| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| 12_lessdeps_libgcrypt-config.diff | Drop -lgpg-error from libgcrypt-config --libs output. | Andreas Metzler <ametzler@debian.org> | no | debian | vendor | 2014-01-04 |
| 13_lessdeps_libgcrypt-pkgconfig.diff | Do not link against unneeded libraries | Andreas Metzler <ametzler@debian.org> | no | vendor | 2019-08-30 | |
| 15_multiarchpath_in_-L.diff | Do not print standard multiarch path {/usr,}/lib/i386-linux-gnu are in the standard search path, there is no need to explicitly point gcc there with a -L argument. Also we are installing the actual library and the so-symlink in different locations which makes this incorrect no matter which one we choose. |
not-needed | vendor | |||
| 25_norevisionfromgit.diff | Do not pull revision info from GIT Stop trying to pull version info from GIT when autoconf is run. | Andreas Metzler <ametzler@debian.org> | no | vendor | 2017-07-24 | |
| 30_01-Post-release-updates.patch | [PATCH 1/6] Post release updates -- |
Werner Koch <wk@gnupg.org> | no | 2020-10-23 | ||
| 30_02-tests-Put-a-work-around-to-tests-random-for-macOS.patch | [PATCH 2/6] tests: Put a work around to tests/random for macOS. * configure.ac [*-apple-darwin*] (USE_POSIX_SPAWN_FOR_TESTS): New. * tests/random.c [USE_POSIX_SPAWN_FOR_TESTS] (run_all_rng_tests): New. -- Cherry-pick master commit of: 9769b40b54cf010a0c41c4ab05a7a88e17d70613 |
NIIBE Yutaka <gniibe@fsij.org> | no | 2020-12-03 | ||
| 30_03-ecc-Add-checking-key-for-ECDSA.patch | [PATCH 3/6] ecc: Add checking key for ECDSA. * cipher/ecc-ecdsa.c (_gcry_ecc_ecdsa_verify): Validate public key. * cipher/ecc-gost.c (_gcry_ecc_gost_verify): Likewise. -- |
NIIBE Yutaka <gniibe@fsij.org> | no | 2021-02-02 | ||
| 30_04-Fix-ubsan-warnings-for-i386-build.patch | [PATCH 4/6] Fix ubsan warnings for i386 build * mpi/mpicoder.c (_gcry_mpi_set_buffer) [BYTES_PER_MPI_LIMB == 4]: Cast "*p--" values to mpi_limb_t before left shifting. * tests/t-lock.c (main): Cast 'time(NULL)' to unsigned type. -- |
Jussi Kivilinna <jussi.kivilinna@iki.fi> | no | 2021-01-30 | ||
| 30_05-Add-handling-for-Og-with-O-flag-munging.patch | [PATCH 5/6] Add handling for -Og with O-flag munging * cipher/Makefile.am (o_flag_munging): Add handling for '-Og'. * random/Makefile.am (o_flag_munging): Add handling for '-Og'. -- |
Jussi Kivilinna <jussi.kivilinna@iki.fi> | no | 2021-01-31 | ||
| 30_06-Make-sure-the-grcy_get_config-string-is-always-null-.patch | [PATCH 6/6] Make sure the grcy_get_config string is always null-terminated. * src/global.c (_gcry_get_config): Append null-terminator to output. -- Config string was not being explicitly null-terminated which resulted garbage output from tests/version with ASAN enabled builds. |
Jussi Kivilinna <jussi.kivilinna@iki.fi> | no | 2021-01-31 | ||
| 30_07-Fix-previous-commit.patch | [PATCH 7/8] Fix previous commit * src/global.c (_gcry_get_config): Append the Nul only in the !what case. -- Actually this was my fault - I stripped off the test which Jussi did in his original fix on master. And did not run make check. |
Werner Koch <wk@gnupg.org> | no | 2021-02-14 | ||
| 30_08-ecc-Check-the-input-length-for-the-point.patch | [PATCH 8/8] ecc: Check the input length for the point. * cipher/ecc-misc.c (_gcry_ecc_mont_decodepoint): Check the length of valid point representation. -- Backport the commit of master: 060c378c050e7ec6206358c681a313d6e1967dcf In the use case of GnuPG, ECDH decryption for anonymous recipient may try to decrypt with different curves. When the input data of ephemeral key does not match one of the private key, it should return GPG_ERR_INV_OBJ. |
NIIBE Yutaka <gniibe@fsij.org> | no | 2021-04-27 | ||
| 30_09-ecc-Fix-the-previous-commit.patch | [PATCH] ecc: Fix the previous commit. * cipher/ecc-misc.c (_gcry_ecc_mont_decodepoint): Fix the condition. -- |
NIIBE Yutaka <gniibe@fsij.org> | no | 2021-05-06 | ||
| 30_10-cipher-Fix-ElGamal-encryption-for-other-implementati.patch | [PATCH] cipher: Fix ElGamal encryption for other implementations. * cipher/elgamal.c (gen_k): Remove support of smaller K. (do_encrypt): Never use smaller K. (sign): Folllow the change of gen_k. -- Cherry-pick master commit of: 632d80ef30e13de6926d503aa697f92b5dbfbc5e This change basically reverts encryption changes in two commits: 74386120dad6b3da62db37f7044267c8ef34689b 78531373a342aeb847950f404343a05e36022065 Use of smaller K for ephemeral key in ElGamal encryption is only good, when we can guarantee that recipient's key is generated by our implementation (or compatible). For detail, please see: Luca De Feo, Bertram Poettering, Alessandro Sorniotti, "On the (in)security of ElGamal in OpenPGP"; in the proceedings of CCS'2021. |
NIIBE Yutaka <gniibe@fsij.org> | no | 2021-05-21 |