Security cleanup wrt bug #487230

(Portage version: 2.2.7/cvs/Linux x86_64, signed Manifest commit with key 0x1F357D42)

3 files changed, 5 insertions, 276 deletions

diff --git a/app-crypt/gnupg/ChangeLog b/app-crypt/gnupg/ChangeLog
index df0410b08e56..96fb43d4578f 100644
--- a/app-crypt/gnupg/ChangeLog
+++ b/app-crypt/gnupg/ChangeLog
@@ -1,6 +1,10 @@
 # ChangeLog for app-crypt/gnupg
 # Copyright 1999-2013 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/app-crypt/gnupg/ChangeLog,v 1.500 2013/10/12 18:16:36 ago Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-crypt/gnupg/ChangeLog,v 1.501 2013/11/28 08:12:01 pinkbyte Exp $
+
+  28 Nov 2013; Sergey Popov <pinkbyte@gentoo.org> -gnupg-1.4.14.ebuild,
+  -gnupg-2.0.20.ebuild:
+  Security cleanup wrt bug #487230
 
   12 Oct 2013; Agostino Sarubbo <ago@gentoo.org> gnupg-1.4.15.ebuild,
   gnupg-2.0.22.ebuild:
diff --git a/app-crypt/gnupg/gnupg-1.4.14.ebuild b/app-crypt/gnupg/gnupg-1.4.14.ebuild
deleted file mode 100644
index 457aed858ac6..000000000000
--- a/app-crypt/gnupg/gnupg-1.4.14.ebuild
+++ /dev/null
@@ -1,124 +0,0 @@
-# Copyright 1999-2013 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-crypt/gnupg/gnupg-1.4.14.ebuild,v 1.12 2013/08/08 12:37:13 ago Exp $
-
-EAPI="5"
-
-inherit eutils flag-o-matic toolchain-funcs
-
-ECCVER="0.2.0"
-ECCVER_GNUPG="1.4.9"
-ECC_PATCH="${PN}-${ECCVER_GNUPG}-ecc${ECCVER}.diff"
-MY_P=${P/_/}
-
-DESCRIPTION="The GNU Privacy Guard, a GPL pgp replacement"
-HOMEPAGE="http://www.gnupg.org/"
-SRC_URI="mirror://gnupg/gnupg/${P}.tar.bz2"
-
-LICENSE="GPL-2"
-SLOT="0"
-KEYWORDS="alpha amd64 arm hppa ia64 ~mips ppc ppc64 s390 sh sparc x86 ~x86-fbsd ~x86-freebsd ~amd64-linux ~x86-linux ~x86-macos"
-IUSE="bzip2 curl ldap mta nls readline selinux smartcard static usb zlib linguas_ru"
-
-COMMON_DEPEND="
-	ldap? ( net-nds/openldap )
-	bzip2? ( app-arch/bzip2 )
-	zlib? ( sys-libs/zlib )
-	curl? ( net-misc/curl )
-	mta? ( virtual/mta )
-	readline? ( sys-libs/readline )
-	smartcard? ( =virtual/libusb-0* )
-	usb? ( =virtual/libusb-0* )"
-
-RDEPEND="!static? ( ${COMMON_DEPEND} )
-	selinux? ( sec-policy/selinux-gpg )
-	nls? ( virtual/libintl )"
-
-DEPEND="${COMMON_DEPEND}
-	dev-lang/perl
-	nls? ( sys-devel/gettext )"
-
-S="${WORKDIR}/${MY_P}"
-
-src_prepare() {
-	# Install RU man page in right location
-	sed -e "/^man_MANS =/s/ gpg\.ru\.1//" -i doc/Makefile.in || die "sed doc/Makefile.in failed"
-
-	# bug#469388
-	sed -i -e 's/--batch --dearmor/--homedir . --batch --dearmor/' checks/Makefile.in
-
-	# Fix PIC definitions
-	sed -i -e 's:PIC:__PIC__:' mpi/i386/mpih-{add,sub}1.S intl/relocatable.c \
-		|| die "sed PIC failed"
-	sed -i -e 's:if PIC:ifdef __PIC__:' mpi/sparc32v8/mpih-mul{1,2}.S || \
-		die "sed PIC failed"
-}
-
-src_configure() {
-	# Certain sparc32 machines seem to have trouble building correctly with
-	# -mcpu enabled.  While this is not a gnupg problem, it is a temporary
-	# fix until the gcc problem can be tracked down.
