gnupg (1.4.18-7ubuntu1) vivid; urgency=medium

  * Resynchronise with Debian.  Remaining changes:
    - Disable mlock() test since it fails with ulimit 0 (on buildds).
    - Set gpg (or gpg2) and gpgsm to use a passphrase agent by default.
    - Only suggest gnupg-curl and libldap; recommendations are pulled into
      minimal, and we don't need the keyserver utilities in a minimal Ubuntu
      system.
    - Remove the Win32 build.
    - Build using dh-autoreconf.
    - Disable inline assembler for ppc64el.
    - Enable SHA-512 support in gpgv-udeb.

 -- Colin Watson <cjwatson@ubuntu.com>  Sun, 08 Mar 2015 09:26:02 +0000

gnupg (1.4.18-7) unstable; urgency=medium

  * import a series of DoS and vulnerabilities from upstream, including
    CVE-2014-3591

 -- Daniel Kahn Gillmor <dkg@fifthhorseman.net>  Mon, 02 Mar 2015 19:29:26 +0100

gnupg (1.4.18-6ubuntu1) vivid; urgency=medium

  * Resynchronise with Debian (LP: #1371766).  Remaining changes:
    - Disable mlock() test since it fails with ulimit 0 (on buildds).
    - Set gpg (or gpg2) and gpgsm to use a passphrase agent by default.
    - Only suggest gnupg-curl and libldap; recommendations are pulled into
      minimal, and we don't need the keyserver utilities in a minimal Ubuntu
      system.
    - Remove the Win32 build.
    - Build using dh-autoreconf.
    - Disable inline assembler for ppc64el.
    - Enable SHA-512 support in gpgv-udeb.

 -- Colin Watson <cjwatson@ubuntu.com>  Tue, 20 Jan 2015 17:20:15 +0000

gnupg (1.4.18-6) unstable; urgency=medium

  * revert to debhelper 7
  * simplify upstream doc synchronization.

 -- Daniel Kahn Gillmor <dkg@fifthhorseman.net>  Thu, 04 Dec 2014 15:50:59 -0500

gnupg (1.4.18-5) unstable; urgency=medium

  [ Daniel Kahn Gillmor ]
  * move to debhelper 9
  * add build and runtime support for larger RSA keys (Closes: #739424)
  * fix runtime errors on bad input (Closes: #771987)
  * deprecate insecure one-argument variant for gpg --verify of detached
    signatures (Closes: #771992)
  * sync documentation with upstream.
  * Standards-Version: bump to 3.9.6 (no changes needed).

  [ David Prévot ]
  * Update POT and PO files, and ensure the translations get rebuild
  * Update French translation (Closes: #769571)
  * Update Danish Translation, thanks to Joe Hansen
  * Update Ukrainian translation, thanks to Yuri Chornoivan
  * Update Russian translation, thanks to Ineiev
  * Update Chinese (traditional) translation, thanks to Jedi Lin
  * Update Italian translation, thanks to Milo Casagrande
  * Update Polish translation, thanks to Jakub Bogusz
  * Update Spanish translation, thanks to Manuel "Venturi" Porras Peralta
    (Closes: #770726)
  * Update Dutch translation, thanks to Frans Spiesschaert (Closes: #770816)
  * Update Czech translation, thanks to Roman Pavlik

 -- Daniel Kahn Gillmor <dkg@fifthhorseman.net>  Thu, 04 Dec 2014 01:11:22 -0500

gnupg (1.4.18-4ubuntu2) vivid; urgency=medium

  * Enable SHA-512 support in gpgv-udeb, since Ubuntu's Release.gpg is
    signed using that digest algorithm (thanks, Nathan Rennie-Waldock;
    LP: #1403982).

 -- Colin Watson <cjwatson@ubuntu.com>  Wed, 14 Jan 2015 11:23:40 +0000

gnupg (1.4.18-4ubuntu1) vivid; urgency=medium

  * Resynchronise with Debian. Remaining changes:
    - Disable mlock() test since it fails with ulimit 0 (on buildds).
    - Set gpg (or gpg2) and gpgsm to use a passphrase agent by default.
    - Only suggest gnupg-curl and libldap; recommendations are pulled into
      minimal, and we don't need the keyserver utilities in a minimal Ubuntu
      system.
    - Remove the Win32 build.
    - Build using dh-autoreconf
    - Disable inline assembler for ppc64el.

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Thu, 30 Oct 2014 15:19:49 -0400

gnupg (1.4.18-4) unstable; urgency=medium

  * Remove Daniel Leidert from Uploaders at his request.
  * fix typo in gpg.info (closes: #760288)
  * Fix regression in keyserver filter (closes: #760392)
  * added myself to uploaders

 -- Daniel Kahn Gillmor <dkg@fifthhorseman.net>  Tue, 02 Sep 2014 09:51:13 -0400

gnupg (1.4.18-3) unstable; urgency=medium

  [ Eric Dorland ]
  * debian/gbp.conf: Add git-buildpackage config and use pristine-tar.
  * debian/control: Switch to git for VCS.
  * debian/control: Add Eric Dorland to Uploaders.
  * Run wrap-and-sort over the debian files.
  
  [ Daniel Kahn Gillmor ]
  * check signatures on upstream tarballs (closes: #711744).

  [ Thijs Kinkhorst ]
  * Document possible license of doc/OpenPGP (closes: #745408). 

 -- Eric Dorland <eric@debian.org>  Tue, 02 Sep 2014 00:04:20 -0400

gnupg (1.4.18-2) unstable; urgency=medium

  [ Cyril Brulebois ]
  * Fix gpgv-udeb by adding --enable-sha256, which is needed to validate
    Release files. (Closes: 753985).
  * Run the check target in the udeb build directory.

 -- Thijs Kinkhorst <thijs@debian.org>  Mon, 07 Jul 2014 19:55:02 +0200

gnupg (1.4.18-1) unstable; urgency=medium

  * New upstream release.
    - Drops obsolete Russian manpage (closes: #737033).
  * Add parcimonie to Suggests (closes: #752260).
  * Build udebs with --enable-minimal.

 -- Thijs Kinkhorst <thijs@debian.org>  Mon, 30 Jun 2014 21:55:10 +0200

gnupg (1.4.16-1.2ubuntu1) utopic; urgency=medium

  * Resynchronise with Debian. Remaining changes:
    - Disable mlock() test since it fails with ulimit 0 (on buildds).
    - Set gpg (or gpg2) and gpgsm to use a passphrase agent by default.
    - Only suggest gnupg-curl and libldap; recommendations are pulled into
      minimal, and we don't need the keyserver utilities in a minimal Ubuntu
      system.
    - Remove the Win32 build.
    - Build using dh-autoreconf
    - Disable inline assembler for ppc64el.

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Thu, 26 Jun 2014 14:41:40 -0400

gnupg (1.4.16-1.2) unstable; urgency=high

  * Non-maintainer upload with maintainers approval.
  * CVE-2014-4617: Avoid DoS due to garbled compressed data packets.
    Apply upstream commit to stop a possible DoS using garbled compressed
    data packets which can be used to put gpg into an infinite loop.
    (Closes: #752497)

 -- Salvatore Bonaccorso <carnil@debian.org>  Tue, 24 Jun 2014 17:02:35 +0200

gnupg (1.4.16-1.1) unstable; urgency=low

  * Non-Maintainer Upload.
  * Initialize trustdb before clearing it (Closes: #735363)

 -- Daniel Kahn Gillmor <dkg@fifthhorseman.net>  Mon, 20 Jan 2014 22:16:55 -0500

gnupg (1.4.16-1ubuntu2) trusty; urgency=medium

  * Add patch init_trustdb.patch (Closes: #737128)

 -- Brian Murray <brian@ubuntu.com>  Thu, 06 Mar 2014 07:53:11 -0800

gnupg (1.4.16-1ubuntu1) trusty; urgency=medium

  * Resynchronise with Debian. Remaining changes:
    - Disable mlock() test since it fails with ulimit 0 (on buildds).
    - Set gpg (or gpg2) and gpgsm to use a passphrase agent by default.
    - Only suggest gnupg-curl and libldap; recommendations are pulled into
      minimal, and we don't need the keyserver utilities in a minimal Ubuntu
      system.
    - Remove the Win32 build.
    - Build using dh-autoreconf
    - Disable inline assembler for ppc64el.

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Tue, 28 Jan 2014 13:05:47 -0500

gnupg (1.4.16-1) unstable; urgency=medium

  * New upstream release.
    - Obsoletes patches CVE-2013-4576 and revert_trustdb_changes.
    - Fixes build failure on mips64 (closes: #719053).
  * Update debian/copyright: copyright no longer assigned to FSF.
  * Add udev rule for SCM331-LC1 / SCR3310 (LP: #1076987).

 -- Thijs Kinkhorst <thijs@debian.org>  Tue, 07 Jan 2014 09:40:14 +0100

gnupg (1.4.15-3) unstable; urgency=high

  * Actually apply patch for CVE-2013-4576 (closes: #732705).
    Thanks Marc Deslauriers for reporting.

 -- Thijs Kinkhorst <thijs@debian.org>  Fri, 20 Dec 2013 15:41:30 +0100

gnupg (1.4.15-2ubuntu1) trusty; urgency=low

  * Resynchronise with Debian.  Remaining changes:
    - Disable mlock() test since it fails with ulimit 0 (on buildds).
    - Set gpg (or gpg2) and gpgsm to use a passphrase agent by default.
    - Only suggest gnupg-curl and libldap; recommendations are pulled into
      minimal, and we don't need the keyserver utilities in a minimal Ubuntu
      system.
    - Remove the Win32 build.
    - Build using dh-autoreconf
    - Disable inline assembler for ppc64el.
  * Moved CVE-2013-4576 patch to the right directory, and added to series
    file so it actually gets applied.

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Fri, 20 Dec 2013 08:17:09 -0500

gnupg (1.4.15-2) unstable; urgency=high

  * Fixed the RSA Key Extraction via Low-Bandwidth Acoustic
    Cryptanalysis attack as described by Genkin, Shamir, and Tromer.
    See <http://www.cs.tau.ac.il/~tromer/acoustic/>. [CVE-2013-4576]
  * Add two Gemalto card readers to udev rules (closes: #730872),
    thanks Yves-Alexis Perez.
  * Checked for policy 3.9.5, no changes.

 -- Thijs Kinkhorst <thijs@debian.org>  Thu, 12 Dec 2013 20:34:27 +0100

gnupg (1.4.15-1.1ubuntu2) trusty; urgency=medium

  * Build using dh-autoreconf
  * Disable inline assembler for ppc64el.

 -- Matthias Klose <doko@ubuntu.com>  Sun, 15 Dec 2013 10:39:38 +0100

gnupg (1.4.15-1.1ubuntu1) trusty; urgency=low

  * Resynchronise with Debian.  Remaining changes:
    - Disable mlock() test since it fails with ulimit 0 (on buildds).
    - Set gpg (or gpg2) and gpgsm to use a passphrase agent by default.
    - Only suggest gnupg-curl and libldap; recommendations are pulled into
      minimal, and we don't need the keyserver utilities in a minimal Ubuntu
      system.
    - Remove the Win32 build.
  * Dropped upstreamed patches:
    - debian/patches/CVE-2013-4351.patch
    - debian/patches/CVE-2013-4402.patch

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Wed, 30 Oct 2013 15:30:58 -0700

gnupg (1.4.15-1.1) unstable; urgency=high

  * Non-maintainer upload, by request of Thijs Kinkhorst.
  * Add patch revert_trustdb_changes:
   - Revert upstream GIT a1a59e6a539e597996976d0afb6aa3062e954188
     which breaks popularity-contest (closes: #725889).

