Change log for signing-party package in Debian
1 → 33 of 33 results | First • Previous • Next • Last |
signing-party (2.11-1) unstable; urgency=medium [ Guilhem Moulin ] * d/control, d/install: Apply wrap-and-sort(1). * d/control: Remove useless Build-Depends: python. * d/control, d/rules: Replace dh_python2 with dh_python3. This has AFAICT no impact on the binary packages which have been ported to python3 in 2.8-1. (Closes: #938480.) * Set Rules-Requires-Root: no. * Trim trailing whitespace. * Move source package lintian overrides to debian/source. * Rename debian/NEWS.Debian to debian/NEWS. * Update standards version to 4.5.0, no changes needed. * Bump debhelper from 9 to 13. Remove now useless Build-Depends: autotools-dev. * Set debhelper-compat version in Build-Depends. * Use the dh sequencer in debian/rules. [ Max Harmathy ] * New script gpgparticipants-filter. -- Guilhem Moulin <email address hidden> Wed, 08 Jul 2020 18:43:59 +0200
Available diffs
Published in stretch-release |
signing-party (2.5-1+deb9u1) stretch; urgency=medium * Backport security fix for CVE-2019-11627: unsafe shell call enabling shell injection via a User ID. Use Perl's (core) module Encode.pm instead of shelling out to `iconv`. (Closes: #928256.) -- Guilhem Moulin <email address hidden> Wed, 01 May 2019 12:55:42 +0200
signing-party (2.10-2) unstable; urgency=high * gpg-key2ps: Security fix for CVE-2019-11627: unsafe shell call enabling shell injection via a User ID. Use Perl's (core) module Encode.pm instead of shelling out to `iconv`. (Closes: #928256.) -- Guilhem Moulin <email address hidden> Sun, 05 May 2019 15:13:54 +0200
Available diffs
- diff from 2.10-1 to 2.10-2 (432 bytes)
signing-party (2.10-1) unstable; urgency=high * gpg-key2ps: Security fix for CVE-2018-15599: unsafe shell call enabling shell injection via a User ID. Use Perl's (core) module Encode.pm instead of shelling out to `iconv`. (Closes: #928256.) -- Guilhem Moulin <email address hidden> Wed, 01 May 2019 12:21:59 +0200
Available diffs
- diff from 2.9-1 to 2.10-1 (694 bytes)
signing-party (2.9-1) unstable; urgency=medium * gpglist: + When --signer's argument is a long keyid or fingerprint, don't require the key to be present in the keyring. This enable filtering on unknown signing keys. + Don't choke on direct-key signatures. (Closes: #921331.) * gpgparticipants: + Improve quoting and replace `echo` with `printf`. + Avoid including subkey fingerprints when gpg.conf contains 'fingerprint'. -- Guilhem Moulin <email address hidden> Fri, 01 Mar 2019 15:39:40 +0100
Available diffs
- diff from 2.8-1 to 2.9-1 (2.4 KiB)
signing-party (2.8-1) unstable; urgency=low [ Guilhem Moulin ] * keyart, gpgparticipants-prefill: port to python3. * keyart: + Don't print ASCII art for subkeys, only the master key. + Pass --no-auto-check-trustdb flag to gpg(1). + Fix crash with non-ASCII UIDs. Patch from Grégoire Detrez. * Fix a couple of spelling errors. Thanks to Edward Betts for the report and patch. (Closes: #882729) * caff: + Add the "only-sign-text-ids" to the list of gpg(1) options imported from ~/.gnupg/gpg.conf. + Ensure the terminal is "sane enough" when asking questions ('echo', 'echok', 'icanon', 'icrnl' settings are all set), and restore original settings when exit()'ing the program. (Closes: #872529) * caff, gpglist, gpgsigs: in `gpg --with-colons` output, allow signature class to be followed with an optional revocation reason. gpg(1) does that since 2.2.9. (Closes: #905097.) * caff, gpg-key2latex, gpg-key2ps, gpglist, gpgsigs, keylookup: Remove references to https://pgp-tools.alioth.debian.org/ . * caff, gpg-key2latex, gpg-key2ps, gpg-mailkeys, gpglist, gpgparticipants, gpgsigs, keylookup: Remove SVN keywords ($Id$, $Rev$, etc.) * debian/control: + Migrate Vcs-Browser and Vcs-Git to https://salsa.debian.org/signing-party-team/signing-party . + Bump Standards-Version to 4.3.0 (no changes necessary). * sig2dot: Don't use the diamond operator. [ Edward Betts] * debian/control: add neomutt as an alternative to mutt -- Guilhem Moulin <email address hidden> Mon, 28 Jan 2019 03:05:33 +0100
Available diffs
- diff from 2.7-2 to 2.8-1 (9.0 KiB)
