--

* g10/mainproc.c (proc_plaintext): Sanitize verbose output.
--

This fixes a forgotten sanitation of user supplied data in a verbose
mode diagnostic.  The mention CVE is about using this to inject
status-fd lines into the stderr output.  Other harm good as well be
done.  Note that GPGME based applications are not affected because
GPGME does not fold status output into stderr.

CVE-id: CVE-2018-12020
GnuPG-bug-id: 4012
(cherry picked from commit 13f135c7a252cc46cff96e75968d92b6dc8dce1b)

* g10/compress.c (handle_compressed): Fix memory leak.

--

(backport from STABLE-BRANCH-2-2 commit:
c31abf84659dbda5503dd9f3aa3449520bcd1b84)

All other calls of push_compress_filter checks ALGO,
so, do it here, too.

GnuPG-bug-id: 3898
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>

--

The French string has an extra %s which would result in garbage output
or segv.

I am not sure about the sk andro and thus better mark them as fuzzy.

GnuPG-bug-id: 3619
Signed-off-by: Werner Koch <wk@gnupg.org>

* po/ja.po: Fix message with no "%s".

--

Backport of master commit from: 77e2fcb4ffbad8577a2cf41f17bf92dec6a93ad8

The wrong message caused segmentation fault for key generation when
no expiration is specified.

GnuPG-bug-id: 3619
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>

* g10/trustdb.c (sanitize_regexp): Only escape operators.

--

Backport from master commit:
	ccf3ba92087e79abdeaa0208795829b431c6f201

To sanitize a regular expression, quoting by backslash should be only
done for defined characters.  POSIX defines 12 characters including
dot and backslash.

Quoting other characters is wrong, in two ways; It may build an
operator like: \b, \s, \w when using GNU library.  Case ignored match
doesn't work, because quoting lower letter means literally and no
much to upper letter.

GnuPG-bug-id: 2923
Co-authored-by: Damien Goutte-Gattat <dgouttegattat@incenp.org>
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>

--
In https://bugs.debian.org/881393

 , Jonas Smedegaard reports:

> In option number 1, the word "komprimeret" means "compressed".
>
> I am pretty sure it should say "kompromitteret" instead, which means
> "compromised".

Debian-Bug-Id: 881393
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>

* cipher/rsa.c (secret): Move var decl to the beginning.
--

Trivial patch; ChangeLog written by wk.

Signed-off-by: Werner Koch <wk@gnupg.org>

--
All /dev/*random devices have been equivalent since OpenBSD 4.9, on
purpose (/dev/random doesn't block).  /dev/srandom has been removed in
the OpenBSD 6.3 development cycle, /dev/arandom will likely follow.

Signed-off-by: Jeremie Courreges-Anglas <jca@wxcvbn.org>

Frans Spiesschaert authored Sep 06, 2017 and Daniel Kahn Gillmor committed Sep 06, 2017

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>

doc/gpg.texi: Remove documentation for --faked-system-time.

Signed-off-by: Marcus Brinkmann <mb@g10code.com>
GnuPG-bug-id: 3329

Debian packaging for GnuPG is handled in debian git repositories, and
doesn't belong here in the upstream repository.  The packaging was
significantly out of date anyway.

If you're looking for debian packaging for the 1.4 branch of GnuPG,
please use the following git remote:

    https://anonscm.debian.org/git/pkg-gnupg/gnupg1.git



Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>

Joe Hansen authored May 28, 2015 and Daniel Kahn Gillmor committed Aug 02, 2017

Originally reported at:
http://lists.gnupg.org/pipermail/gnupg-i18n/2014-November/000308.html



Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>

Frans Spiesschaert authored Aug 02, 2017 and Daniel Kahn Gillmor committed Aug 02, 2017

Debian-Bug-Id: 845695
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>

Manuel Venturi Porras Peralta authored Aug 01, 2017 and Daniel Kahn Gillmor committed Aug 01, 2017

Debian-Bug-Id: 814541
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>

--

Signed-off-by: Werner Koch <wk@gnupg.org>

--

Signed-off-by: Werner Koch <wk@gnupg.org>

--

* g10/textfilter.c (copy_clearsig_text): Free the buffer.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>

(backport from master commit:
6b9a89e4c7d6f19de62e0a908a8d80c98bf99819)

* cipher/rsa.c (secret): Don't keep secmem.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>

* cipher/Makefile.am (AM_CPPFLAGS): Add mpi dirs.
* cipher/rsa.c: Change include file.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>

Marcus Brinkmann authored Jul 07, 2017 and NIIBE Yutaka committed Jul 07, 2017

* cipher/rsa.c (secret_core_crt): Blind secret D with randomized
nonce R for mpi_powm computation.

--

Backport of libgcrypt 8725c99ffa41778f382ca97233183bcd687bb0ce.

Signed-off-by: Marcus Brinkmann <mb@g10code.com>

* mpi/mpi-pow.c (mpi_powm): Fix allocation size.

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>

* mpi/mpi-pow.c (_gcry_mpi_powm): Compare msize for max_u_size.  Move
the assignment to base_u into the loop.  Copy content refered by RP to
BASE_U except the last of the loop.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>

(backport commit of libgcrypt master:
78130828e9a140a9de4dafadbc844dbb64cb709a)

* mpi/mpi-pow.c (_gcry_mpi_powm): Simplify the loop.

--

(backport of libgcrypt master commit:
 719468e53133d3bdf12156c5bfdea2bf15f9f6f1)

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>

* mpi/longlong.h [__arm__] (add_ssaaaa, sub_ddmmss): Add __CLOBBER_CC.
[__arm__][__ARM_ARCH <= 3] (umul_ppmm): Add __AND_CLOBBER_CC.

--
This is a backport of libgcrypt 8aa4f2161 and 3b1cc9e6c.

Signed-off-by: Marcus Brinkmann <mb@g10code.com>
GnuPG-bug-id: 3182

Signed-off-by: Marcus Brinkmann <mb@g10code.com>
GnuPG-bug-id: 3243

Ineiev authored Apr 14, 2016 and NIIBE Yutaka committed May 10, 2017

* g10/keygen.c (proc_parameter_file): Fix secmem leak.

--

proc_parameter_file adds certain parameters to the list in the PARA
argument; however, these new entries are leaked because they
are added to head, while the PARA list is released by the caller
of proc_parameter_file.

GnuPG-bug-id: 1371
Signed-off-by: Ineiev <ineiev@gnu.org>

* g10/build-packet.c (do_user_id): Avoid indeterminate length header.
--

We are able to import such user ids but when exporting them the
exported data could not be imported again because the parser bails out
on invalid keyrings.  This is now fixed and should be backported.

Note that in 1.4 and 2.0 this is only an issue for attribute packets.
In 2.1 user IDs were also affected.a

Signed-off-by: Werner Koch <wk@gnupg.org>

--
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>

* tools/gpg-zip.in: Correctly set GPG when --gpg is specified.
Correctly set TAR when --tar is specified.  Pass TAR_ARGS to tar.

(cherry-picked by dkg from master branch's
84ebf15b06e435453b2f58775f97a3a1c61a7e55)

--
Signed-off-by: Neal H. Walfield <neal@g10code.com>
Co-authored-by: Michael Mönch <michael.moench@marktjagd.de>
GnuPG-bug-id 1351
GnuPG-bug-id 1442

--

Minor change: Re-insert the old copyright year 2004. - wk

--

* g10/gpg.c (opts): Add dummy option.

Signed-off-by: Werner Koch <wk@gnupg.org>

--

* Makefile.am (distcheck-hook): New.

Signed-off-by: Werner Koch <wk@gnupg.org>