 -- Bill Allombert <ballombe@debian.org>  Wed, 16 Oct 2013 13:02:26 +0200

gnupg (1.4.15-1) unstable; urgency=high

  * New upstream release (closes: #725718).
    - Fixed possible denial of service in the compressed packet
      parser (CVE-2013-4402, closes: #725439).
    - Documents limitations of the verify command (closes: #704645).

 -- Thijs Kinkhorst <thijs@debian.org>  Mon, 07 Oct 2013 20:05:43 +0200

gnupg (1.4.14-1ubuntu2) saucy; urgency=low

  * SECURITY UPDATE: incorrect no-usage-permitted flag handling
    - debian/patches/CVE-2013-4351.patch: correctly handle empty key flags
      in g10/getkey.c, g10/keygen.c, include/cipher.h.
    - CVE-2013-4351
  * SECURITY UPDATE: denial of service via infinite recursion
    - debian/patches/CVE-2013-4402.patch: set limits on number of filters
      and nested packets in util/iobuf.c, g10/mainproc.c.
    - CVE-2013-4402

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Tue, 08 Oct 2013 07:40:27 -0400

gnupg (1.4.14-1ubuntu1) saucy; urgency=low

  * Resynchronise with Debian.  Remaining changes:
    - Disable mlock() test since it fails with ulimit 0 (on buildds).
    - Set gpg (or gpg2) and gpgsm to use a passphrase agent by default.
    - Only suggest gnupg-curl and libldap; recommendations are pulled into
      minimal, and we don't need the keyserver utilities in a minimal Ubuntu
      system.
    - Remove the Win32 build.

 -- Colin Watson <cjwatson@ubuntu.com>  Fri, 02 Aug 2013 11:27:51 +0100

gnupg (1.4.14-1) unstable; urgency=low

  * New upstream release (closes: #717845).
    - Adds IDEA support. Update package description.
    - Fixes security issue: side channel attack on RSA.
      (CVE-2013-4242, closes: #717880).
    - Fixes list-keys hanging at ctrl-C (closes: #399904).
  * Add more smartcard reader udev rules, thanks Niibe Yutaka
    (closes: #691392).
  * Checked for policy 3.9.4, no changes.

 -- Thijs Kinkhorst <thijs@debian.org>  Thu, 25 Jul 2013 21:50:32 +0200

gnupg (1.4.12-7ubuntu1) raring; urgency=low

  * Resynchronise with Debian.  Remaining changes:
    - Disable mlock() test since it fails with ulimit 0 (on buildds).
    - Set gpg (or gpg2) and gpgsm to use a passphrase agent by default.
    - Only suggest gnupg-curl and libldap; recommendations are pulled into
      minimal, and we don't need the keyserver utilities in a minimal Ubuntu
      system.
    - Remove the Win32 build.
    - Update config.guess/config.sub for aarch64.

 -- Colin Watson <cjwatson@ubuntu.com>  Tue, 08 Jan 2013 10:47:07 +0000

gnupg (1.4.12-7) unstable; urgency=high

  * Apply upstream patch to fix memory and key database corruption
    when importing with invalid keys (CVE-2012-6085, closes: #697108).

 -- Thijs Kinkhorst <thijs@debian.org>  Wed, 02 Jan 2013 19:48:36 +0100

gnupg (1.4.12-6ubuntu1) raring; urgency=low

  * Resynchronise with Debian.  Remaining changes:
    - Disable mlock() test since it fails with ulimit 0 (on buildds).
    - Set gpg (or gpg2) and gpgsm to use a passphrase agent by default.
    - Only suggest gnupg-curl and libldap; recommendations are pulled into
      minimal, and we don't need the keyserver utilities in a minimal Ubuntu
      system.
    - Remove the Win32 build.
    - Update config.guess/config.sub for aarch64.
  * Dropped patches:
    - Fix udeb build failure on powerpc, building with -O2 instead of -Os.
      (No longer seems to be necessary.)
  * Simplify removal of Win32 build, to make this easier to merge in future.

 -- Colin Watson <cjwatson@ubuntu.com>  Tue, 04 Dec 2012 22:26:16 +0000

gnupg (1.4.12-6) unstable; urgency=low

  * debian/patches/685627_french_translation_update.patch: Adjusted.
    - po/gnupg.pot: Trigger .gmo rebuild by date update (closes: #685627).

 -- Daniel Leidert <dleidert@debian.org>  Sun, 14 Oct 2012 12:11:18 +0200

gnupg (1.4.12-5) unstable; urgency=low

  [ Thijs Kinkhorst ]
  * Add lintian override for gnupg-curl non-conflict.

  [ Daniel Leidert ]
  * debian/README.BUGS.Debian: Added note about gpg not returning an error
    message if junk is given after --edit-key/--send-keys (closes: #630388).
  * patches/685627_french_translation_update.patch: Added.
    - po/fr.po: French translation proofread and updated (closes: #685627).

 -- Thijs Kinkhorst <thijs@debian.org>  Mon, 09 Apr 2012 18:44:33 +0200

gnupg (1.4.12-4) unstable; urgency=low

  * Move mingw64 to B-D-I, adjust make targets. This helps debian-ports
    architectures: mingw64 is not commonly available there.

 -- Thijs Kinkhorst <thijs@debian.org>  Mon, 05 Mar 2012 23:20:34 +0100

gnupg (1.4.12-3) unstable; urgency=low

  * Upload to unstable.
  * Correct path for gpgv-win32 to /usr/share/win32.
  * Updated to policy 3.9.3.
  * Convert to copyright-format 1.0.

 -- Thijs Kinkhorst <thijs@debian.org>  Fri, 24 Feb 2012 09:25:20 +0100

gnupg (1.4.12-2) experimental; urgency=low

  * Move mingw-w64 from build-depends-indep to build-depends,
    otherwise buildds won't install it (classic mistake).

 -- Thijs Kinkhorst <thijs@debian.org>  Wed, 22 Feb 2012 20:12:47 +0000

gnupg (1.4.12-1) experimental; urgency=low

  * New upstream release.
    - Documents keyid-format and with-colons combination (LP: #808295).
    - No longer requires readline for gpgv (closes: #592902).
    - Fixes man page format error for gpg-zip (closes: #606072).
    - Fixes gpg manual page (closes: #640140).
  * As we're now on 0 patches, and dpatch is supposedly obsoleted,
    take the chance to switch to dpkg-source 3.0 (quilt) format.
  * Several packaging tweaks to keep Lintian happy.
  * Mark packages Multi-Arch: foreign. thanks Colin Watson (closes: #649490).
  * Fix path to README.BUGS.Debian.gz in presubj (closes: #614962).
  * Add Crypto Stick to udev rules (closes: #648332).
  * Build win32 package with mingw-w64, thanks Stephen Kitt (closes: #623526).
  * Enable hardened build flags, thanks Moritz Muehlenhoff (closes: #653480).

 -- Thijs Kinkhorst <thijs@debian.org>  Mon, 20 Feb 2012 21:53:58 +0100

gnupg (1.4.11-3ubuntu4) quantal; urgency=low

  * Update config.guess,sub for aarch64

 -- Wookey <wookey@wookware.org>  Mon, 01 Oct 2012 12:56:41 +0100

gnupg (1.4.11-3ubuntu3) quantal-proposed; urgency=low

  * debian/patches/long-keyids.dpatch: Use the longest key ID available
    when requesting a key from a key server.

 -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Tue, 24 Jul 2012 10:28:39 -0400

gnupg (1.4.11-3ubuntu2) precise; urgency=low

  * Mark gnupg, gnupg-curl, and gpgv Multi-Arch: foreign.

 -- Colin Watson <cjwatson@ubuntu.com>  Mon, 21 Nov 2011 13:42:07 +0000

gnupg (1.4.11-3ubuntu1) natty; urgency=low

  * Resynchronise with Debian (LP: #720905).  Remaining changes:
    - Disable mlock() test since it fails with ulimit 0 (on buildds).
    - Set gpg (or gpg2) and gpgsm to use a passphrase agent by default.
    - Fix udeb build failure on powerpc, building with -O2 instead of -Os.
    - Only suggest gnupg-curl and libldap; recommendations are pulled into
      minimal, and we don't need the keyserver utilities in a minimal Ubuntu
      system.
  * debian/{control,rules}: Remove the Win32 build (and mingw32
    build-dependency), since mingw32 is in universe, and will remain so for
    the forseeable future.

 -- Rico Tzschichholz <ricotz@ubuntu.com>  Tue, 22 Feb 2011 11:00:25 +0100

gnupg (1.4.11-3) unstable; urgency=low

  * Install gpg setuid root again on kFreeBSD. We dropped this
    bit earlier because it's not necessary anymore on Linux, but
    the kFreeBSD kernel still requires it for secure memory.
    Thanks Robert Millan for the patch. (Closes: 598471)
  * Add a gpgv-win32 package, to be used by win32-loader. Patch
    from Didier Raboud (Closes: #612462).

 -- Thijs Kinkhorst <thijs@debian.org>  Tue, 15 Feb 2011 19:49:51 +0100

gnupg (1.4.11-2) experimental; urgency=low

  * Update standards-version to 3.9.1, no changes needed.
  * Apply patch based on Werner Koch's work that (again)
    resolves a build failure on mips(el); issue addressed
    in 1.4.10-4 was only partly solved upstream.
  * Add README.Debian with smart card reader info, thanks
    Jonathan Nieder (Closes: #575763). 

 -- Thijs Kinkhorst <thijs@debian.org>  Sat, 13 Nov 2010 12:37:32 +0100

gnupg (1.4.11-1) experimental; urgency=low

  * New upstream release (Closes: #600587).
    + Obsoletes all previously existing Debian patches:
      567580_menu_prompt_reflects_program.dpatch
      560692_fix_fatal_after_homedir_creation.dpatch
      489225_catch_expired_primary_key_with_valid_subkey.dpatch
      fix_infinite_loop_r5264.dpatch
      567593_improve_info_and_faq.dpatch
      551709_fix_info_link_entry.dpatch
      560995_fix_ftbfs_on_sparc64.dpatch
      mips_gcc4.4.dpatch
      553175_document_primary_uid_sign.dpatch
    + No longer ships outdated faq.html.

  * Update references to RFC 2440 into RFC 4880. Thanks
    Christoph Anton Mitterer (Closes: #592294).

 -- Thijs Kinkhorst <thijs@debian.org>  Tue, 26 Oct 2010 20:14:12 +0200

gnupg (1.4.10-4ubuntu2) natty; urgency=low

  * No-change rebuild to drop upstream changelog.

 -- Martin Pitt <martin.pitt@ubuntu.com>  Fri, 03 Dec 2010 08:31:25 +0100

gnupg (1.4.10-4ubuntu1) natty; urgency=low

  * Resynchronise with Debian.  Remaining changes:
    - Disable mlock() test since it fails with ulimit 0 (on buildds).
    - Set gpg (or gpg2) and gpgsm to use a passphrase agent by default.
    - Fix udeb build failure on powerpc, building with -O2 instead of -Os.
    - Only suggest gnupg-curl and libldap; recommendations are pulled into
      minimal, and we don't need the keyserver utilities in a minimal Ubuntu
      system.

 -- Colin Watson <cjwatson@ubuntu.com>  Wed, 13 Oct 2010 11:48:06 +0100

gnupg (1.4.10-4) unstable; urgency=high

  * debian/patches/mips_gcc4.4: added to fix build failure on
    mips(el) due to the removal of the 'h' constraint for MIPS
    in gcc-4.4.x versions. Urgency high for fixing ftbfs.
    Thanks Florian Fainelli for the patch.

