Commit b6997c8e authored by Gustavo Zacarias's avatar Gustavo Zacarias Committed by Peter Korsgaard
Browse files

gnupg: security bump to version 1.4.19 



Fixes:
CVE-2014-3591 - Use ciphertext blinding for Elgamal decryption
CVE-2015-0837 - Fixed data-dependent timing variations in modular
exponentiation.

Signed-off-by: default avatarGustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: default avatarPeter Korsgaard <peter@korsgaard.com>
parent b3db3aba

package/gnupg/gnupg.hash

+2 −2
Original line number Diff line number Diff line 
# Locally calculated after checking pgp signature

sha256	b7b5fdda78849955e0cdbc5a085f3a08f8b7fba126c622085debb62def5d6388	gnupg-1.4.18.tar.bz2
 
# From http://lists.gnupg.org/pipermail/gnupg-announce/2015q1/000363.html

sha1	5503f7faa0a0e84450838706a67621546241ca50	gnupg-1.4.19.tar.bz2

package/gnupg/gnupg.mk

+1 −1
Original line number Diff line number Diff line
@@ -4,7 +4,7 @@ 
#

################################################################################



GNUPG_VERSION = 1.4.18

GNUPG_VERSION = 1.4.19

GNUPG_SOURCE = gnupg-$(GNUPG_VERSION).tar.bz2

GNUPG_SITE = ftp://ftp.gnupg.org/gcrypt/gnupg

GNUPG_LICENSE = GPLv3+