Age | Commit message (Collapse) | Author |
|
From http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6085:
"The read_block function in g10/import.c in GnuPG 1.4.x before 1.4.13 and 2.0.x
through 2.0.19, when importing a key, allows remote attackers to corrupt the
public keyring database or cause a denial of service (application crash) via a
crafted length field of an OpenPGP packet."
Patch taken from upstream git, which is identical in both branches.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
gnupg has it's own fake curl, since we use gnupg with zypper, there does not
seem to be a strong reason to add curl to the depends list.
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
The CCID driver driver is apparently unnecessary, so disable it.
Also remove the associated libusb dependency, since that won't be
needed either.
According to Scott Garman <scott.a.garman@intel.com>:
I'd just note that the CCID smartcard reader is a specific piece of
hardware that is unlikely to be used in a majority of our use cases.
Signed-off-by: Tom Zanussi <tom.zanussi@intel.com>
Signed-off-by: Elizabeth Flanagan <elizabeth.flanagan@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
gnupg apparently depends on libusb:
| error: Failed dependencies:
| libusb-0.1-4 >= 0.1.3 is needed by gnupg-2.0.18-r1.core2
So add libusb to gnupg DEPENDS.
Signed-off-by: Tom Zanussi <tom.zanussi@intel.com>
Signed-off-by: Elizabeth Flanagan <elizabeth.flanagan@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Laurentiu Palcu <laurentiu.palcu@intel.com>
|