 -- Thijs Kinkhorst <thijs@debian.org>  Tue, 25 May 2010 20:54:22 +0200

gnupg (1.4.10-3) unstable; urgency=low

  [ Daniel Leidert (dale) ]
  * debian/control (Description): Added note about gnupg2 (closes: #566081).
  * debian/patches/489225_catch_expired_primary_key_with_valid_subkey.dpatch:
    Added.
    - g10/sig-check.c (do_check_messages): Evaluate the HAS_EXPIRED flag to
      fix missing status line signature verification done with a subkey while
      on the main key has expired (closes: #489225).
  * debian/patches/551709_fix_info_link_entry.dpatch: Added.
    - doc/gnupg1.texi, gnupg1.info: Fix direntry (closes: #551709).
  * debian/patches/553175_document_primary_uid_sign.dpatch: Added.
    - doc/gpg.texi: Document the primary user id sign in --edit-key mode
      (closes: #553175).
  * debian/patches/560692_fix_fatal_after_homedir_creation.dpatch: Added.
    - g10/tdbio.c (tdbio_set_dbname): Fix a mistaken fatal error after homedir
      creation (closes: #560692).
  * debian/patches/560995_fix_ftbfs_on_sparc64.dpatch: Added.
    - mpi/config.links: Fix FTBFS on sparc64, where it tries to use SPARC32
      assembly code (closes: #560995).
  * debian/patches/567580_menu_prompt_reflects_program.dpatch: Added.
    - Use a less ambiguous command prompt (closes: #567580).
  * debian/patches/567593_improve_info_and_faq.dpatch: Added.
    - Improve the info/manual pages, fix grammar and add/fix the bug-reporting
      address (closes: #567593).
  * debian/patches/fix_infinite_loop_r5264.dpatch: Added.
    - Avoid infinite loop in case of invalid data.
  * debian/patches/00list: Adjusted.

  [ Thijs Kinkhorst ]
  * Checked for policy 3.8.4, no changes.

 -- Thijs Kinkhorst <thijs@debian.org>  Mon, 22 Mar 2010 20:12:42 +0100

gnupg (1.4.10-2ubuntu2) maverick; urgency=low

  * Only suggest gnupg-curl and libldap; recommendations are pulled into
    minimal, and we don't need the keyserver utilities in a minimal Ubuntu
    system.

 -- Colin Watson <cjwatson@ubuntu.com>  Mon, 14 Jun 2010 14:40:00 +0100

gnupg (1.4.10-2ubuntu1) lucid; urgency=low

  * Merge from Debian testing (lp: #503064, #477818). Remaining changes:
    - Add 'debian/patches/50_disable_mlock_test.dpatch': Disable mlock() test
      since it fails with ulimit 0 (on buildds).
    - Add 'debian/patches/61_use_agent_default.dpatch': Patch to set gpg
      (or gpg2) and gpgsm to use a passphrase agent by default (lp: 15485)
    - Fix udeb build failure on powerpc, building with -O2 instead of -Os.

 -- Michael Bienia <geser@ubuntu.com>  Mon, 04 Jan 2010 20:06:01 +0100

gnupg (1.4.10-2) unstable; urgency=low

  [ Thijs Kinkhorst ]
  * Correct build issue when backporting to lenny, thanks Andreas Metzler
    (closes: #545268).

  [ Daniel Leidert ]
  * debian/control: Added gnupg-curl package which ships the keyserver helper
    tools built with libcurl. gnupg recommends this package.
    (Build-Depends): Changed to generic libreadline-dev (see pkg-gnupg-maint
    list 09/2009).
    (Description): Adjusted for gnupg vs. gnupg-curl.
  * debian/gnupg.doc-base.faq: Added to register the GnuPG FAQ with doc-base.
  * debian/gnupg-curl.preinst,
    debian/gnupg-curl.postrm: Added to add/remove the diversions for
    gpgkeys_curl and gpgkeys_hkp.
  * debian/rules: Added targets to build the gnupg binary and helper tools
    explicitly with libcurl. Move the gpgkeys_curl and gpgkeys_hkp keyserver
    tools built with libcurl into the gnupg-curl package.
    (build-deb/config.status): Build the gnupg binary with the "curl shim"
    variant and without libcurl, so we don't depend on packages with priority
    lower important (closes: #545275).
    (install): Delete /usr/share/info/dir.gz (closes: #546552).
    (binary-arch): Add missing relevant ChangeLog files.

 -- Thijs Kinkhorst <thijs@debian.org>  Fri, 25 Sep 2009 10:34:50 +0200

gnupg (1.4.10-1) unstable; urgency=low

  [ Daniel Leidert (dale) ]
  * New upstream release GnuPG 1.4.10.
    - Better cope with unicode characters in any output (closes: #540340).
    - Output a warning when trying to revoke a signature from a key,
      that is not signed by any of your keys (closes: #543530).

  For more information please read /usr/share/doc/gnupg/changelog.gz.

  * debian/control (Standards-Version): Bumped to 3.8.3.
  * debian/gnupg.bug-presubj: Added note about debian/README.BUGS.Debian.
  * debian/gnupg.docs: Added debian/README.BUGS.Debian.
  * debian/gnupg.udev: Added udev rules to support several SCM smartcard
    readers. Thanks to Michael Bienia (closes: #543216).
  * debian/rules (binary-arch): Install udev rules and bug control files.
  * debian/README.BUGS.Debian: Added. Collect information about limitations
    which have been reported to the BTS and might be in the future too. This
    will replace the open bug reports, so the bug count decreases and
    readability increases (closes: #44910, #89094, #282061, #359758, #427857,
    #472642, #485458).
  * debian/patches/24_gpgv_manpage_cleanup.dpatch: Dropped (applied upstream).
  * debian/patches/25_fr.po_fixes.dpatch: Ditto.
  * debian/patches/25_it.po_fixes.dpatch: Ditto.

  [ Thijs Kinkhorst ]
  * Add misc:depends substvar to facilitate install-info transition.

 -- Thijs Kinkhorst <thijs@debian.org>  Sat, 05 Sep 2009 15:43:18 +0200

gnupg (1.4.10~rc1-1) experimental; urgency=low

  * First release candidate of GnuPG 1.4.10.
    - Improved lockfile handling (closes: #58260).
    - Fixes error using the --local-user switch together with the same options
      string (closes: #130363).
    - Fixes memory leak importing (large) keyrings (closes: #172115, #345911).
    - Send HTTP requests with "Pragma: no-cache" (closes: #177716).
    - Reference to unimplemented --fix-trustdb switch has been replaced by
      short howto for recovery (closes: #196860).
    - Resets terminal after SIGINT (LP: #294115; closes: #321871).
    - Fixes error using the --fingerprint switch together with the
      with-fingerprint options string (closes: #382794).
    - Removing some strange old special case code in gpg fixes an error thrown
      for a special signature (closes: #402600). This needs well testing ...
      see https://bugs.g10code.com/gnupg/issue931.
    - Fixes misleading error messages (closes: #205596, #494040).
    - Fixes building with libcurl (closes: #502558).
    - Fixes a parsing loop specific to amd64 systems (closes: #503853).
    - Fixes the non-zero exit status after smartcard insert prompt (closes:
      #513464).
    - Fixes/improves documentation (LP: #389694; closes: #496921, #527351).
    - Fixes several issues in the German (closes: #536827), the Dutch
      (LP: #397395) and the French (closes: #525404) translation.
    - Added IDN (Internationalized Domain Names) support (closes: #537122).
    
    For more information please read /usr/share/doc/gnupg/changelog.gz.

  [ Thijs Kinkhorst ]
  * Re-enable build-time tests, accidentally disabled due to false
    logic in debian/rules. Thanks Neil Williams, closes: #521884.
  * Checked for policy 3.8.2 and updated to debhelper 7.
  * Install NEWS as upstream changelog.

  [ Daniel Leidert ]
  * debian/control (Build-Depends): Added libcurl4-gnutls-dev (LP: #62864).
  * debian/rules (CONFARGS): Add --enable-noexecstack to build gnupg without
    executable stack on i386 (LP: #49323; closes: #527630).
    (binary-arch): Register .info documentation (closes: #527570).
  * debian/patches/24_gpgv_manpage_cleanup.dpatch: Party dropped (applied
    upstream).
  * debian/patches/25_de.po_fixes.dpatch: Dropped (applied upstream).
  * debian/patches/99_yat2m_fix_samp_handling.dpatch: Ditto.
  * debian/patches/00list: Adjusted.

 -- Thijs Kinkhorst <thijs@debian.org>  Sat, 15 Aug 2009 18:43:03 +0200

gnupg (1.4.9-4ubuntu7) karmic; urgency=low

  * Fix udeb build failure on powerpc, building with -O2 instead of -Os.

 -- Matthias Klose <doko@ubuntu.com>  Sun, 27 Sep 2009 13:49:46 +0200

gnupg (1.4.9-4ubuntu6) karmic; urgency=low

  * Build-depend on libreadline-dev instead of libreadline5-dev.

 -- Matthias Klose <doko@ubuntu.com>  Sat, 19 Sep 2009 22:52:53 +0200

gnupg (1.4.9-4ubuntu5) karmic; urgency=low

  * debian/gnupg.udev:
    Add udev rules to set ACLs on SCM smartcard readers. They replace the hal
    rules for the same purpose. (LP: #57755)
  * debian/rules:
    Call dh_installudev.

 -- Michael Bienia <geser@ubuntu.com>  Fri, 03 Jul 2009 15:38:40 +0200

gnupg (1.4.9-4ubuntu4) karmic; urgency=low

  * Undo the last change. A GnuPG bug with handling multiple keyservers
    makes this break

 -- Mackenzie Morgan <maco.m@ubuntu.com>  Sat, 20 Jun 2009 18:04:47 -0400

gnupg (1.4.9-4ubuntu3) karmic; urgency=low

  * deian/patches/100_ubuntu_default_keyserver.dpatch: (LP: #380093)
    - Add keyserver.ubuntu.com as a default keyserver in g10/options.skel

 -- Mackenzie Morgan <maco.m@ubuntu.com>  Mon, 25 May 2009 13:10:51 -0400

gnupg (1.4.9-4ubuntu2) karmic; urgency=low

  * debian/rules: add --enable-noexecstack to configure to avoid needless
    executable stacks on i386 (LP: #49323, debian bug 527630).
  * debian/rules: fix "nocheck" logic to run tests (debian bug 521884).

 -- Kees Cook <kees@ubuntu.com>  Fri, 08 May 2009 09:12:18 -0700

gnupg (1.4.9-4ubuntu1) karmic; urgency=low

  * Merge from debian unstable, remaining changes:
    - Add 'debian/patches/50_disable_mlock_test.dpatch': Disable mlock() test
      since it fails with ulimit 0 (on buildds).
    - Add 'debian/patches/61_use_agent_default.dpatch': Patch to set gpg
      (or gpg2) and gpgsm to use a passphrase agent by default (lp: 15485)
    - Add libcurl4-gnutls-dev to Build-Depends to fix gpg running into a
      timeout updating the keyring (lp: 62864)
    - Add 'debian/patches/55_curl_typefix.dpatch': Fix a build error with recent
      curl and gcc 4.3 

 -- Nicolas Valcárcel Scerpella <nvalcarcel@canonical.com>  Tue, 05 May 2009 16:02:14 -0500

gnupg (1.4.9-4) unstable; urgency=low

  [ Daniel Leidert (dale) ]
  * debian/compat: Added to define debhelper compat level 5.
  * debian/control: (Build-Depends): Added debhelper v5.
  * debian/gnupg.dirs: Added for new debhelper-based debian/rules.
  * debian/gnupg.docs: Ditto.
  * debian/gnupg.links: Ditto.
  * debian/gnupg.manpages: Ditto.
  * debian/gnupg-udeb.install: Ditto.
  * debian/gpgv.files: Ditto.
  * debian/gpgv-udeb.install: Ditto.
  * debian/rules: Complete rewrite using debhelper (closes: #437050, #430459).
 
