dev/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

gnupg: 2.3.7 -> 2.4.0

Browse Source
This commit is contained in:
Doron Behar 2022-12-21 09:12:31 +02:00
parent 2d44dc9643
commit d3b076da38
2 changed files with 6 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
pkgs/tools/security/gnupg/23.nix → pkgs/tools/security/gnupg/24.nix
View File

@ -11,11 +11,11 @@ assert guiSupport -> enableMinimal == false;
stdenv.mkDerivation rec {
pname = "gnupg";
version = "2.3.7";
version = "2.4.0";
src = fetchurl {
url = "mirror://gnupg/gnupg/${pname}-${version}.tar.bz2";
sha256 = "sha256-7hY6X7nsmf/BsY5l+u+NCGgAxXE9FaZyq1fTeZ2oNmk=";
sha256 = "sha256-HXkVjdAdmSQx3S4/rLif2slxJ/iXhOosthDGAPsMFIM=";
};
depsBuildBuild = [ buildPackages.stdenv.cc ];
@ -29,19 +29,13 @@ stdenv.mkDerivation rec {
patches = [
./fix-libusb-include-path.patch
./tests-add-test-cases-for-import-without-uid.patch
./allow-import-of-previously-known-keys-even-without-UI.patch
# TODO: Refresh patch? Doesn't apply on 2.4.0
#./allow-import-of-previously-known-keys-even-without-UI.patch
./accept-subkeys-with-a-good-revocation-but-no-self-sig.patch
# Patch for DoS vuln from https://seclists.org/oss-sec/2022/q3/27
./v3-0001-Disallow-compressed-signatures-and-certificates.patch
# Fix regression when using YubiKey devices as smart cards.
# See https://dev.gnupg.org/T6070 for details.
# Committed upstream, remove this patch when updating to the next release.
(fetchpatch {
url = "https://dev.gnupg.org/rGf34b9147eb3070bce80d53febaa564164cd6c977?diff=1";
sha256 = "sha256-J/PLSz8yiEgtGv+r3BTGTHrikV70AbbHQPo9xbjaHFE=";
})
];
postPatch = ''
sed -i 's,\(hkps\|https\)://keyserver.ubuntu.com,hkps://keys.openpgp.org,g' configure configure.ac doc/dirmngr.texi doc/gnupg.info-1

4
pkgs/top-level/all-packages.nix
View File

@ -7529,11 +7529,11 @@ with pkgs;
gnupg1orig = callPackage ../tools/security/gnupg/1.nix { };
gnupg1compat = callPackage ../tools/security/gnupg/1compat.nix { };
gnupg1 = gnupg1compat; # use config.packageOverrides if you prefer original gnupg1
gnupg23 = callPackage ../tools/security/gnupg/23.nix {
gnupg24 = callPackage ../tools/security/gnupg/24.nix {
guiSupport = stdenv.isDarwin;
pinentry = if stdenv.isDarwin then pinentry_mac else pinentry-gtk2;
};
gnupg = gnupg23;
gnupg = gnupg24;
gnupg-pkcs11-scd = callPackage ../tools/security/gnupg-pkcs11-scd { };