signing-party (2.7-2) unstable; urgency=low * debian/control: + Migrate Vcs-Browser and Vcs-Git from Alioth to Salsa. (Closes: #898200) + Bump Standards-Version to 4.1.4 (no changes necessary). -- Guilhem Moulin <email address hidden> Wed, 09 May 2018 13:05:37 +0200
Available diffs
- diff from 2.7-1 to 2.7-2 (714 bytes)
signing-party (2.7-1) unstable; urgency=low * gpg-key2ps: + Add support for ECDH, ECDSA and EDDSA key types. + Align key type & size listing to the GnuPG 2.1.x output (e.g., "rsa4096/DEADBEEF" instead of "4096R/DEADBEEF"). * gpgsigs: + Set UAT (jpeg photos) density to 90dpi so XeLaTeX doesn't complain that the image is too large. * debian/control: Bump Standards-Version to 4.1.3 + Replace "extra" priority to "optional" * debian/rules: Remove deprecated dh_autotools-dev_updateconfig and dh_autotools-dev_restoreconfig. -- Guilhem Moulin <email address hidden> Mon, 29 Jan 2018 11:46:19 +0100
Available diffs
- diff from 2.6-1 to 2.7-1 (2.3 KiB)
signing-party (2.6-1) unstable; urgency=low * gpgsigs: + Skip undefined UIDs. + Properly handle (skip) unknown attributes. + Allow digest hexadecimal characters to replace multiple '_' in the fill-in forms. (This is not what gpgparticipants(1) produces, but some KSP organizers use other scripts.) * gpglist: New option '--signer' to limit listed signers to the matching keys. * Makefile, debian/rules: Avoid parsing dpkg-parsechangelog(1) output. * debian/control: Bump Standards-Version to 4.0.0 (no changes necessary). -- Guilhem Moulin <email address hidden> Fri, 07 Jul 2017 17:05:30 +0200
Available diffs
- diff from 2.5-1 to 2.6-1 (5.8 KiB)
signing-party (2.5-1) unstable; urgency=low * caff: + Show how to set $ENV{'PERL_MAILERS'} to specify a sendmail binary (or use a sendmail-compatible MTA such as msmtp(1)). Credits to Ryan Kavanagh's blog post. + Fix regression (introduced in 2.4-1) skipping --recv-key when 'keys-from-gnupg' isn't set. (Closes: #837406) + List all UIDs contained in an email when asking whether to send it. * gpg-key2latex: Add an option '--qrcode-data' to specify the data to encode in a QR code (default: "OPENPGP4FPR:%f"). * gpg-key2ps: + Fix revoked UID stroke slant with "-r strike". Thanks to Grégoire Détrez for the patch. + Ensure subkeys are hiden unless '--show-subkeys' is set. (As of GnuPG 2.1.15-3, `gpg --with-colons --list-keys` lists subkeys by defaults.) Thanks to Grégoire Détrez for the patch. -- Guilhem Moulin <email address hidden> Thu, 06 Oct 2016 14:59:44 +0200
Available diffs
- diff from 2.4-1 to 2.5-1 (3.6 KiB)
signing-party (2.4-1) unstable; urgency=medium * caff, gpg-key2latex, gpgsigs: Ignore "KEY_CONSIDERED" status output emitted by gpg 2.1.13 and later. * caff, gpgsigs: Allow input produced by gpgparticipants(1) using gpg 2.1.13. With this version, key IDs are not displayed by default and the "Key fingerprint = " prefix is omitted. * caff: + Fix GnuPG version number comparison. + With GnuPG 2.1.13 or later, use gpgconf(1) to determine the socket paths. (It is not used on earlier gpg since earlier gpgconf do not support --homedir.) This fixes compatibility with GnuPG 2.1.13. (Closes: #834984) + When ~/.caff/gnupghome/gpg.conf does not exist, instead of creating a temporary file (as it's done since signing-party 2.3), parse ~/.gnup/gpg.conf and pass the GnuPG options that are known to be safe (and useful) for caff to gpg(1) using command line options. This soves the problem of lingering configuration files in case caff is killed. + Use full fingerprints internally to avoid collisions. (However $CONFIG{'keyid'} and $CONFIG{'local-users'} are kept to 64-bits key IDs as per RFC 4880 full fingerprints are not available in key signatures, and thus not exposed by `gpg --with-colons --list-sigs`.) + Automatically import the $CONFIG{'also-encrypt-to'} from the normal GnuPGHOME when possible. * d/source.lintian-overrides: Add 'debian-watch-file-is-missing' as we're upstream. * d/control: Remove Franck Joncourt from the Uploaders list per request of the MIA team. (Closes: #831321) -- Guilhem Moulin <email address hidden> Mon, 22 Aug 2016 00:19:48 +0200
Available diffs
- diff from 2.3-1 to 2.4-1 (13.6 KiB)