  [ Thijs Kinkhorst ]
  * We don't install setuid root anymore, and have not even built
    with capability support anyway in recent times. Drop libcap-dev
    build-dependency and associated patches. (Closes: #492622).
  * No longer install gpg-convert-from-106 in the path, but ship
    this script to convert from GnuPG 1.0.6 and earlier as an
    example.
  * Add --disable-asm build flag on ppc64 architecture (Closes: #343434).
  * Rephrase description on the subject of IDEA (Closes: #509853).

 -- Thijs Kinkhorst <thijs@debian.org>  Mon, 16 Feb 2009 18:35:15 +0100

gnupg (1.4.9-3ubuntu1) intrepid; urgency=low

  * Merge from debian unstable (lp: #225005), remaining changes:
    - Add 'debian/patches/50_disable_mlock_test.dpatch': Disable mlock() test
      since it fails with ulimit 0 (on buildds).
    - Add 'debian/patches/61_use_agent_default.dpatch': Patch to set gpg
      (or gpg2) and gpgsm to use a passphrase agent by default (lp: 15485)
    - Add libcurl4-gnutls-dev to Build-Depends to fix gpg running into a
      timeout updating the keyring (lp: 62864)
  * Dropped Ubuntu patches, applied upstream:
    - 50_show_primary_only.dpatch
    - 60_install_options_skel.dpatch
  * Add 'debian/patches/55_curl_typefix.dpatch': Fix a build error with recent
    curl and gcc 4.3 (lp: #247679). Patch taken from upstream:
    http://lists.gnupg.org/pipermail/gnupg-devel/2008-April/024344.html

 -- Michael Bienia <geser@ubuntu.com>  Mon, 21 Jul 2008 02:02:14 +0200

gnupg (1.4.9-3) unstable; urgency=low

  * Add Package-Type: udeb to μdebs.
  * Properly strip binaries shippped in μdebs.
  * Disable libusb-dev build-dep on the Hurd (closes: #491864).
  * Updated debian/copyright to GPLv3.
  * Checked for policy 3.8.0, added README.source.
  * Add self to uploaders.

 -- Thijs Kinkhorst <thijs@debian.org>  Thu, 24 Jul 2008 22:25:09 +0200

gnupg (1.4.9-2) unstable; urgency=low

  [ Sune Vuorela ]
  * Switch maintainer to maillist. This package is now officially team
    maintained.
  * Really enable patches added earlier. (Really Closes: #394037, #298699)
  * Add a seahorse conflicts as the seahorse maintainer likes.
  * Remove stamp files in clean.

  [ Thijs Kinkhorst ]
  * Add watch file (Closes: #450670).
  * Remove ancient (2002 and earlier) Conflicts, Replaces, Provides.

  [ Daniel Leidert ]
  * debian/control: Added Vcs fields.
    (Uploaders): Added myself.
  * debian/gpg-zip.1: Fixed header.

 -- Sune Vuorela <debian@pusling.com>  Sun, 08 Jun 2008 12:27:36 +0200

gnupg (1.4.9-1) unstable; urgency=low

  * New upstream release 1.4.9 (Closes: #452118). Based on Daniel Leiderts work
    - Removed shutdown code in util/http.c (Closes: #201589).
    - Limit bytes read for an unknown alogorithm (Closes: #402592).
    - Build changes to fully evaluate paths (Closes: #402958, #412508, #420613).
    - Decrypt multiple files and not just the first (Closes: #431828).
    - Fixes yat2m and gpg.texi to fix formatting in the man-page 
     (Closes: #445328).
    - Localizaton update for German locale (closes: #296128).
  * Remove patch 28_multiple_message.dpatch, implemented upstream
  * Remove ancient preinst script to support upgrades back in 1998
  * README.Debian is related to the ancient preinst script, so remove it as
    well.
  * debian/patches/99_yat2m_fix_samp_handling.dpatch: Added.
    - doc/yat2m.c: Backport two fixes from the upstream SVN regarding the
      correct handling of backslahes and fixing the samples output format
      avoiding man-db warnings.
  * Redo patches with dpatch-run instead of big patch blurb in the patches.
  * Updated and added some tranlations (patch 25*) 
    (French: Closes: #394037) (Italian: Closes: #298699)
  * Have gpg suggest libpcsclite1 (Closes: #297253) and a couple of image 
    viewers (Closes: #381419).
  * No need to clean up in builddir before removing builddir
  * if rm -rf fails, we should also fail
  * Handle DEB_BUILD_OPTIONS=nostrip in debian/rules (Closes: #437050)
  * add md5sums to package (Closes: 430459)
  * Don't depend, but recommend libldap, this is only needed in some
    cases. (Closes: 399167)
  * Add manpage to gpg-zip. Thanks to Colin Tuckley and Daniel Leidert
  * Bump standards.
  * Add Homepage field to debian/control
  * Run test suites.

 -- Sune Vuorela <debian@pusling.com>  Sun, 01 Jun 2008 21:21:10 +0200

gnupg (1.4.6-3) unstable; urgency=low

  * Adopt package. Thanks to James Troup for his work in the far past.
    Thanks to NMU'ers Bastian and Thijs. (Closes: #476418)
  * Co-maintainers wanted.
  * Don't build-dep on pcap on non-linux-archs. (Closes: #357267)

 -- Sune Vuorela <debian@pusling.com>  Sat, 17 May 2008 15:42:55 +0200

gnupg (1.4.6-2.2) unstable; urgency=low

  * Non-maintainer upload.
  * Do not install gpg setuid root, this is not necessary anymore since
    Linux kernel 2.6.9. (Closes: #356550, #346597, #453122)
  * Update priority to match override (Closes: #340846).

 -- Thijs Kinkhorst <thijs@debian.org>  Sat, 03 May 2008 16:20:56 +0200

gnupg (1.4.6-2.1) unstable; urgency=low

  * Non-maintainer upload.
  * Remove makedev dependency. (closes: #343988)

 -- Bastian Blank <waldi@debian.org>  Sat, 23 Feb 2008 19:59:18 +0100

gnupg (1.4.6-2ubuntu5) hardy; urgency=low

  * No-change rebuild against libldap-2.4-2.

 -- Steve Langasek <steve.langasek@ubuntu.com>  Wed, 23 Jan 2008 10:49:38 +0000

gnupg (1.4.6-2ubuntu4) gutsy; urgency=low

  * debian/patches/70_trust_error.dpatch: Removed as it broke setting the
    trust level to 1 (LP: #147343).

 -- Michael Bienia <geser@ubuntu.com>  Mon, 01 Oct 2007 21:52:52 +0200

gnupg (1.4.6-2ubuntu3) gutsy; urgency=low

  [ Scott Kitterman ]
  * Add 'debian/patches/60_install_options_skel.dpatch': Patch to
    install options file from upstream (LP: #76983)
  * Add 'debian/patches/61_use_agent_default.dpatch': Patch to set gpg
    (or gpg2) and gpgsm to use a passphrase agent by default (LP: #15485)
  * Add 'debian/patches/70_trust_error.dpatch': Patch to disallow illegal
    zero response for trust level changes (LP: #39459)

  [ Michael Bienia ]
  * Add libcurl4-gnutls-dev to Build-Depends to fix gpg running into a timeout
    updating the keyring (LP: #62864)

 -- Michael Bienia <geser@ubuntu.com>  Fri, 06 Jul 2007 20:56:05 +0200

gnupg (1.4.6-2ubuntu2) gutsy; urgency=low

  * Add 'debian/patches/50_show_primary_only.dpatch': add
    'show-primary-uid-only' to verify options, to suppress 'aka' output
    in key verifications, backported from 1.4.7 upstream.

 -- Kees Cook <kees@ubuntu.com>  Tue, 15 May 2007 12:09:41 -0700

gnupg (1.4.6-2ubuntu1) gutsy; urgency=low

  * Merge from debian unstable, remaining changes:
    - config.h.in: Disable mlock() test since it fails with ulimit 0 (on
      buildds).
    - debian/rules:
      + Do not install gpg as suid root, since that is not necessary with
        kernels 2.6.8+.
      + Make the build fail if the test suite fails.
    - debian/control: Maintainer field update.

 -- Kees Cook <kees@ubuntu.com>  Tue, 08 May 2007 02:21:26 -0700

gnupg (1.4.6-2) unstable; urgency=medium

  * 28_multiple_message.dpatch: new patch from upstream to fix problems
    handling verification of messages with multiple
    components. [CVE-2007-1263]

 -- James Troup <james@nocrew.org>  Wed,  7 Mar 2007 21:47:35 +0000

gnupg (1.4.6-1ubuntu2) feisty; urgency=low

  * SECURITY UPDATE: without --status-fd, forged inline sigs can appear valid.
  * debian/patches/50_stop_multiple_messages.dpatch: upstream patch.
  * References
    ftp://ftp.gnupg.org/gcrypt/gnupg/patches/gnupg-1.4.6-multiple-message.patch
    CVE-2007-1263

 -- Kees Cook <kees@ubuntu.com>  Wed,  7 Mar 2007 11:53:20 -0800

gnupg (1.4.6-1ubuntu1) feisty; urgency=low

  * Merge from debian unstable, remaining changes:
    - config.h.in: Disable mlock() test since it fails with ulimit 0 (on
      buildds).
    - debian/rules:
      + Do not install gpg as suid root, since that is not necessary with
        kernels 2.6.8+.
      + Make the build fail if the test suite fails.

 -- Kees Cook <kees@ubuntu.com>  Tue, 12 Dec 2006 15:56:56 -0800

gnupg (1.4.6-1) unstable; urgency=high

  * New upstream release.
   * Fixes remotely controllable function pointer [CVE-2006-6235]

  * 27_filename_overflow.dpatch: merged upstream, dropped.
  * 24_gpgv_manpage_cleanup.dpatch: updated and a couple of additional
    trivial fixes.

  * debian/rules (binary-arch): info copy of manuals moved to
    /usr/share/info - remove them there instead.  Manuals are now built
    from texi source, so install them from build tree, not top level.

  * debian/copyright: update to add OpenSSL exemption for keyserver helper
    tools.

 -- James Troup <james@nocrew.org>  Thu,  7 Dec 2006 02:54:51 +0000

gnupg (1.4.5-3ubuntu2) feisty; urgency=low

  * SECURITY UPDATE: unwound stack data use, leading to arbitrary code
    execution.
  * Add debian/patches/29_dxf_context_stack.dpatch: upstream patch, use heap
    for allocation instead.
  * References
    CVE-2006-6235

 -- Kees Cook <kees@ubuntu.com>  Wed,  6 Dec 2006 11:46:44 -0800

gnupg (1.4.5-3ubuntu1) feisty; urgency=low

  * Merge to Debian unstable. Remaining Ubuntu changes:
    - config.h.in: Disable mlock() test since it fails with ulimit 0 (on
      buildds).
    - debian/rules:
      + Do not install gpg as suid root, since that is not necessary with
        kernels 2.6.8+.
      + Make the build fail if the test suite fails.