-	if [ "${ARCH}" == "sparc" ] && [ "${PROFILE_ARCH}" == "sparc" ]; then
-		filter-flags -mcpu=supersparc -mcpu=v8 -mcpu=v7
-	fi
-
-	# 'USE=static' support was requested in #29299
-	use static && append-ldflags -static
-
-	econf \
-		--docdir="${EPREFIX}/usr/share/doc/${PF}" \
-		$(use_enable ldap) \
-		$(use_enable mta mailto) \
-		--enable-hkp \
-		--enable-finger \
-		$(use_with !zlib included-zlib) \
-		$(use_with curl libcurl /usr) \
-		$(use_enable nls) \
-		$(use_enable bzip2) \
-		$(use_enable smartcard card-support) \
-		$(use_enable selinux selinux-support) \
-		--without-capabilities \
-		$(use_with readline) \
-		$(use_with usb libusb /usr) \
-		--enable-static-rnd=linux \
-		--libexecdir="${EPREFIX}/usr/libexec" \
-		--enable-noexecstack \
-		CC_FOR_BUILD=$(tc-getBUILD_CC) \
-		${myconf}
-}
-
-src_install() {
-	default
-
-	# keep the documentation in /usr/share/doc/...
-	rm -rf "${ED}usr/share/gnupg/FAQ" "${ED}usr/share/gnupg/faq.html" || die
-
-	dodoc AUTHORS BUGS ChangeLog NEWS PROJECTS README THANKS \
-		TODO VERSION doc/{FAQ,HACKING,DETAILS,OpenPGP}
-
-	exeinto /usr/libexec/gnupg
-	doexe tools/make-dns-cert
-
-	# install RU documentation in right location
-	if use linguas_ru; then
-		cp doc/gpg.ru.1 "${T}/gpg.1" || die
-		doman -i18n=ru "${T}/gpg.1"
-	fi
-}
-
-pkg_postinst() {
-	ewarn "If you are using a non-Linux system, or a kernel older than 2.6.9,"
-	ewarn "you MUST make the gpg binary setuid."
-	echo
-#	if use !bindist && use ecc; then
-#		ewarn
-#		ewarn "The elliptical curves patch is experimental"
-#		ewarn "Further info available at http://alumnes.eps.udl.es/%7Ed4372211/index.en.html"
-#	fi
-	elog
-	elog "See http://www.gentoo.org/doc/en/gnupg-user.xml for documentation on gnupg"
-	elog
-	elog "If you wish to view images emerge:"
-	elog "media-gfx/xloadimage, media-gfx/xli or any other viewer"
-	elog "Remember to use photo-viewer option in configuration file to activate the right viewer"
-}
diff --git a/app-crypt/gnupg/gnupg-2.0.20.ebuild b/app-crypt/gnupg/gnupg-2.0.20.ebuild
deleted file mode 100644
index ad8cec3d0ec5..000000000000
--- a/app-crypt/gnupg/gnupg-2.0.20.ebuild
+++ /dev/null
@@ -1,151 +0,0 @@
-# Copyright 1999-2013 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-crypt/gnupg/gnupg-2.0.20.ebuild,v 1.11 2013/06/30 18:08:20 ago Exp $
-
-EAPI="5"
-
-inherit eutils flag-o-matic toolchain-funcs
-
-DESCRIPTION="The GNU Privacy Guard, a GPL pgp replacement"
-HOMEPAGE="http://www.gnupg.org/"
-SRC_URI="mirror://gnupg/gnupg/${P}.tar.bz2"
-# SRC_URI="ftp://ftp.gnupg.org/gcrypt/${PN}/${P}.tar.bz2"
-
-LICENSE="GPL-3"
-SLOT="0"
-KEYWORDS="alpha amd64 arm hppa ia64 ~mips ppc ppc64 s390 sh sparc x86 ~amd64-fbsd ~x86-fbsd ~x64-freebsd ~x86-freebsd ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
-IUSE="adns bzip2 doc ldap nls mta readline static selinux smartcard usb"
-
-COMMON_DEPEND_LIBS="
-	>=dev-libs/libassuan-2
-	>=dev-libs/libgcrypt-1.4
-	>=dev-libs/libgpg-error-1.7
-	>=dev-libs/libksba-1.0.7
-	>=dev-libs/pth-1.3.7
-	>=net-misc/curl-7.10
-	sys-libs/zlib
-	adns? ( >=net-libs/adns-1.4 )
-	bzip2? ( app-arch/bzip2 )
-	readline? ( sys-libs/readline )
-	smartcard? ( usb? ( virtual/libusb:0 ) )
-	ldap? ( net-nds/openldap )"
-COMMON_DEPEND_BINS="|| ( app-crypt/pinentry app-crypt/pinentry-qt )"
-
-# Existence of executables is checked during configuration.
