Bug 2381

Summary: gnupg was updated to 1.4.14
Product: [ROSA-based products] ROSA Fresh Reporter: Alexander Burmashev <alex.burmashev>
Component: Packages from MainAssignee: ROSA Linux Bugs <bugs>
Status: RESOLVED FIXED QA Contact: ROSA Linux Bugs <bugs>
Severity: normal    
Priority: Normal CC: dmitry.postnikov, v.potapov
Version: FreshFlags: v.potapov: qa_verified+
alex.burmashev: published+
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Platform: --- ROSA Vulnerability identifier:
RPM Package: gnupg ISO-related:
Bad POT generating: Upstream:
Bug Depends on:    
Bug Blocks: 2405    

Description Alexander Burmashev 2013-07-26 15:03:18 MSK 
gnupg was updated to 1.4.14
Comment 1 Alexander Burmashev 2013-07-26 15:05:56 MSK 
Advisory:
gnupg was updated to 1.4.14 version.
Changelog
1.4.14
    * Mitigate the Yarom/Falkner flush+reload side-channel attack on
      RSA secret keys.  See <http://eprint.iacr.org/2013/448>.

    * Fixed IDEA for big-endian CPUs

    * Improved the diagnostics for failed keyserver lockups.

    * Minor bug and portability fixes.
1.4.13
    * Add support for the old cipher algorithm IDEA.

    * Minor bug fixes.

    * Small changes to better cope with future OpenPGP and GnuPG
      features.
1.4.12

    * GPG now accepts a space separated fingerprint as a user ID.
      This allows to copy and paste the fingerprint from the key
      listing.

    * Removed support for the original HKP keyserver which is not
      anymore used by any site.

    * Rebuild the trustdb after changing the option --min-cert-level.

    * Improved JPEG detection.

    * Included more VMS patches

    * Made it easier to create an installer for Windows.

    * Supports the 32 bit variant of the mingw-w64 toolchain.

    * Made file locking more portable.

    * Minor bug fixes.

    * Ukrainian translation.

Buildlists:
https://abf.rosalinux.ru/build_lists/1192499
https://abf.rosalinux.ru/build_lists/1192500
Comment 2 Vladimir Potapov 2013-07-29 18:52:04 MSK 
The package route to extended testing
Comment 3 Postnikov Dmitry 2013-07-31 17:59:53 MSK 
************************
Extended testing report
************************
ested different types of encryption, decryption, etc. No regressions is not revealed. Even a little faster happened encryption. Tested on 4 systems: Gnome32, Gnome64, KDE32, KDE64.
Comment 4 Vladimir Potapov 2013-07-31 18:55:31 MSK 
gnupg-1.4.14-1-rosa2012.1
********************** Advisory ****************
gnupg was updated to 1.4.14 version
*********************Changelog *****************
Changelog
1.4.14
    * Mitigate the Yarom/Falkner flush+reload side-channel attack on
      RSA secret keys.  See <http://eprint.iacr.org/2013/448>.
    * Fixed IDEA for big-endian CPUs
    * Improved the diagnostics for failed keyserver lockups.
    * Minor bug and portability fixes.
1.4.13
    * Add support for the old cipher algorithm IDEA.
    * Minor bug fixes.
    * Small changes to better cope with future OpenPGP and GnuPG
      features.
1.4.12

    * GPG now accepts a space separated fingerprint as a user ID.
      This allows to copy and paste the fingerprint from the key
      listing.
    * Removed support for the original HKP keyserver which is not
      anymore used by any site.
    * Rebuild the trustdb after changing the option --min-cert-level.
    * Improved JPEG detection.
    * Included more VMS patches
    * Made it easier to create an installer for Windows.
    * Supports the 32 bit variant of the mingw-w64 toolchain.
    * Made file locking more portable.
    * Minor bug fixes.
    * Ukrainian translation.
***************************************************************
QA Verified