signing-party (2.3-1) unstable; urgency=low * debian.control: + Replace "Suggests: fonts-droid" by "Suggests: fonts-noto-mono, fonts-noto-cjk". (Closes: #804689) + Replace "http://" with "https://" in the Homepage and Vcs-Browser fields. + Bump Standards-Version to 3.9.8 (no changes necessary). * debian.rules: + Add 'hardening=+pie' to DEB_BUILD_MAINT_OPTIONS to compile ELF executables as PIEs. * caff: + Replace a hash slice with a reverse map for compatibility with Perl older than 5.20. Patch from Gregor Jasny. (Closes: #813469) + Deprecate $CONFIG{'keyserver'}. Users of GnuPG <2.1 should put the option in caff's GnuPG configuration file (~/.caff/gnupghome/gpg.conf by default) instead. GnuPG 2.1 delegates network access to another process (dirmngr), hence for 2.1 the keyserver should be set in ~/.gnupg/dirmngr.conf instead. + When caff's own GnuPG configuration file (~/.caff/gnupghome/gpg.conf) does not exist, automatically generate it with the GnuPG options found in ~/.gnup/gpg.conf that are known to be safe (and useful) for caff. This includes "keyserver", "keyserver-options", "ask-cert-level" and "cert-digest-algo" (among many others). Hence in the absence of its own GnuPG configuration file caff now uses the certification options from the user's GnuPG configuration file. * gpgsigs, gpg-key2latex: + Use "Noto Mono" as default font when compiling with XeLaTeX or LuaLaTeX; and "Noto Sans Mono CJK" as CJK font when compiling with XeLaTeX. * gpg-key2latex: + Don't show capabilities of the entire key when --show-subkeys is set. (Instead, the capabilities of the master key and each subkey are shown independently in uppercase.) + Enclose (sub)key capabilities in square brackets, to match GnuPG 2.1.11+'s output. + For ECDH, ECDSA, EDDSA (sub)keys, show the curve name instead of the public key algorithm and length. This matches GnuPG 2.1.x's output. + The master key's fingerprint was incorrectly set to the last unusable (eg, expired or revoked) subkey fingerprint, if any. (Closes: #815721) * keyart: + Print the public key algorithm and length as shown by GnuPG 2.1 (e.g., "rsa4096" instead of "4096R"); for ECDH, ECDSA and EDDSA keys, show the curve name instead. * keyanalyze: + Remove autogenerated files from the repository, so that they do not clutter it, and do not generated useless diffs. Patch from Guillem Jover. + Switch to use system libmd; this removes the embedded SHA-1 code. Patch from Guillem Jover. (Closes: #816851) -- Guilhem Moulin <email address hidden> Tue, 26 Apr 2016 00:04:47 +0200
Available diffs
- diff from 2.2-1 to 2.3-1 (54.1 KiB)
signing-party (2.2-1) unstable; urgency=low * caff: + "gpgparticipants"-formated input: accept key blocks not starting with a number such as [x] Fingerprint(s) OK [x] ID OK This makes caff able to process the Debconf 15 KSP file. (Closes: #797714) * gpglist: + Don't prune revoked UIDs with a subsequent selfsig. (Closes: #796664) + Add an option '--show-revoked' to show revoked UIDs. Thanks Tomasz Buchert for the patch. + Mention in the manpage that the path to the gpg binary is taken from the GNUPGBIN environment variable, if defined. -- Guilhem Moulin <email address hidden> Tue, 15 Dec 2015 03:10:43 +0100
Available diffs
- diff from 2.1-1 to 2.2-1 (2.3 KiB)
signing-party (2.1-1) unstable; urgency=low * caff: + Only consider non-expired/invalid/revoked keys and UIDs when generating the caffrc. + Proper RFC 5322 validation of email addresses. Currently gpg(1) only accepts a subset of RFC 5322-valid addresses (unless --allow-freeform-uid is set). caff is now able to extract the email address from any UID of the form "addr-spec" or "[phrase] <addr-spec>" with a RFC 5322-valid addr-spec. + Prefix the signature by "-- \n" in the email template. + Automatically mkdir ~/.caff if it doesn't exit. Regression introduced in r776. (Closes: #786933) -- Guilhem Moulin <email address hidden> Sat, 08 Aug 2015 16:34:16 +0200
Available diffs
- diff from 2.0-2 to 2.1-1 (7.2 KiB)
signing-party (2.0-2) unstable; urgency=low * SVN keyword substitution. -- Guilhem Moulin <email address hidden> Wed, 15 Apr 2015 23:55:04 +0200
Available diffs
- diff from 1.1.12-1 to 2.0-2 (33.1 KiB)