 -- Martin Pitt <martin.pitt@ubuntu.com>  Tue, 28 Nov 2006 19:06:47 +0100

gnupg (1.4.5-3) unstable; urgency=high

  * 27_filename_overflow.dpatch: new patch from upstream to fix buffer
    overflow in ask_outfile_name(). [CVE-2006-6169]

 -- James Troup <james@nocrew.org>  Mon, 27 Nov 2006 21:23:37 +0000

gnupg (1.4.5-2ubuntu1) feisty; urgency=low

  * Merge to Debian unstable. Remaining Ubuntu changes:
    - config.h.in: Disable mlock() test since it fails with ulimit 0 (on
      buildds).
    - debian/rules:
      + Do not install gpg as suid root, since that is not necessary with
        kernels 2.6.8+.
      + Make the build fail if the test suite fails.

 -- Martin Pitt <martin.pitt@ubuntu.com>  Fri,  3 Nov 2006 09:18:26 +0100

gnupg (1.4.5-2) unstable; urgency=low

  * debian/control: add gpgv package.  Make gnupg package depend on it.
  * debian/rules (binary-arch): add support for building gpgv package.
    Adapt gnupg package creation accordingly.
  * debian/rules (clean): clean gpgv package temporary directory.

 -- James Troup <james@nocrew.org>  Thu, 26 Oct 2006 02:14:46 +0100

gnupg (1.4.5-1) unstable; urgency=low

  * New upstream release.
   * 23_getkey_utf8_userid.dpatch: superseded by different fix upstream,
     dropped.
   * 26_user_id_overflow.dpatch: merged upstream, dropped.
   * 25_de.po_fixes.dpatch: updated.

  * debian/copyright: update FSF address.
  * debian/changelog: convert to UTF-8.
  * debian/control (Standards-Version): bump to 3.7.2.1.

 -- James Troup <james@nocrew.org>  Tue,  1 Aug 2006 22:50:09 +0100

gnupg (1.4.3-2ubuntu3) edgy; urgency=low

  * SECURITY UPDATE: Local arbitrary code execution.
  * Add debian/patches/27_comment_control_overflow.dpatch:
    - Fix buffer overflows in parse_comment() and parse_gpg_control().
    - Patch extracted from stable 1.4.5 release.
    - Reproducer:
      perl -e 'print "\xfd\xff\xff\xff\xff\xfe"'| gpg --no-armor
    - Credit: Evgeny Legerov
    - CVE-2006-3746

 -- Martin Pitt <martin.pitt@ubuntu.com>  Thu,  3 Aug 2006 08:11:46 +0200

gnupg (1.4.3-2ubuntu2) edgy; urgency=low

  * Rebuild with current zlib1g-dev to fix udeb shlibdeps. Thanks to Evan
    Dandrea for noticing.

 -- Colin Watson <cjwatson@ubuntu.com>  Mon, 31 Jul 2006 11:21:55 +0100

gnupg (1.4.3-2ubuntu1) edgy; urgency=low

  * Sync with Debian:
    Remaining Ubuntu changes:
    + config.h.in: Disable mlock() test since it fails with ulimit 0 (on
      buildds).
    + debian/patches/20_no_tty_fix.dpatch:
      - dropped, upstream now
    + debian/rules:
      - don't use the included gettext
      - Don't install gpg as suid root, since that is not necessary with
        kernels 2.6.8+
      - Make the build fail if the test suite fails

 -- Sebastian Dröge <slomo@ubuntu.com>  Wed, 28 Jun 2006 21:11:14 +0200

gnupg (1.4.3-2) unstable; urgency=low

  * 26_user_id_overflow.dpatch: new patch pulled from upstream SVN to fix
    a crash when processing overly large User ID packets [CVE-2006-3082].
    Thanks to Alec Berryman <alec@thened.net>. Closes: #375052

 -- James Troup <james@nocrew.org>  Fri, 23 Jun 2006 11:22:31 +0100

gnupg (1.4.3-1) unstable; urgency=low

  * New upstream release.
   * 22_zero_length_mpi_fix.dpatch: merged upstream, dropped.
   * debian/rules (test): s/g10.c/gpg.c/.
   * 16_min_privileges.dpatch: likewise.

  * debian/control, debian/rules: apply patch from Max Vozeler
    <xam@debian.org> to build gnupg-udeb.  Closes: #321948
  
  * Based on discussion with and testing by Martin Pitt
    <martin.pitt@ubuntu.com>:
   * debian/rules (build-deb-stamp): don't pass --with-included-gettext to
     configure.
   * debian/rules (build-udeb-stamp): likewise.
   * debian/rules (binary-arch): don't need to remove
     usr/share/locale/locale.alias anymore as a result.

  * debian/rules (build-deb-stamp): pass --enable-mailto to configure.
    Closes: #301308
  * debian/rules (build-udeb-stamp): likewise.

  * debian/control (Build-Depends): drop mail-transport-agent and...
  * debian/rules (build-deb-stamp): pass
    --with-mailprog=/usr/sbin/sendmail to configure instead.
  * debian/rules (build-udeb-stamp): likewise.  Closes: #333218

  * debian/rules: put common configure options into CONFARGS variable and
    rename the cross-compile-only variable to HOSTARG.

  * debian/rules (clean): also remove debian/gnupg-deb build directory.

  * debian/gpg-convert-from-106.1, debian/gpgsplit.1, debian/lspgpot.1:
    new manpages from François Wendling <frwendling@free.fr>.  Closes:
    #344314
  * debian/rules (binary-arch): install them.

  * The following is a patch from Frans Pop <aragorn@tiscali.nl>.  Closes:
    #360257
   * debian/control (Build-Depends): add dpkg-dev (>= 1.13.12).
   * debian/rules (binary-arch): pass -tudeb when invoking dpkg-shlibdeps
     for the .udeb builds.

  * 23_getkey_utf8_userid.dpatch: new patch from Fumitoshi UKAI
    <ukai@debian.or.jp> to fix '[User id not found]' message in non-UTF-8
    locales.  Closes: #205028

  * 24_gpgv_manpage_cleanup.dpatch: new patch from "Jim W. Jaszewski"
    <grok@sprint.ca> to fix small errors in the gpgv manpage.  Closes:
    #177951

  * 25_de.po_fixes.dpatch: new patch from Jens Seidel
    <jensseidel@users.sf.net> with small fixes to the German translations.
    Closes: #314069

 -- James Troup <james@nocrew.org>  Wed,  5 Apr 2006 02:45:56 +0100

gnupg (1.4.2.2-1ubuntu2) dapper; urgency=low

  * debian/rules: 
    - Remove --with-included-gettext configure option; use libc's gettext to
      get language pack support. Closes: LP#25609
    - rm'ing locale.alias is not necessary with this change, so change it to
      rm -f to not break the build.

 -- Martin Pitt <martin.pitt@ubuntu.com>  Mon,  3 Apr 2006 18:21:19 +0200

gnupg (1.4.2.2-1ubuntu1) dapper; urgency=low

  * Resynchronize with Debian, UVF exception approved by Matt. 1.4.2.2 only
    contains a security fix, updated test cases, and updated translations.
  * For reference and to ease future merges, these are the remaining Ubuntu
    changes:
    - debian/rules: Make the build fail if the test suite fails.
    - debian/changelog: Add missing CVE number.
    - Don't install gpg as suid root, since that is not necessary with kernels
      2.6.8+.
    - config.h.in: Disable mlock() test since it fails with ulimit 0 (on
      buildds).
    - debian/patches/20_no_tty_fix.dpatch: Malone #5570

 -- Martin Pitt <martin.pitt@ubuntu.com>  Mon, 13 Mar 2006 12:42:00 +0100

gnupg (1.4.2.2-1) unstable; urgency=low

  * New upstream release.
   * Fixes handling of files containing several signed messages.
     [CVE-2006-0049]

 -- James Troup <james@nocrew.org>  Fri, 10 Mar 2006 04:27:12 +0000

gnupg (1.4.2.1-0ubuntu1) dapper; urgency=low

  * New upstream security bugfix release, only contains the following changes:
    - Security fix for a verification weakness in gpgv.  Some input
      could lead to gpgv exiting with 0 even if the detached signature
      file did not carry any signature.  This is not as fatal as it
      might seem because the suggestion as always been not to rely on
      th exit code but to parse the --status-fd messages.  However it
      is likely that gpgv is used in that simplified way and thus we
      do this release.  Same problem with "gpg --verify" but nobody
      should have used this for signature verification without
      checking the status codes anyway. [CVE-2006-0455]
    - Added a test case for above vulnerability.
  * debian/rules: Call the test suite during build. (Will fail the build
    if the test suite fails.)

 -- Martin Pitt <martin.pitt@ubuntu.com>  Fri, 17 Feb 2006 11:18:27 +0100

gnupg (1.4.2-2ubuntu2) dapper; urgency=low

  * Add 20_no_tty_fix.dpatch:
    - Do not open /dev/tty if --no-tty is specified, since this breaks
      programs like seahorse.
    - Patch also accepted upstream.
    - Thanks to Ryan Lortie <desrt@desrt.ca> for the patch.
    - Malone #5570

 -- Martin Pitt <martin.pitt@ubuntu.com>  Fri, 16 Dec 2005 16:57:39 +0100

gnupg (1.4.2-2ubuntu1) dapper; urgency=low

  * Resynchronise with Debian.

 -- Martin Pitt <martin.pitt@ubuntu.com>  Thu, 10 Nov 2005 16:13:10 -0500

gnupg (1.4.2-2) unstable; urgency=low

  * 22_zero_length_mpi_fix.dpatch: new patch; pull in upstream patch to
    fix bug in reading a zero-length MPI.  Closes: #330686

 -- James Troup <james@nocrew.org>  Sun,  2 Oct 2005 02:39:51 +0100

gnupg (1.4.2-1) unstable; urgency=low

  * New upstream release.
   * Fixes extra ) on expired keys.  Closes: #329402

  * debian/control (Standards-Version): updated to 3.6.2.1.

  * debian/rules (binary-arch): drop 'gnupg/' from libexecdir passed to
    make install.

 -- James Troup <james@nocrew.org>  Sat, 24 Sep 2005 03:31:37 +0100

gnupg (1.4.1-1ubuntu2) dapper; urgency=low

  * debian/rules: Stop calling pkgstriptranslations, we now get it
    for free with the new and improved dpkg-deb diversion hack.

 -- Adam Conrad <adconrad@ubuntu.com>  Wed, 26 Oct 2005 10:42:17 +1000

gnupg (1.4.1-1ubuntu1) breezy; urgency=low

  * Resynchronise with Debian, fixing changelog ordering.
  * Added CAN number to previous changelog entry.

 -- Martin Pitt <martin.pitt@ubuntu.com>  Fri, 10 Jun 2005 10:36:38 +0200

gnupg (1.4.1-1) unstable; urgency=low

  * New upstream release.  Closes: #307203
   * Fixes mis-selection of encryption key.  Closes: #299814
   * Countermeasures against the Mister/Zuccherato CFB attack.  
     Closes: #300859
  * 18_ca_po_update.dpatch, 21_strgutil_update.dpatch: dropped - merged
    upstream.
  * debian/rules (build-deb-stamp): don't forcefully regenerate po/ca.gmo.
    (clean): likewise, don't remove po/ca.gmo.

 -- James Troup <james@nocrew.org>  Mon,  9 May 2005 23:41:50 +0100

gnupg (1.4.0-3ubuntu1) breezy; urgency=low

  * Merge Debian changes (#9358).

