gnupg-announce/2019q1/000435.html
|
| |
|
|
| |
https://dev.gnupg.org/T4290
|
| |
|
|
|
|
| |
He prefers to contribute to his own nixpkgs fork triton.
Since he is still marked as maintainer in many packages
this leaves the wrong impression he still maintains those.
|
| |
|
|
| |
https://dev.gnupg.org/T4289
|
| |
|
|
|
| |
See http://lists.gnu.org/archive/html/info-gnu/2018-11/msg00003.html for
release information
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Presently, gnupg1compat only works with gnupg22. Without this change, the error
```
error: attribute 'version' missing, at .../nixpkgs/pkgs/tools/security/gnupg/1compat.nix:4:26
```
is emitted when evaluating
```
pkgs.gnupg1compat.override { gnupg = pkgs.gnupg20; }'
```
|
| |
|
|
| |
See https://lists.gnu.org/archive/html/info-gnu/2018-08/msg00010.html
for release information
|
| |
|
|
| |
See https://lists.gnu.org/archive/html/info-gnu/2018-07/msg00003.html
for release information.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools.
This update was made based on information from https://repology.org/metapackage/gnupg/versions.
These checks were done:
- built on NixOS
- /nix/store/bxq2w522d82qykwqi8wscm4v105zs2bq-gnupg-1.4.23/bin/gpgsplit passed the binary check.
- /nix/store/bxq2w522d82qykwqi8wscm4v105zs2bq-gnupg-1.4.23/bin/gpg passed the binary check.
- /nix/store/bxq2w522d82qykwqi8wscm4v105zs2bq-gnupg-1.4.23/bin/gpgv passed the binary check.
- /nix/store/bxq2w522d82qykwqi8wscm4v105zs2bq-gnupg-1.4.23/bin/gpg-zip passed the binary check.
- 4 of 4 passed binary check by having a zero exit code.
- 1 of 4 passed binary check by having the new version present in output.
- found 1.4.23 with grep in /nix/store/bxq2w522d82qykwqi8wscm4v105zs2bq-gnupg-1.4.23
- directory tree listing: https://gist.github.com/37dc2e87340f0983866c3c125172de27
- du listing: https://gist.github.com/4a84db46e37bd6d372fe020cc7826838
|
| |
|
|
|
|
|
| |
This addresses CVE-2018-12020. The details can be retrived from the
changelog [1].
[1] https://lists.gnupg.org/pipermail/gnupg-announce/2018q2/000425.html
|
| |
|
|
|
| |
See http://lists.gnu.org/archive/html/info-gnu/2018-05/msg00004.html for
release informations.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
"platforms.gnu" has been linux-only since at least 17.03:
$ nix eval -f channel:nixos-17.03 lib.platforms.gnu
[ "i686-linux" "x86_64-linux" "armv5tel-linux" "armv6l-linux" "armv7l-linux" "aarch64-linux" "mips64el-linux" ]
Unlike platforms.linux, platforms.gnu indicates "must use glibc"
which for the most part is not intended.
Replacing platforms.gnu with platforms.linux would be the same "today"
but let's err on preserving existing behavior and be optimistic
about platforms these packages work on.
|
| |
|
|
|
| |
See http://lists.gnu.org/archive/html/info-gnu/2018-04/msg00005.html for
release information
|
| | |
|
| |
|
|
|
| |
See http://lists.gnu.org/archive/html/info-gnu/2018-02/msg00005.html
for release information
|
| | |
|
| |
|
|
|
| |
See http://lists.gnu.org/archive/html/info-gnu/2017-12/msg00013.html
for release information
|
| |
|
|
|
|
| |
This is a maintenance release.
See http://lists.gnu.org/archive/html/info-gnu/2017-11/msg00008.html
for release information
|
| |
|
|
|
|
| |
This is a maintenance release.
See http://lists.gnu.org/archive/html/info-gnu/2017-11/msg00001.html
for release information
|
| |\ |
|
| | |
| |
| |
| |
| | |
See http://lists.gnu.org/archive/html/info-gnu/2017-09/msg00010.html
for release information
|
| |/ |
|
| |
|
|
|
|
| |
break.
(cherry picked from commit c651a0ccbf5b17739390b56f91b656a7b920f643)
|
| |
|
|
|
| |
See http://lists.gnu.org/archive/html/info-gnu/2017-08/msg00012.html
for release information
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This release in a RC for gnupg-2.2. The main difference as far as
nixpkgs is concerned is that the binary `gpg2` is now called `gpg` and
`gpgv2` is called `gpgv`.
This update fixed all explicit use of `gpg2` and `gpgv2` across nixpkgs,
but there might be some packaged software that internally use `gpg2`
not handeled by this commit.
See http://lists.gnu.org/archive/html/info-gnu/2017-08/msg00001.html
for full release information
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* pkgs: refactor needless quoting of homepage meta attribute
A lot of packages are needlessly quoting the homepage meta attribute
(about 1400, 22%), this commit refactors all of those instances.
* pkgs: Fixing some links that were wrongfully unquoted in the previous
commit
* Fixed some instances
|