signing-party (2.0-1) unstable; urgency=low * caff: + Fix broken compatibility with GnuPG 2.1 (2.1.3 and later only; earlier 2.1.x versions remain unsuported), due to --secret-keyring being ignored by the most recent gpg(1). On those we automaticalyl symlink the S.gpg-agent (unless 'no-sign') and S.dirmngr (unless 'no-download') sockets to avoid spawning new agents in caff's GNUPGHOME. This require an extra call to gpg(1) at the beginning to determine the version. (Closes: #771857) + Default $CONFIG{'local-user'} to $CONFIG{'keyid'} rather than importing the public part of *all* keys found in the secret keyring. (When not pruning the good keys with -u, gpg(1) croaks with exit status 2 when there are secret keys without public part.) + Print {error,warnings,notice,info} lines on STDERR. + Add a --debug flag to enable debug messages. + Deprecate $CONFIG{'gpg-sign'} and $CONFIG{'gpg-delsig'}. + Never redirect STDERR. Send the logger output to /dev/null instead (unless in debug mode). (Closes: #775702) + Send attachements and non RFC 2822 UIDs to *all* signed addresses, not only those for which the UID is exported. This is useful when the signee has some already signed RFC 2822 UIDs and a freshly added attribute, for instance. + Use Term::ANSIColor to produce fancy colored output. Can be configured by setting $CONFIG{colors} to a suitable hash; in particular setting $CONFIG{colors} = {} reverts to the old uncolored output. + Prune keys with import-{clean,minimal} not export-{clean,minimal}. + Fix $CONFIG{'also-lsign-in-gnupghome'}: local signatures are directly imported from caff's GNUPGHOME to our own; in auto-lsign'ing mode, lsign UID for which we have an exportable signature (preserving the signer and cert level). + Pass the 'keyserver-options' specified in ~/.gnupg/gpg.conf to $CONFIG{keyserver} when it is left unset. (Closes: #780836) * gpgsigs: + Add a legend with the different signature types. + Mark local signatures as 'L' (formerly they were marked as 'S'), and expiring -- but not expired -- signatures as 'x'. * caff, pgp-clean, pgp-fixkey, gpg-key2latex, gpg-key2ps, gpg-mailkeys, gpgdir, gpgparticipants, gpgsigs, keyart, keylookup: + Add the possibility to choose the gpg binary via the "GNUPGBIN" environment variable. (Default: "gpg".) -- Guilhem Moulin <email address hidden> Tue, 14 Apr 2015 20:02:36 +0200
signing-party (1.1.12-1) unstable; urgency=low * debian.control: + Remove useless Build-Conflicts autoconf2.13 and automake1.4. + Suggest texlive-latex-extra due to gpg-key2latex using adjustbox.sty. (Closes: #769956) + Add dh-python to Build-Depends. * caff: + Don't consider KEYEXPIRED and SIGEXPIRED as unknown reply from gpg when downloading a key containing a revoked subkey or UID from a keyserver. (Closes: #769892) + Import the public part of *all* keys found in the secret keyring, not only those in @{$CONFIG{keyid}}. Otherwise gpg(1) croaks with exit status 2 when there are secret keys without public part. + Add a configuration option 'mail-subject' to set the "Subject:" header field. (Closes: #771436) * keyart: + Replace shebang by /usr/bin/python. * gpg-key2latex: + Add a fixed 4 module wide quiet zone around QR codes as specified in the standard. (Closes: #772854) + Generate QR codes with (M)edium error correction level. * gpgsigs: + Add --no-auto-check-trustdb to the gpg options (ownertrust values are irrelevant here). * gpglist: + Add --no-auto-check-trustdb to the gpg options (ownertrust values are irrelevant here). * debian/changelog -- Guilhem Moulin <email address hidden> Fri, 02 Jan 2015 19:45:29 +0100
Available diffs
- diff from 1.1.11-1 to 1.1.12-1 (6.0 KiB)
signing-party (1.1.11-1) unstable; urgency=medium [ Thijs Kinkhorst ] * Remove self from from uploaders. [ Guilhem Moulin ] * caff: + Fix RCF 2822 violation: Never localize the "Date" header, regarless of the LC_ALL, LC_TIME and LANG in use. Regression introduced in r698. (Closes: #767371) + Regression fix: allow 8-digits keyid to be passed for annotation. (Closes: #768342) * gpg-key2latex: new script to generate a LaTeX file with fingerprint paper slips. (Closes: #316131, #412512) -- Guilhem Moulin <email address hidden> Fri, 14 Nov 2014 01:16:49 +0100
Available diffs
- diff from 1.1.10-3 to 1.1.11-1 (9.4 KiB)