 -- Martin Pitt <martin.pitt@ubuntu.com>  Fri, 15 Apr 2005 09:35:41 +0200

gnupg (1.4.0-3) unstable; urgency=low

  * debian/rules (binary-arch): move Russian manpage to correct (FHS)
    location.  Thanks to Uwe Zeisberger
    <zeisberg@informatik.uni-freiburg.de> for the report.  Closes: #294196

 -- James Troup <james@nocrew.org>  Sun, 20 Feb 2005 22:55:11 +0000

gnupg (1.4.0-2) unstable; urgency=low

  * 18_ca_po_update.dpatch: re-added, updated for new upstream release.
    Thanks to Jordi Mallach <jordi@debian.org>.
  * debian/rules (build-deb): force regeneration of ca.gmo.

  * 21_strgutil_update.dpatch: new patch; pull in strgutil.c fixes from
    1.4.1rc1 to fix warnings about 'Invalid or incomplete multibyte or
    wide character' with (at least) Latin-1 encoded UIDs.

  * debian/copyright: update year and version number.

  * debian/rules: apply patch to enable cross-build from NIIBE Yutaka
    <gniibe@fsij.org>. Closes: #285293

  * debian/rules: s/DEB_HOST_ARCH/DEB_BUILD_ARCH/ as the gpgv-udeb should
    use the build architecture not host.
  * debian/rules (build-udeb): pass $(CONFARGS) to configure here too.
  
 -- James Troup <james@nocrew.org>  Sat,  5 Feb 2005 03:03:06 +0000

gnupg (1.4.0-1) unstable; urgency=low

  * New upstream release.  Closes: #286058
  
  * debian/control (Build-Depends): add libusb-dev and libreadline5-dev.
  * debian/rules (binary): install doc/highlights-1.4.txt to
    /usr/share/doc/gnupg/ too.

  * 17_ipv6_support.dpatch: removed; a different patch has been applied
    upstream.
  * 19_throw_keyid_compat.dpatch, 20_update_pgp8.dpatch: dropped; merged
    upstream.

  * 16_min_privileges.dpatch: adjusted for new upstream release with
    wiggle(1).

  * 18_ca_po_update.dpatch: dropped temporarily as it no longer applies.

  * Apply patch from Colin Watson to add gpgv-udeb package.  Closes: #287106
  * debian/rules (build-udeb): also pass --without-readline to configure.

 -- James Troup <james@nocrew.org>  Thu,  3 Feb 2005 23:52:49 +0000

gnupg (1.2.5-3.1) UNOFFICIAL; urgency=low

  * debian/control, debian/rules: Build gpgv-udeb, containing just
    /usr/bin/gpgv built without bzip2 support and with -Os, for use in
    debian-installer.

 -- Colin Watson <cjwatson@debian.org>  Fri, 24 Dec 2004 13:42:23 +0000

gnupg (1.2.5-3ubuntu5) hoary; urgency=low

  * debian/rules: Call pkgstriptranslations if present (the package does not
    use debhelper, thus it does not happen automatically).

 -- Martin Pitt <martin.pitt@ubuntu.com>  Fri, 18 Mar 2005 13:04:50 +0000

gnupg (1.2.5-3ubuntu4) hoary; urgency=low

  * debian/control, debian/rules: Build gpgv-udeb, containing just
    /usr/bin/gpgv built without bzip2 support and with -Os, for use in the
    installer.

 -- Colin Watson <cjwatson@canonical.com>  Wed, 12 Jan 2005 14:52:51 +0000

gnupg (1.2.5-3ubuntu3) hoary; urgency=low

  * Disable HAVE_BROKEN_MLOCK, since the test fails if ulimit -l 0.

 -- LaMont Jones <lamont@canonical.com>  Tue, 30 Nov 2004 22:35:20 -0700

gnupg (1.2.5-3ubuntu2) hoary; urgency=low

  * No-change upload to get mlock test correct.

 -- LaMont Jones <lamont@canonical.com>  Tue, 30 Nov 2004 21:25:26 -0700

gnupg (1.2.5-3ubuntu1) hoary; urgency=low

  * Resynced to Debian; automatic sync result was a mess, redid from scratch.
  * Do not install gnupg as suid root since the Ubuntu kernel now supports
    calling mlock() as user.

 -- Martin Pitt <martin.pitt@canonical.com>  Thu, 11 Nov 2004 11:08:42 +0100

gnupg (1.2.5-3) unstable; urgency=low

  * debian/rules (build): drop --with-capabilites for now.
  * debian/rules (clean): don't remove fi.gmo now that we're no longer
    patching it.
  * Merge patch from Peter Palfrader <weasel@debian.org> to fix building
    without capabilities and idempotency of build process after
    18_ca_po_update.dpatch.  Closes: #262723

 -- James Troup <james@nocrew.org>  Mon,  2 Aug 2004 00:51:21 +0100

gnupg (1.2.5-2.1) unstable; urgency=low

  * Fix patches/15_free_caps to also build without capabilities.
  * Remove po/ca.gmo in clean target.

 -- Peter Palfrader <weasel@debian.org>  Sun,  1 Aug 2004 20:13:31 +0200

gnupg (1.2.5-2) unstable; urgency=low

  * 18_ca_po_update.dpatch: new patch from Jordi Mallach
    <jordi@debian.org> to fix ca.po encoding.  Closes: #237070

  * 19_throw_keyid_compat.dpatch: new patch from Werner Koch
    <wk@gnupg.org> to add a --throw-keyid option for backwards
    compatability.
  
  * 20_update_pgp8.dpatch: new patch from David Shaw
    <dshaw@jabberwocky.com> to update --pgp8 to match reality.

 -- James Troup <james@nocrew.org>  Sat, 31 Jul 2004 10:55:30 +0100

gnupg (1.2.5-1) unstable; urgency=low

  * New upstream release.  Closes: #262094
   * UID merging should now work on initial import.  Closes: #236966
  
  * 10_hppa_unaligned_constant.dpatch, 11_fi_po_update.dpatch,
    12_zero_length_header.dpatch, 13_revoked_keys.dpatch,
    14_getkey_not_found_fix.dpatch: merged upstream - removed.

  * debian/rules (binary-arch): add
    'mkinstalldirs=`pwd`/scripts/mkinstalldirs' to make install invocation
    to work around broken Makefile.

  * debian/control (Standards-Version): bump to 3.6.1.1.

  * Apply patch from Martin Pitt <mpitt@debian.org> to drop privileges as
    early as possible.  Closes: #260803

  * debian/control (Build-Depends): add mail-transport-agent to ensure
    gpgkeys_mailto is built.  Thanks to Daniel Schepler
    <schepler@math.berkeley.edu> for noticing.  Closes: #253681

  * debian/rules, debian/preinst: Patch from David Weinehall
    <tao@debian.org> to use && in favour of -a as the latter is an XSI
    extension.  Closes: #257575

  * 17_ipv6_support.dpatch: IPv6 patch from Jun-ichiro itojun Hagino.
    Thanks to Fabio Massimo Di Nitto <fabbione@fabbione.net>.  
    Closes: #209242

 -- James Troup <james@nocrew.org>  Thu, 29 Jul 2004 23:57:08 +0100

gnupg (1.2.4-4.1) unstable; urgency=low

  * 15_free_caps.dpatch: free allocated capability contexts when using
    USE_CAPABILITIES.
  * 16_min_privileges.dpatch: immediately drop root user to normal user and
    keep only CAP_IPC_LOCK, which is dropped as well right after it is not
    needed any more. This ensures minimal privileges.
  * debian/rules: configure with --with-capabilities to tighten security.
  * debian/control: this requires build-dependency libcap-dev.

 -- Martin Pitt <mpitt@debian.org>  Thu, 22 Jul 2004 02:08:56 +0200

gnupg (1.2.4-4) unstable; urgency=low

  * 12_zero_length_header.dpatch: update patch from David Shaw
    <dshaw@jabberwocky.com> to fix the fix of crashing on certain
    keys. Closes: #234289

 -- James Troup <james@nocrew.org>  Mon, 23 Feb 2004 18:02:20 +0000

gnupg (1.2.4-3) unstable; urgency=low

  * Move to dpatch; existing non-debian/ change split into
    10_hppa_unaligned_constant.dpatch.

  * debian/rules: include /usr/share/dpatch/dpatch.make.
  * debian/rules (build): depend on patch-stamp.
  * debian/rules (clean): depend on unpatch.  Remove debian/patched.
  * debian/control (Build-Depends): add dpatch.

  * debian/rules: update version number and use install_foo convenience
    variables.
  * debian/rules (clean): remove emacs backup files from any directory.
  
  * 11_fi_po_update.dpatch: new patch from Tommi Vainikainen
    <thv+debian@iki.fi> to update Finnish translation as the current one
    renders gnupg unusable.  Closes: #232030, #222951, #192582
  * debian/rules (clean): remove po/fi.gmo to avoid dpkg-source errors
    over unrepresentable changes to source.

  * 12_zero_length_header.dpatch: new patch from David Shaw
    <dshaw@jabberwocky.com> to fix cases where importing certain keys
    makes the keyring unuseable.  Closes: #232714

  * 13_revoked_keys.dpatch: new patch from David Shaw
    <dshaw@jabberwocky.com> to list revoked keys as revoked.  Closes: #231814

  * 14_getkey_not_found_fix.dpatch: new patch from David Shaw
    <dshaw@jabberwocky.com> to fix --list-sigs incorrectly claiming "User
    id not found".  Closes: #229549

 -- James Troup <james@nocrew.org>  Fri, 20 Feb 2004 16:38:12 +0000
  
gnupg (1.2.4-2) unstable; urgency=low

  * mpi/hppa1.1/udiv-qrnnd.S: patch from LaMont Jones <lamont@debian.org>
    to fix unaligned constant.  Closes: #228456
  * debian/copyright: update year and version number.

 -- James Troup <james@nocrew.org>  Tue, 20 Jan 2004 17:19:58 +0000

gnupg (1.2.4-1) unstable; urgency=medium

  * New upstream release.
   * Most support for ElGamal Sign+Encrypt keys has been removed. Closes: #222293
   * No longer miss-identifies GNU/KFreeBSD as GNU/Hurd. Closes: #216957
   * Fixes build error on GNU/KFreeBSD (and Glibc-based GNU/KNetBSD). Closes: #221079
   * Fixes segmentation fault in prime generator. Closes: #213989
   * Fixes trustdb not updating without ultimately trusted keys. Closes: #222368

  * debian/control (Build-Depends): add libbz2-dev.

 -- James Troup <james@nocrew.org>  Wed, 31 Dec 2003 17:57:52 +0000

gnupg (1.2.3-1) unstable; urgency=low

  * New upstream release (Closes: #207340).
   * gpg no longer kills keyrings by importing broken keys.  Closes: #196505
   * options.skel uses subkeys.pgp.net instead of pgp.mit.edu. Closes: #206092
   * --import now closes files when it's done. Closes: #196643
   * A key listing speed regression has been fixed. Closes: #192083
  * debian/copyright: update URL and date.
  * debian/rules: update dates and version.

  * debian/control (Standards-Version): bump to 3.6.0.

  * debian/Upgrading_From_PGP.txt: new file from to Richard Braakman
    <dark@xs4all.nl>.  Closes: #173233
  * debian/rules (binary-arch): install it.

  * debian/rules (build): correct libexecdir passed to configure; patch
    from Matthias Cramer <cramer@freestone.net>.  Fixes invocation of
    gpgkeys_ldap.  Closes: #168486

 -- James Troup <james@nocrew.org>  Thu, 28 Aug 2003 14:08:50 +0100

gnupg (1.2.2-1) unstable; urgency=low

  * New upstream release.
  * debian/control (Standards-Version): bump to 3.5.9.0.
  * debian/rules (binary-arch): install convert-from-106 as
    gpg-convert-from-106 and fix the path to gpg.
  * debian/control: remove trailing full stop from short description.
  * debian/control: remove out-dated and contradictory information about
    RSA.

