Page MenuHome GnuPG
Create Task
Maniphest T6974

Bump requisites on 2.2.x
Closed, ResolvedPublic
Actions

Description

The LTS branch 2.2 (2.2.42) claims to need libgpg-error 1.27 and libksba 1.3.5

However, the actual requisites turn out to be libgpg-error-1.38 (due to the use of gpgrt_reallocarray, there are also other usages requiring libgpg-error > 1.27 but less than 1.38) and libksba-1.4.0 (use of functions like ‘ksba_der_add_val’ on sm/sign.c: write_detached_signature)

While there may not be a 2.2.43, it would be nice to fix this if it actually happens.

Revisions and Commits

rG GnuPG
rG3d46eb6cf799 common: Update requisites

Event Timeline

Angel created this task.Feb 5 2024, 12:49 AM
Angel created this object in space S1 Public.

0001-common-Update-requisites.patch1 KBDownload

werner added a project: gnupg.Feb 5 2024, 8:24 AM
werner added a subscriber: werner.

There will be a 2.2.43 soonish. Thanks for the patch.

Actually we should raise the requirement for libksba to 1.6.3 due to a security fix but some distros just fix security bugs and keep the original version..

werner added a commit: rG3d46eb6cf799: common: Update requisites.Feb 5 2024, 8:24 AM
werner closed this task as Resolved.Feb 5 2024, 8:24 AM
werner claimed this task.