signing-party (1.1.10-3) unstable; urgency=medium [ Guilhem Moulin ] * caff: + Fix RCF 2822 violation: Never localize the "Date" header, regarless of the LC_ALL, LC_TIME and LANG in use. Regression introduced in r698. (Closes: #767371) -- Guilhem Moulin <email address hidden> Fri, 07 Nov 2014 21:35:13 +0100
Available diffs
- diff from 1.1.10-1 to 1.1.10-3 (1.1 KiB)
signing-party (1.1.10-2) unstable; urgency=medium [ Guilhem Moulin ] * caff: + Fix RCF 2822 violation: Never localize the "Date" header, regarless of the LC_ALL, LC_TIME and LANG in use. Regression introduced in r698. (Closes: #767371) -- Guilhem Moulin <email address hidden> Fri, 07 Nov 2014 21:35:13 +0100
signing-party (1.1.10-1) unstable; urgency=low * debian.compat: + Upgrade packaging to debhelper level 9. * debian.control: + Upgrade Standards-Version to 3.9.6. * caff: + Add a "Date" email header. Patch from Clint Adams. (Closes: #760316) + Fix edge-case RFC 2822 violation in "From" and "Sender" email headers. + Use gpg's --textmode to normalize the line separators to the standard CRLF. + Unescape escaped characters in gpg --with-colons's output (eg, ':'). + Fix encoding on non-UTF8 charsets. + Improve key ID validation. -- Guilhem Moulin <email address hidden> Sat, 11 Oct 2014 22:48:53 +0200
Available diffs
- diff from 1.1.8-1 to 1.1.10-1 (13.3 KiB)
signing-party (1.1.9-1) unstable; urgency=low [ Guilhem Moulin ] * debian.copyright: + Upgragrade to the new, machine-readable, format. * caff: + Fix regression introduced in r518 when removing the 'defined' in 'defined @array'. (Closes: #756459) * gpg-key2ps: + Replace ',' with '.' in paperconf's output, which is localized while Postscript understands only '.' as decimal mark. (Closes: #758991) * gpgsigs: + Use Perl's "Encode" core module for charset conversion. Also, change the default 'from' charset to be the locale in use, as it was the case for 'to'. (Use -f/-t to select alternative from/to charsets.) -- Guilhem Moulin <email address hidden> Mon, 25 Aug 2014 21:50:04 +0200
signing-party (1.1.8-1) unstable; urgency=low [ Guilhem Moulin ] * caff: + Improve the documentation of gpgparticipants annotations. + When clean-exporting a key (aka pruning), don't ignore signatures just because their certification level in under 'min-cert-level' (which defaults to 2). (Closes: #751252) * gpgwrap: + Import the default Debian CFLAGS defined by dpkg-buildflags, which makes the Buildd Log Scanner stop emitting 'W-dpkg-buildflags-missing CFLAGS'. * keyanalyze: + Import the default Debian CFLAGS defined by dpkg-buildflags, which makes the Buildd Log Scanner stop emitting 'W-dpkg-buildflags-missing CFLAGS'. * sig2dot: + Apply -d on OpenPGP signatures and revocation certificates only. (LP: #393242) * springgraph: + Avoid 'illegal division by zero' errors when dealing with isolated nodes and/or degenerated cylinders. (LP: #1267981) + Add an option -f to set the (TrueType) font, style and size to use on labels. This allows proper displaying of non-ASCII labels (provided the chosen font covers all the glyphs). * debian.control, debian.rules: + Update the config files before building the package. Patch from Breno Leitao. (Closes: #748977) [ Aaron Toponce ] * keyart: new script to dislay an ASCII art representation of OpenPGP key files. -- Guilhem Moulin <email address hidden> Sat, 21 Jun 2014 17:32:13 +0200
Available diffs
- diff from 1.1.7-1 to 1.1.8-1 (12.8 KiB)
signing-party (1.1.7-1) unstable; urgency=low [ Guilhem Moulin ] * caff: + Give an example of 'mailer-send' with a custom envelope sender address. + Document a possible workflow in README.many-keys, when working with an annotated gpgparticipants(1) list. + Document a possible workflow for offline signing. * gpgparticipants: + Escape hyphen-minuses (-) in the documentation, as groff may interpret them as hyphens (U+2010). + Use gpg's --display-charset to force the output to be UTF-8 encoded, as the C.UTF-8 locale isn't installed on all platforms. Patch from Stefan Huber. (Closes: #747296). + Prefix gpg with LANGUAGE=en to force the output to be in English. (Other tools in signing-party parse this output.) + Prefix date(1) with LC_ALL=C to prevent its output to be localized. * gpgwrap: + Import the default Debian CPPFLAGS defined by dpkg-buildflags, which makes lintian stop emitting the 'hardening-no-fortify-functions' tag. * debian.control: + Update the Vcs-Svn and Vcs-Browser to canonical URIs. [ Peter Palfrader ] * gpgparticipants-prefill: + add --max-length and --prefix options. -- Guilhem Moulin <email address hidden> Sun, 11 May 2014 14:49:43 +0200