 -- James Troup <james@nocrew.org>  Mon,  5 May 2003 03:08:58 +0100

gnupg (1.2.1-2) unstable; urgency=low

  * Update config.guess (to 2002-10-21) and config.sub (to 2002-09-05).
    Thanks to Ryan Murray.  Closes: #166696

 -- James Troup <james@nocrew.org>  Mon, 28 Oct 2002 01:47:26 +0000

gnupg (1.2.1-1) unstable; urgency=low

  * New upstream version.
   * An inifinte loop in --update-trustdb has been fixed.  Closes: #162039
   * The polish translation is now correctly specified as UTF-8.  Closes: #162885
   * --refresh-keys is now documented in the manpage.  Closes: #165566
  * debian/control (Conflicts): add gpg-idea <= 2.2 since gnupg >= 1.2 is
    incompatible with that version of gpg-idea.  Closes: #162314

 -- James Troup <james@nocrew.org>  Fri, 25 Oct 2002 18:18:43 +0100

gnupg (1.2.0-1) unstable; urgency=low

  * New upstream version.  Closes: #161817.
   * --options no longer mis-handles a directory as an argument.  Closes: #151973
   * gpg now prompts before sending all keys to the keyserver.  Closes: #64607
   * There is now a gnupg(7) manpage.  Closes: #157750
   * The permission checking has been sanitized and handles non-home-dir
     keyrings better.  Closes: #147760
   * notation data longer than 5 characters is now handled.  Closes: #156871
   * an abort when setting trust levels in a czech locale has been fixed.
     Closes: #149212
  * debian/rules (binary-arch): there are no more modules, adjust
    accordingly.
  * debian/postinst, debian/prerm: remove; no longer do /usr/doc symlinks.
  * debian/rules (binary-arch): don't install obsolete postinst or prerm.
  * debian/rules (binary-arch): gzip gnupg.7 too.
  * debian/rules (build): pass --libexecdir=/usr/lib/gnupg to configure.
  * debian/rules (binary-arch): likewise, pass suitable libexcedir
    argument to make install.
  * debian/control (Standards-Version): update to 3.5.7.0.
  * debian/copyright: update URL and date.
  * debian/rules: update dates and version.

 -- James Troup <james@nocrew.org>  Sun, 22 Sep 2002 22:26:25 +0100

gnupg (1.0.7-2) unstable; urgency=low

  * debian/control (Suggests): add xloadimage since that's what gpg uses
    by default to view photo IDs.  Thanks to Julien Danjou
    <acid@debian.org> for the suggestion.  Closes: #156245
  * debian/control (Depends): add "hurd" to the alternatives to
    makedev. Thanks to Michal Suchanek <hramrach_l@centrum.cz> for
    noticing.  Closes: #158492
  * po/it.po: patch to fix typos from Marco Bodrato
    <bodrato@gulp.linux.it.  Closes: #149462
  * g10/g10.c (main): remove the bogus undef of USE_SHM_COPROCESSING to
    match upstream and fix gabber and libgnupg-perl.  Closes: #147679, #151969

 -- James Troup <james@nocrew.org>  Thu, 29 Aug 2002 01:42:58 +0100

gnupg (1.0.7-1) unstable; urgency=low

  * New upstream version.  Closes: #145477.
    * GDBM support has been removed.  Closes: #33009.
    * Now adds the default keyring when a keyring is specified.
      Closes: #50616, #65260.
    * Now does the Right Thing when receiving a key from the keyserver and
      the key in question is in both a read-only and writable keyring.
      Closes: #63297.
    * Automatic key retrieval is now configurable.  Closes: #64940.
    * --no-options supresses ~/.gnupg creation again.  Closes: #95486.
    * duplicate trust entries are no longer treated as an error. Closes: #96480.
    * There's now no comment line in ascii armours. Closes: #100088.
    * Handle secret keyring given as keyring better.  Closes: #100581, #106670.
    * It's now documented that --with-colons unconditionally uses UTF8.
      Closes: #101446, 101454.
    * s/now/knows/ typo in manpage fixed.  Closes: #107471.
    * There's now support for a primary UID.  Closes: #106567, #108155.
    * Handles errors in uncompression layer beter. Closes: #112392.
    * Key selection has been entirely revamped.  Closes: #136170.
    * Handles empty encrypt-to. Closes: #138378

  * debian/rules (binary-arch): remove empty /usr/info directory, thanks
    to Joey Hess <joeyh@debian.org>.  Closes: #121864.
  * debian/control: remove duplicated word from long description, thanks
    to Nicolas Boulenguez <nicolas.boulenguez@free.fr>.  Closes: #144786.
  * README: correct URL to GPH and other docs, thanks to Mark Brown
    <broonie@sirena.org.uk>.  Closes: #100277.
  * debian/control (Standards-Version): updated to 3.5.6.1.
  * debian/rules (binary-arch): only strip ELF binaries.  es_ES -> es hack
    no longer needed as fixed upstream.
  * debian/control (Build-Depends): remove libgdbmg1-dev; no longer used.
  * debian/README.Debian: remove note about gdbm support which was finally
    removed.  Update note on old versions of gnupg to reflect the
    pre-historic nature of those versions.
  * debian/control (Build-Depends): add libldap2-dev.
  * debian/rules (binary-arch): call dpkg-shlibdeps for all ELF binaries.
  * debian/control (Build-Depends): add file.
  * debian/control (Priority): increase to standard to match overrides.

 -- James Troup <james@nocrew.org>  Sat, 11 May 2002 15:08:02 +0100

gnupg (1.0.6-3) unstable; urgency=low

  * moved into main.

 -- James Troup <james@nocrew.org>  Tue, 19 Mar 2002 16:17:09 +0000

gnupg (1.0.6-2) unstable; urgency=high

  * debian/rules (binary-arch): remove the erroneous
    /usr/share/locale/locale.alias that 'make install' adds; closes:
    #99293.

 -- James Troup <james@nocrew.org>  Wed, 30 May 2001 20:40:59 +0100

gnupg (1.0.6-1) unstable; urgency=low

  * New upstream version.

 -- James Troup <james@nocrew.org>  Tue, 29 May 2001 20:59:49 +0100

gnupg (1.0.5-4) unstable; urgency=low

  * Patch from Werner.

 -- James Troup <james@nocrew.org>  Sun, 27 May 2001 09:34:50 +0100

gnupg (1.0.5-3) unstable; urgency=low

  * Apply patch from Matthew Wilcox <matthew@wil.cx> to fix assembly on
    hppa.

 -- James Troup <james@nocrew.org>  Sun, 13 May 2001 02:36:45 +0100

gnupg (1.0.5-2) unstable; urgency=medium

  * util/http.c: patch from Werner that fixes --send-key, closes: #96277.
  * debian/control (Depends): accept devfsd in place of makedev, closes:
    #96307.

 -- James Troup <james@nocrew.org>  Mon,  7 May 2001 00:13:51 +0100

gnupg (1.0.5-1) unstable; urgency=low

  * New upstream version.
  * debian/README.Debian: fix spelling and update URL.
  * debian/rules (binary): remove the new info files.
  * scripts/config.{guess,sub}: sync with subversions, closes: #95729.

 -- James Troup <james@nocrew.org>  Mon, 30 Apr 2001 02:12:38 +0100

gnupg (1.0.4-4) unstable; urgency=low

  * po/ru.po: patch by Ilya Martynov <m_ilya@agava.com> to replace German
    entries and add missing translations, closes: #93987.
  * g10/revoke.c (ask_revocation_reason): typo fix (s/non longer/no
    longer/g); noticed by Colin Watson <cjw44@flatline.org.uk>, closes:
    #93664.

  * Deprecated depreciated; noticed by Vincent Broman
    <broman@spawar.navy.mil>.

  * Following two patches are from Vincent Broman.
  * g10/mainproc.c (proc_tree): use iobuf_get_real_fname() in preference
    to iobuf_get_fname().
  * g10/openfile.c (open_sigfile): handle .sign prefixed files correctly.

 -- James Troup <james@nocrew.org>  Fri, 20 Apr 2001 23:32:44 +0100

gnupg (1.0.4-3) unstable; urgency=medium

  * debian/rules (binary): make gpg binary suid, closes: #86433.
  * debian/postinst: don't use suidregister.
  * debian/postrm: removed (only called suidunregister).
  * debian/control: conflict with suidmanager << 0.50.
  * mpi/longlong.h: apply fix for ARM long long artimetic from Philip
    Blundell <philb@gnu.org>, closes: #87487.
  * debian/preinst: the old GnuPG debs have moved to people.debian.org.
  * cipher/random.c: #include <time.h> as well as <sys/time.h>
  * g10/misc.c: likewise.
  * debian/rules: define a strip alias which removes the .comment and
    .note sections.
  * debian/rules (binary-arch): use it.
  * debian/lintian.override: new file; override the SUID warning from
    lintian.
  * debian/rules (binary-arch): install it.

 -- James Troup <james@nocrew.org>  Sun, 25 Feb 2001 05:24:58 +0000

gnupg (1.0.4-2) stable unstable; urgency=high

  * Apply security fix patch from Werner.
  * Apply another patch from Werner to fix bogus warning on Rijndael
    usage.
  * Change section to 'non-US'.

 -- James Troup <james@nocrew.org>  Mon, 12 Feb 2001 07:47:02 +0000

gnupg (1.0.4-1) stable unstable; urgency=high

  * New upstream version.
  * Fixes a serious bug which could lead to false signature verification
    results when more than one signature is fed to gpg.

 -- James Troup <james@nocrew.org>  Tue, 17 Oct 2000 17:26:17 +0100

gnupg (1.0.3b-1) unstable; urgency=low

  * New upstream snapshot version.

 -- James Troup <james@nocrew.org>  Fri, 13 Oct 2000 18:08:14 +0100

gnupg (1.0.3-2) unstable; urgency=low

  * debian/control: Conflict, Replace and Provide gpg-rsa & gpg-rsaref.
    Fix long description to reflect the fact that RSA is no longer
    patented and now included. [#72177]
  * debian/rules: move faq.html to /usr/share/doc/gnupg/ and remove FAQ
    from /usr/share/gnupg/.  Thanks to Robert Luberda
    <robert@pingu.ii.uj.edu.pl> for noticing. [#72151]
  * debian/control: Suggest new package gnupg-doc. [#64323, #65560]
  * utils/secmem.c (lock_pool): don't bomb out if mlock() returns ENOMEM,
    as Linux will do this if resource limits (or other reasons) prevent
    memory from being locked, instead treat it like permission was denied
    and warn but continue.  Thanks to Topi Miettinen
    <Topi.Miettinen@nic.fi>. [#70446]
  * g10/hkp.c (not_implemented): s/ist/is/ in error message.
  * debian/README.Debian: add a note about GDBM support and why it is
    disabled.  Upstream already fixed the manpage.  [#65913]
  * debian/rules (binary-arch): fix the Spanish translation to be 'es' not
    'es_ES' at Nicolás Lichtmaier <nick@debian.org>'s request. [#57314]

 -- James Troup <james@nocrew.org>  Sun,  1 Oct 2000 14:55:03 +0100

gnupg (1.0.3-1) unstable; urgency=low

  * New upstream version.

 -- James Troup <james@nocrew.org>  Mon, 18 Sep 2000 15:56:54 +0100

gnupg (1.0.2-1) unstable; urgency=low

  * New upstream version.

