touch-packages team mailing list archive

Thread
Date

[Bug 1501634] Re: GnuPG 1.4 requires a patch for GCC 5

To: touch-packages@xxxxxxxxxxxxxxxxxxx
From: NIIBE Yutaka <gniibe@xxxxxxxx>
Date: Thu, 01 Oct 2015 23:53:03 -0000
Reply-to: Bug 1501634 <1501634@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

This bug is fixed in upstream.

GnuPG 1.4:
http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=6db18e29eb81b37ed6feb592add77d492c60fc35

GnuPG 2.0:
http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=b1653a4083b91cfa85d90f59612fa1c3f4d51778

It had been fixed in development branch before, and the fix was intended
to silence a warning at that time.  Because of that, the commit log
doesn't directly address it's a bug.

Now with GCC 5, we have a concrete example which hits the bug.  Namely, OpenPGP-compliant valid signature might be
regected.


** Summary changed:

- GnuPG 1.4 requires a patch for GCC 5
+ GnuPG 1.4/2.0 requires a patch for GCC 5

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to gnupg in Ubuntu.
https://bugs.launchpad.net/bugs/1501634

Title:
  GnuPG 1.4/2.0 requires a patch for GCC 5

Status in gnupg package in Ubuntu:
  New
Status in gnupg2 package in Ubuntu:
  New

Bug description:
  Hello,

  I am a upstream developer of GnuPG, and we got a bug report.

  https://lists.gnupg.org/pipermail/gnupg-devel/2015-September/030334.html
  https://lists.gnupg.org/pipermail/gnupg-devel/2015-October/030336.html

  I committed a fix to upstream repository for 1.4 and 2.0.

  Then, I realized that Ubuntu uses GCC 5 for building gnupg.  Thus,
  reporting.

  I'm not sure if this bug is reproducible on Ubuntu.  It is reproducible on my Debian machine.
  Please check.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnupg/+bug/1501634/+subscriptions

References

[Bug 1501634] [NEW] GnuPG 1.4 requires a patch for GCC 5
From: NIIBE Yutaka, 2015-10-01