Available diffs
- diff from 1.1.6-1 to 1.1.7-1 (8.0 KiB)
signing-party (1.1.6-1) unstable; urgency=low [ Guilhem Moulin ] * Avoid unnecessary forks and calls to the command shell. * caff: + Properly MIME-Q encode e-mail headers. (Closes: #659971) + Convert internationalized addresses to ASCII in e-mail envelopes and headers. (Closes: #637222) + Adapt patch from Julius Seemayer to reopen STDIN as a TTY. (Closes: #723024) + Allow local and owner keyids to be specified as fingerprints. (Closes: #635359) + Don't redirect gpg's STDERR when importing the keys. (Closes: #612178) + Create the mail files in ~/.caff/keys when mail=no. (Closes: #652686) + Add an option 'mail-cant-encrypt' for special treatment of keys without encryption capability. (Closes: #622790) + Adapt patch from oli and add an option 'gpg-sign-type' for custom signature types. (Closes: #679951) + Add an option 'also-lsign-in-gnupghome' to add non-exportable signatures on the user's GnuPGHOME. (Closes: #680136) + Accept gpgparticipants formatted content on STDIN. (Closes: #622560) + Prefer the keyserver defined in ~/.gnupg/gpg.conf if found. (Closes: #720413) + Abort upon gpg failure. + Create temporary directories in $TMPDIR. (Closes: #735384) + Significant performance boost when importing and pruning. + Adapt patch from Gaudenz Steinlin and add an option 'show-photos' to view photos before signing. (Closes: #594252) + Ignore expired / invalid / revoked UIDs when pruning and exporting. * gpgsigs: + Allow long keyids and key fingerprints (preferred). (Closes: #736963) + Wrap long UIDs (when used with --latex) and digest lines. (Closes: #738718) + Make --latex produce a {pdf,lua,Xe}LaTeX-compatible output. (Closes: #618781) + Allow any checksum algorithm supported by gpg. + Don't identify two UATs that have the same size (use the packet hash to distinguish them). + Mark expired or revoked signatures as such. + Display the correct size of UATs. + Don't use a helper --photo-viewer to store the UATs; instead use --attribute-file and split the output. (Closes: #693906) + Add a dependency to GnuPG::Interface to separate the status output from STDOUT. * gpg-mailkeys: + Apply patch from Stefan Huber to check for empty FROM. (Closes: #727000) + Adapt patch from Stefan Huber to make sendmail's path configurable. (Closes: #727001) * gpgparticipants: + Adapt patch from Tanguy Ortolo to output to STDOUT. (Closes: #694465) + Adapt patch from Tanguy Ortolo to output to accept any digest algorithm supported by gpg (default: SHA256,RIPEMD160). (Closes: #659990) * gpglist: + Handle time-limited signatures (don't list them). + Don't mark a signature as revoked if another signature was created after the revocation certificate (cf. RFC 4880 section 5.2.1, signature type 0x30), or if the signature was non-revokable. + Don't identify two UATs that have the same size (use the packet hash to distinguish them). * pgpring: + Apply patch from Fabrizio Tarizzo to display the correct key length for DSA and Elgamal keys. (Closes: #602284) + Apply patch from Fabrizio Tarizzo to show creation date on signatures and, when present, expiration date on keys and signatures. Also, add options -E and -e to respectively exclude expired keys and signatures from the listing. (Closes: #603257) + Upgrade aclocal.m4 to autoconf 2.69. + Don't checkout unsafe symlink depcomp (automatically created by 'automake --add-missing') and other files automatically generated by automake or autoconf. * gpgwrap: + Link with "read-only relocation" flag set. * debian.control: + Add libnet-idn-encode-perl as Depends for gpgsigs. + Add texlive-xetex and fonts-droid as Suggests for gpgsigs. + Bump Standards-Version up to 3.9.5 (no changes). + Add autotools-dev as Build-Depends for keyanalyze. + Add ${python:Depends} as Depends and python as Build-Depends for gpgparticipants-prefill. + Add autoconf and automake1.11 as Build-Depends for keyanalyze. * Don't checkout empty directories, as git-svn(1) doesn't like them. [ Thijs Kinkhorst ] * Remove Peter Palfrader and Christoph Berg from uploaders, as per their request. -- Guilhem Moulin <email address hidden> Sat, 22 Mar 2014 20:09:26 +0100