-DEPEND="${COMMON_DEPEND_LIBS}
-	${COMMON_DEPEND_BINS}
-	static? (
-		>=dev-libs/libassuan-2[static-libs]
-		>=dev-libs/libgcrypt-1.4[static-libs]
-		>=dev-libs/libgpg-error-1.7[static-libs]
-		>=dev-libs/libksba-1.0.7[static-libs]
-		>=dev-libs/pth-1.3.7[static-libs]
-		>=net-misc/curl-7.10[static-libs]
-		sys-libs/zlib[static-libs]
-		bzip2? ( app-arch/bzip2[static-libs] )
-	)
-	nls? ( sys-devel/gettext )
-	doc? ( sys-apps/texinfo )"
-
-RDEPEND="!static? ( ${COMMON_DEPEND_LIBS} )
-	${COMMON_DEPEND_BINS}
-	mta? ( virtual/mta )
-	!<=app-crypt/gnupg-2.0.1
-	selinux? ( sec-policy/selinux-gpg )
-	nls? ( virtual/libintl )"
-
-REQUIRED_USE="smartcard? ( !static )"
-
-src_prepare() {
-	epatch "${FILESDIR}"/${PN}-2.0.17-gpgsm-gencert.patch
-}
-
-src_configure() {
-	local myconf
-
-	# 'USE=static' support was requested:
-	# gnupg1: bug #29299
-	# gnupg2: bug #159623
-	use static && append-ldflags -static
-
-	if use smartcard; then
-		myconf+=" --enable-scdaemon $(use_enable usb ccid-driver)"
-	else
-		myconf+=" --disable-scdaemon"
-	fi
-
-	econf \
-		--docdir="${EPREFIX}/usr/share/doc/${PF}" \
-		--enable-gpg \
-		--enable-gpgsm \
-		--enable-agent \
-		${myconf} \
-		$(use_with adns) \
-		$(use_enable bzip2) \
-		$(use_enable !elibc_SunOS symcryptrun) \
-		$(use_enable nls) \
-		$(use_enable mta mailto) \
-		$(use_enable ldap) \
-		$(use_with readline) \
-		CC_FOR_BUILD="$(tc-getBUILD_CC)"
-}
-
-src_compile() {
-	emake
-
-	if use doc; then
-		cd doc
-		emake html
-	fi
-}
-
-src_install() {
-	emake DESTDIR="${D}" install
-	emake DESTDIR="${D}" -f doc/Makefile uninstall-nobase_dist_docDATA
-	rm "${ED}"/usr/share/gnupg/help* || die
-
-	dodoc ChangeLog NEWS README THANKS TODO VERSION doc/FAQ doc/DETAILS \
-		doc/HACKING doc/TRANSLATE doc/OpenPGP doc/KEYSERVER doc/help*
-
-	dosym gpg2 /usr/bin/gpg
-	dosym gpgv2 /usr/bin/gpgv
-	dosym gpg2keys_hkp /usr/libexec/gpgkeys_hkp
-	dosym gpg2keys_finger /usr/libexec/gpgkeys_finger
-	dosym gpg2keys_curl /usr/libexec/gpgkeys_curl
-	if use ldap; then
-		dosym gpg2keys_ldap /usr/libexec/gpgkeys_ldap
-	fi
-	echo ".so man1/gpg2.1" > "${ED}"/usr/share/man/man1/gpg.1
-	echo ".so man1/gpgv2.1" > "${ED}"/usr/share/man/man1/gpgv.1
-
-	dodir /etc/env.d
-	echo "CONFIG_PROTECT=/usr/share/gnupg/qualified.txt" >> "${ED}"/etc/env.d/30gnupg
-
-	if use doc; then
-		dohtml doc/gnupg.html/* doc/*.png
-	fi
-}
-
-pkg_postinst() {
-	elog "If you wish to view images emerge:"
-	elog "media-gfx/xloadimage, media-gfx/xli or any other viewer"
-	elog "Remember to use photo-viewer option in configuration file to activate"
-	elog "the right viewer."
-	elog
-
-	if use smartcard; then
-		elog "To use your OpenPGP smartcard (or token) with GnuPG you need one of"
-		use usb && elog " - a CCID-compatible reader, used directly through libusb;"
-		elog " - sys-apps/pcsc-lite and a compatible reader device;"
-		elog " - dev-libs/openct and a compatible reader device;"
-		elog " - a reader device and drivers exporting either PC/SC or CT-API interfaces."
-		elog ""
-		elog "General hint: you probably want to try installing sys-apps/pcsc-lite and"
-		elog "app-crypt/ccid first."
-	fi
-
-	ewarn "Please remember to restart gpg-agent if a different version"
-	ewarn "of the agent is currently used. If you are unsure of the gpg"
-	ewarn "agent you are using please run 'killall gpg-agent',"
-	ewarn "and to start a fresh daemon just run 'gpg-agent --daemon'."
-}