 -- James Troup <james@nocrew.org>  Thu, 13 Jul 2000 20:26:50 +0100

gnupg (1.0.1-2) unstable; urgency=low

  * debian/control (Build-Depends): added.
  * debian/copyright: corrected location of copyright file.  Removed
    references to Linux.  Removed warnings about beta nature of GnuPG.
  * debian/rules (binary-arch): install documentation into
    /usr/share/doc/gnupg/ and pass mandir to make install to ensure the
    manpages go to /usr/share/man/.
  * debian/postinst: create /usr/doc/gnupg symlink.
  * debian/prerm: new file; remove /usr/doc/gnupg symlink.
  * debian/rules (binary-arch): install prerm.
  * debian/control (Standards-Version): updated to 3.1.1.1.

 -- James Troup <james@nocrew.org>  Thu, 30 Dec 1999 16:16:49 +0000

gnupg (1.0.1-1) unstable; urgency=low

  * New upstream version.
  * doc/gpg.1: updated to something usable from
    ftp://ftp.gnupg.org/pub/gcrypt/gnupg/gpg.1.gz.

 -- James Troup <james@nocrew.org>  Sun, 19 Dec 1999 23:47:10 +0000

gnupg (1.0.0-3) unstable; urgency=low

  * debian/rules (build): remove the stunningly ill-advised --host option
    to configure.  [#44698, #48212, #48281]

 -- James Troup <james@nocrew.org>  Tue, 26 Oct 1999 01:12:59 +0100

gnupg (1.0.0-2) unstable; urgency=low

  * debian/rules (binary-arch): fix the permissions on the
    modules. [#47280]
  * debian/postinst, debian/postrm: fix the package name passed to
    suidregister. [#45013]
  * debian/control: update long description. [#44636]
  * debian/rules (build): pass the host explicitly to configure to avoid
    problems on sparc64. [(Should fix) #44698].

 -- James Troup <james@nocrew.org>  Wed, 20 Oct 1999 23:39:05 +0100

gnupg (1.0.0-1) unstable; urgency=low

  * New upstream release. [#44545]

 -- James Troup <james@nocrew.org>  Wed,  8 Sep 1999 00:53:02 +0100

gnupg (0.9.10-2) unstable; urgency=low

  * debian/rules (binary-arch): install lspgpot.  Requested by Kai
    Henningsen <kai@khms.westfalen.de>. [#42288]
  * debian/rules (binary-arch): correct the path where modules are looked
    for.  Reported by Karl M. Hegbloom <karlheg@odin.cc.pdx.edu>. [#40881]
  * debian/postinst, debian/postrm: under protest, register gpg the
    package with suidmanager and make it suid by default.
    [#29780,#32590,#40391]

 -- James Troup <james@nocrew.org>  Tue, 10 Aug 1999 00:12:40 +0100

gnupg (0.9.10-1) unstable; urgency=low

  * New upstream version.

 -- James Troup <james@nocrew.org>  Fri,  6 Aug 1999 01:16:21 +0100

gnupg (0.9.9-1) unstable; urgency=low

  * New upstream version.

 -- James Troup <james@nocrew.org>  Sun, 25 Jul 1999 01:06:31 +0100

gnupg (0.9.8-1) unstable; urgency=low

  * New upstream version.
  * debian/rules (binary-arch): don't create a gpgm manpage as the binary
    no longer exists.  Noticed by Wichert Akkerman
    <wichert@cs.leidenuniv.nl>. [#38864]

 -- James Troup <james@nocrew.org>  Sun, 27 Jun 1999 01:07:58 +0100

gnupg (0.9.7-1) unstable; urgency=low

  * New upstream version.

 -- James Troup <james@nocrew.org>  Tue, 25 May 1999 13:23:24 +0100

gnupg (0.9.6-1) unstable; urgency=low

  * New upstream version.
  * debian/copyright: update version number, noticed by Lazarus Long
    <lazarus@frontiernet.net>.
  * debian/control (Depends): depend on makedev (>= 2.3.1-13) to ensure
    that /dev/urandom exists; reported by Steffen Markert
    <smort@rz.tu-ilmenau.de>. [#32076]

 -- James Troup <james@nocrew.org>  Tue, 11 May 1999 21:06:27 +0100

gnupg (0.9.5-1) unstable; urgency=low

  * New upstream version.
  * debian/control (Description): no tabs.  [Lintian]

 -- James Troup <james@nocrew.org>  Wed, 24 Mar 1999 22:37:40 +0000

gnupg (0.9.4-1) unstable; urgency=low

  * New version.
  * debian/control: s/GNUPG/GnuPG/

 -- Werner Koch <wk@isil.d.suttle.de>  Mon, 8 Mar 1999 19:58:28 +0100

gnupg (0.9.3-1) unstable; urgency=low

  * New upstream version.

 -- James Troup <james@nocrew.org>  Mon, 22 Feb 1999 22:55:04 +0000

gnupg (0.9.2-1) unstable; urgency=low

  * New version.
  * debian/rules (build): Removed CFLAGS as the default is now sufficient.
  * debian/rules (clean): remove special handling cleanup in intl.

 -- Werner Koch <wk@isil.d.suttle.de>  Wed, 20 Jan 1999 21:23:11 +0100

gnupg (0.9.1-1) unstable; urgency=low

  * New upstream version.

 -- James Troup <james@nocrew.org>  Sat,  9 Jan 1999 22:29:11 +0000

gnupg (0.9.0-1) unstable; urgency=low

  * New upstream version.
  * g10/armor.c (armor_filter): add missing new line in comment string; as
    noticed by Stainless Steel Rat <ratinox@peorth.gweep.net>.

 -- James Troup <james@nocrew.org>  Tue, 29 Dec 1998 20:22:43 +0000

gnupg (0.4.5-1) unstable; urgency=low

  * New upstream version.
  * debian/rules (clean): force removal of intl/libintl.h which the
    Makefiles fail to remove properly.

 -- James Troup <james@nocrew.org>  Tue,  8 Dec 1998 22:40:23 +0000

gnupg (0.4.4-1) unstable; urgency=low

  * New upstream version.

 -- James Troup <james@nocrew.org>  Sat, 21 Nov 1998 01:34:29 +0000

gnupg (0.4.3-1) unstable; urgency=low

  * New upstream version.
  * debian/README.Debian: new file; contains same information as is in the
    preinst.  Suggested by Wichert Akkerman <wichert@cs.leidenuniv.nl>.
  * debian/rules (binary-arch): install `README.Debian'
  * debian/control (Standards-Version): updated to 2.5.0.0.

 -- James Troup <james@nocrew.org>  Sun,  8 Nov 1998 19:08:12 +0000

gnupg (0.4.2-1) unstable; urgency=low

  * New upstream version.
  * debian/preinst: improve message about the NEWS file which isn't
    actually installed when it's referred to, thanks to Martin Mitchell
    <martin@debian.org>.
  * debian/rules (binary-arch): don't install the now non-existent `rfcs',
    but do install `OpenPGP'.

 -- James Troup <james@nocrew.org>  Sun, 18 Oct 1998 22:48:34 +0100

gnupg (0.4.1-1) unstable; urgency=low

  * New upstream version.
  * debian/rules (binary-arch): fix the gpgm manpage symlink now installed
    by `make install'.

 -- James Troup <james@nocrew.org>  Sun, 11 Oct 1998 17:01:21 +0100

gnupg (0.4.0-1) unstable; urgency=high

  * New upstream version. [#26717]
  * debian/copyright: tone down warning about alpha nature of gnupg.
  * debian/copyright: new maintainer address.
  * debian/control: update extended description.
  * debian/rules (binary-arch): install FAQ and all ChangeLogs.
  * debian/preinst: new; check for upgrade from (<= 0.3.2-1) and warn about
    incompatibilities in keyring format and offer to move old copy out of
    gpg out of the way for transition strategy and inform the user about
    the old copies of gnupg available on my web page.
  * debian/rules (binary-arch) install preinst.
  * debian/rules (binary-arch): don't depend on the test target as it is
    now partially interactive (tries to generate a key, which requires
    someone else to be using the computer).

 -- James Troup <james@nocrew.org>  Thu,  8 Oct 1998 00:47:07 +0100

gnupg (0.3.2-1) unstable; urgency=low

  * New upstream version.
  * debian/control (Maintainer): new address.
  * debian/copyright: updated list of changes.

 -- James Troup <james@nocrew.org>  Thu,  9 Jul 1998 21:06:07 +0200

gnupg (0.3.1-1) unstable; urgency=low

  * New upstream version.

 -- James Troup <james@nocrew.org>  Tue,  7 Jul 1998 00:26:21 +0200

gnupg (0.3.0-2) unstable; urgency=low

  * Applied bug-fix patch from Werner.

 -- James Troup <jjtroup@comp.brad.ac.uk>  Fri, 26 Jun 1998 12:18:29 +0200

gnupg (0.3.0-1) unstable; urgency=low

  * New upstream version.
  * debian/control: rewrote short and long description.
  * cipher/Makefile.am: link tiger with -lc.
  * debian/rules (binary-arch): strip loadable modules.
  * util/secmem.c (lock_pool): get rid of errant test code; fix from
    Werner Koch <wk@isil.d.shuttle.de>.
  * debian/rules (test): new target which runs gnupg's test suite.
    binary-arch depends on it, to ensure it's run whenever the package is
    built.

 -- James Troup <jjtroup@comp.brad.ac.uk>  Thu, 25 Jun 1998 16:04:57 +0200

gnupg (0.2.19-1) unstable; urgency=low

  * New upstream version.
  * debian/control: Updated long description.

 -- James Troup <jjtroup@comp.brad.ac.uk>  Sat, 30 May 1998 12:12:35 +0200

gnupg (0.2.18-1) unstable; urgency=low

  * New upstream version.

 -- James Troup <J.J.Troup@comp.brad.ac.uk>  Sat, 16 May 1998 11:52:47 +0200

gnupg (0.2.17-1) unstable; urgency=high

  * New upstream version.
  * debian/control (Standards-Version): updated to 2.4.1.0.
  * debian/control: tone down warning about alpha nature of gnupg, as per
    README.
  * debian/copyright: ditto.

 -- James Troup <jjtroup@comp.brad.ac.uk>  Mon,  4 May 1998 22:36:51 +0200

gnupg (0.2.15-1) unstable; urgency=high

  * New upstream version.

 -- James Troup <jjtroup@comp.brad.ac.uk>  Fri, 10 Apr 1998 01:12:20 +0100

gnupg (0.2.13-1) unstable; urgency=high

  * New upstream version.

 -- James Troup <jjtroup@comp.brad.ac.uk>  Wed, 11 Mar 1998 01:52:51 +0000

gnupg (0.2.12-1) unstable; urgency=low

  * New upstream version.

 -- James Troup <jjtroup@comp.brad.ac.uk>  Sat,  7 Mar 1998 13:52:40 +0000

gnupg (0.2.11-1) unstable; urgency=low

  * New upstream version.

 -- James Troup <jjtroup@comp.brad.ac.uk>  Wed,  4 Mar 1998 01:32:12 +0000

gnupg (0.2.10-1) unstable; urgency=low

  * New upstream version.
  * Name changed upstream.

 -- James Troup <jjtroup@comp.brad.ac.uk>  Mon,  2 Mar 1998 07:32:05 +0000

g10 (0.2.7-1) unstable; urgency=low

  * Initial release.

 -- James Troup <jjtroup@comp.brad.ac.uk>  Fri, 20 Feb 1998 02:05:34 +0000