Available diffs
- diff from 1.1.5-1 to 1.1.6-1 (59.1 KiB)
signing-party (1.1.5-1) unstable; urgency=medium [ Thijs Kinkhorst ] * caff: correct man page for keys-from-gnupg (closes: #652683) * caff: fix infinite loop after signing a key with newer gpg. Thanks Bernd Zeimetz for the patch. (closes: #722206, #735536) * Drop keyanalyze transitional package, present since 2009. [ Stefan Huber ] * gpgparticipants: Use more modern hashes than md5. [ Peter Palfrader ] * Add gpgparticipants-prefill by Stefan Huber. * Fix comment about keyids in caffrc.sample. -- Thijs Kinkhorst <email address hidden> Thu, 30 Jan 2014 14:28:08 +0100
Available diffs
- diff from 1.1.4-1 (in Ubuntu) to 1.1.5-1 (5.3 KiB)
signing-party (1.1.4-1) unstable; urgency=low [ Thijs Kinkhorst ] * caff: + Correct path of ~/.caffrc in informational messages (Closes: #582603). + Be more verbose on unexpected key ID (Closes: #645792). * gpg-key2ps: + Apply patch from Uwe Kleine-König to deal with latin1 characters (Closes: #596377). * Debian package: + Import dpkg build flags, plus small cleanups. [ Franck Joncourt ] * Debian package: + Switch to dpkg-source 3.0 (quilt) format. - Removed README.source which was needed only for documentation purpose. - Removed quilt framework in d.rules. - Removed BD on quilt. - Added source/format file. + Depend on "default-mta | mail-transport-agent" rather than the old "exim4 | mail-transport-agent". + Bumped Standards-Version up to 3.9.0 (no changes). * gpg-mailkeys: + Correct path of ~/.gpg-mailkeysrc and ~/.signature in manpage. + Add new environment variable SENDMAIL_ARGS to allow user to pass arguments to sendmail (closes: #599409). * caff: + Refactor import of own key and import for keys to sign from keyrings. + Also automatically import keys to sign from the user's normal gpg keyrings. + Use --no-auto-check-trustdb when importing keys from files or the user's normal gpg keyrings (closes: #539643). [ Peter Palfrader ] * caff: + manpage: Refer to all of /usr/share/doc/signing-party/caff/ and not just to /usr/share/doc/signing-party/caff/caffrc.sample (closes: #568052). + Fix horrible &function calls used because of broken prototypes. + Even if all keys to sign were found in the user's normal gpg keyrings we still need to import them (again) from any keyrings passed with --key-files - the keys there might be newer, containing new subkeys (for encryption), uids (for signing) or revocations. + Make importing of keys to be signed from the normal gpg optional (--keys-from-gnupg). + refactor copying of command line options into global config variable. + Create the mail files in ~/.caff/keys even if mail is not sent (closes: #590666). -- Thijs Kinkhorst <email address hidden> Wed, 02 Nov 2011 18:17:25 +0100
signing-party (1.1.3-1) unstable; urgency=low [ Franck Joncourt ] * Debian package: + Updated my email address in d.control. + Added myself as contributor in d.copyright * keylookup: + Fixed typo noticed by lintian in manpage keylookup.1. * caff: + Set the Sender header with the email address which is used for the From header. This overrides the default value which was set by the MIME::Entity Perl module based on the local hostname. (Closes: #556782) [ Thijs Kinkhorst ] * Bumped Standards-Version up to 3.8.4 (no changes). -- Thijs Kinkhorst <email address hidden> Wed, 03 Feb 2010 22:03:41 +0100
signing-party (1.1.2-1) unstable; urgency=low * gpgsigs: + Added patch from Roland Rosenfeld to support RIPEMD160 checksum. (Closes: #533747). + Updated man page to mention support for SHA256 and RIPEMD160 checksum. + Made removal of nonexistent photos quiet by the use of the force option. + Updated generated tex file in latex mode so that it uses the grffile package. This allows pdflatex to process our tex file assuming the photos are previously converted to PDF. (Closes: #542478) + Added texlive-latex-recommended as a suggested package in debian/control. It contains the grffile latex package. * caff: Updated check for the local-user keyids. + Moved the current check to a new function get_local_user_keys(). + Warned the user if a local-user keyid is not listed as a keyid in ./caffrc. (Closes: #540165). * gpgdir: New upstream release. * gpg-mailkeys: + The charset for the text of the message is deduced from the charset used by ~/.gpg-mailkeysrc and ~/.signature. The text message is encoded in quoted printable and thus it requires a new dependency on qprint in debian/control. (Closes: #545186) + Mentionned both the .gpg-mailkeysrc and .signature files in the manpage. * debian.control: added ${misc:Depends} as Depends for the keyanalyze package. * Bumped Standards-Version up to 3.8.3 (no changes). -- Franck Joncourt <email address hidden> Thu, 24 Sep 2009 19:29:07 +0200
signing-party (1.1.1-1) unstable; urgency=low [ Christoph Berg ] * gpg-key2ps: assume gpg output to be in utf-8, instead of depending on the current locale. [ Franck Joncourt ] * caff: + Take the CONFIG{'mail'} variable from .caffrc into count. (Closes: #520387) + Update caff's manpage to mention a keyid specified with -u requires to be listed in the configuration file through the keyid variable. Add a note in caffrc.sample about using the -u option to select which keyid from the CONFIG{'keyid'} as to be used for signing. (Closes: #482693) * keyanalyze/top50.pl: Fix the error message when a line from stdin does not match. * keyanalyze/analyze.sh: + Make the entries in the msd-sorted.txt file sorted. + Used msd.txt file as input for top50.pl. The current pattern in top50.pl does not match data from the msd-sorted.txt file. + Allowed the top1000 report to report the first 1000 ranks by passing *-n 1000* to top50.pl. Set to 50 by default. [ Thijs Kinkhorst ] * Make pool.sks-keyservers.net the default keyserver (closes: #527941). * Checked for policy 3.8.1, no changes necessary. -- Thijs Kinkhorst <email address hidden> Fri, 12 Jun 2009 08:50:33 +0200
signing-party (1.1-2) unstable; urgency=low * Fix build error when only building the binary package by fixing the build-arch target (Closes: #516804). -- Thijs Kinkhorst <email address hidden> Mon, 23 Feb 2009 21:37:20 +0100
signing-party (1.1-1) unstable; urgency=low [ Franck Joncourt ] * Imported gpgdir. (Closes: #498167) * Imported gpgwrap. (Closes: #454074) Added Quilt framework/README.source to handle gpgwrap. * Refreshed debian/control and README files with the new descriptions. * Added new dependencies required by gpgdir: libterm-readkey-perl, libclass-methodmaker-perl * Added wipe as suggested package (useful with gpgdir). [ Thijs Kinkhorst ] * Checked for policy 3.8.0, no changes. * caff: Fix pod syntax problems (Closes: #485653). * gpg-key2ps: no longer waste paper on the subkey information by default. It's not relevant to the keysigning process, but added option to enable if you want it. * Remove obsolete transitional packages sig2dot, springgraph. * Upgrade packaging to debhelper level 7. [ Christoph Berg ] * Import keyanalyze into signing-party. Thanks to Matthew Wilcox for the permission. Provide a transitional package. + Add patch to flatten output structure for small keyrings. (Closes: #309101) + Update config.{sub,guess}. (Closes: #365148) + Add patch by Stephan Beyer to improve process_keys' input parsing, remedying the need of weird grep and sed commands. (Closes: #370571) + Add -h option to keyanalyze, and update manpage. (Closes: #370570) * Put examples in .../examples/$prog, not the other way round. * Use dh_lintian. -- Thijs Kinkhorst <email address hidden> Sun, 22 Feb 2009 17:58:09 +0100
signing-party (1.0-2) unstable; urgency=low * gpg-mailkeys: Fix parameter escaping of printf, thanks Olivier Tetard (Closes: #478151). * springgraph: clarify help text (Closes: 474351). * Switch dependency libmime-perl to libmime-tools-perl (renamed). * Put springgraph and sig2dot in section graphics. -- Thijs Kinkhorst <email address hidden> Tue, 20 May 2008 12:23:52 +0200
1 → 33 of 33 results | First • Previous • Next • Last |