security-and-privacy/gnupg
security-and-privacy
/
gnupg
mirror of git://git.gnupg.org/gnupg.git
1
0
Fork 0
Code Activity

Post release updates

This commit is contained in:
Werner Koch 2011-01-13 17:04:47 +01:00
parent 1f874f860c
commit 846d574407
4 changed files with 36 additions and 101 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
NEWS
View File

@ -1,3 +1,7 @@
Noteworthy changes in version 2.0.18 (unreleased)
-------------------------------------------------
Noteworthy changes in version 2.0.17 (2011-01-13)
-------------------------------------------------

71
README.maint
View File

@ -1,71 +0,0 @@
Notes for the GnuPG maintainer (SVN only)
============================================
Here are some notes on how to maintain GnuPG.
Release Planning:
=================
If you are planning a new release and strings have changed you should
send a notification to all translators, so that they have time to
update their translations. scripts/mail-to-translators is useful for
this. It might need some tweaking and it needs to be armored for
actual sending. Running it as is to see what will happen is a good
idea, though.
Release process:
================
* Make sure that all new PO files are checked in.
* Decide whether you want to update the automake standard files
(Mainly config.guess and config.sub).
* [1.4 only] Update gpg.texi and gpgv.texi from the trunk:
make -C doc update-source-from-gnupg-2
* Run "make -C po update-po".
* Write NEWS entries and set the release date in NEWS.
* In configure.ac set "my_issvn" to "no".
* Put a "Released <version>" line into the top level ChangeLog.
* Commit all changes to the SVN.
* Update the SVN then (to sync the release number of all files).
* Run "./autogen.sh --force"
(--force is required for the svn magic in configure.ac and a good
idea in any case)
* Run "configure --enable-maintainer-mode".
* Run "make distcheck".
* Build and test the new tarball (best on a different machine).
* Build and test the W32 version.
* [2.x only] Using the final test build run a "make -C doc online".
* Sign the tarball
* Get the previous tarball and run "mkdiff gnupg".
You might need to set a different signature key than mine. mkdiff
has an option for this.
* If you are satisfied with the result tag the release. Use "svn
info" to get the current URL and use an svn cp command similar to
"svn cp svn+ssh://host/gnupg/trunk svn+ssh://host/gnupg/tags/gnupg-2.n.m"
(for 1.4 you should see "branches/STABLE-BRANCH-1-4" instead of "trunk",
however tags are all below tags).
* Copy the files to the FTP server
* Update the webpages - at least the file swdb.wml needs an update.
* Add a new headline to NEWS.
* Bump "my_version" up and set "my_issvn" back to "yes" in configure.ac
* Write an announcement. Update https://savannah.gnu.org/projects/gnupg .
Gotchas
=======
- If during "make distcheck" you get an error about a permission
problem moving foo.new.po to foo.po; this is caused by a check
whether the po files can be re-created. Now if the first tarball
has been created in a different top directory and if there exists a
no distributed file with the string "GNU gnupg" (e.g. a log file
from running make) you end up with different comments in the po
files. Check out /usr/lib/gettext/project-id for that silliness.
As a hack we added this string into configure.ac.

58
announce.txt
View File

@ -5,7 +5,7 @@ Mail-Followup-To: gnupg-users@gnupg.org
Hello!
We are pleased to announce the availability of a new stable GnuPG-2
release: Version 2.0.16.
release: Version 2.0.17.
The GNU Privacy Guard (GnuPG) is GNU's tool for secure communication
and data storage. It can be used to encrypt data, create digital
@ -14,7 +14,7 @@ framework for public key cryptography. It includes an advanced key
management facility and is compliant with the OpenPGP and S/MIME
standards.
GnuPG-2 has a different architecture than GnuPG-1 (e.g. 1.4.10) in
GnuPG-2 has a different architecture than GnuPG-1 (e.g. 1.4.11) in
that it splits up functionality into several modules. However, both
versions may be installed alongside without any conflict. In fact,
the gpg version from GnuPG-1 is able to make use of the gpg-agent as
@ -31,14 +31,17 @@ GnuPG is distributed under the terms of the GNU General Public License
What's New
===========
* If the agent's --use-standard-socket option is active, all tools
try to start and daemonize the agent on the fly. In the past this
was only supported on W32; on non-W32 systems the new configure
option --use-standard-socket may now be used to use this feature by
default.
* Allow more hash algorithms with the OpenPGP v2 card.
* The gpg-agent commands KILLAGENT and RELOADAGENT are now available
on all platforms.
* The gpg-agent now tests for a new gpg-agent.conf on a HUP.
* Fixed output of "gpgconf --check-options".
* Fixed a bug where Scdaemon sends a signal to Gpg-agent running in
non-daemon mode.
* Fixed TTY management for pinentries and session variable update
problem.
* Minor bug fixes.
@ -49,7 +52,7 @@ Getting the Software
Please follow the instructions found at http://www.gnupg.org/download/
or read on:
GnuPG 2.0.16 may be downloaded from one of the GnuPG mirror sites or
GnuPG 2.0.17 may be downloaded from one of the GnuPG mirror sites or
direct from ftp://ftp.gnupg.org/gcrypt/gnupg/ . The list of mirrors
can be found at http://www.gnupg.org/mirrors.html . Note, that GnuPG
is not available at ftp.gnu.org.
@ -57,14 +60,14 @@ is not available at ftp.gnu.org.
On the FTP server and its mirrors you should find the following files
in the gnupg/ directory:
gnupg-2.0.16.tar.bz2 (3910k)
gnupg-2.0.16.tar.bz2.sig
gnupg-2.0.17.tar.bz2 (3904k)
gnupg-2.0.17.tar.bz2.sig
GnuPG source compressed using BZIP2 and OpenPGP signature.
gnupg-2.0.15-2.0.16.diff.bz2 (51k)
gnupg-2.0.16-2.0.17.diff.bz2 (75k)
A patch file to upgrade a 2.0.15 GnuPG source tree. This patch
A patch file to upgrade a 2.0.16 GnuPG source tree. This patch
does not include updates of the language files.
Note, that we don't distribute gzip compressed tarballs for GnuPG-2.
@ -79,9 +82,9 @@ the following ways:
* If you already have a trusted version of GnuPG installed, you
can simply check the supplied signature. For example to check the
signature of the file gnupg-2.0.16.tar.bz2 you would use this command:
signature of the file gnupg-2.0.17.tar.bz2 you would use this command:
gpg --verify gnupg-2.0.16.tar.bz2.sig
gpg --verify gnupg-2.0.17.tar.bz2.sig
This checks whether the signature file matches the source file.
You should see a message indicating that the signature is good and
@ -94,36 +97,35 @@ the following ways:
or using a keyserver like
gpg --recv-key 1CE0C630
gpg --keyserver keys.gnupg.net --recv-key 4F25E3B6
The distribution key 1CE0C630 is signed by the well known key
5B0358A2. If you get an key expired message, you should retrieve a
fresh copy as the expiration date might have been prolonged.
The distribution key 4F25E3B6 is signed by the well known key
1E42B367.
NEVER USE A GNUPG VERSION YOU JUST DOWNLOADED TO CHECK THE
INTEGRITY OF THE SOURCE - USE AN EXISTING GNUPG INSTALLATION!
* If you are not able to use an old version of GnuPG, you have to verify
the SHA-1 checksum. Assuming you downloaded the file
gnupg-2.0.16.tar.bz2, you would run the sha1sum command like this:
gnupg-2.0.17.tar.bz2, you would run the sha1sum command like this:
sha1sum gnupg-2.0.16.tar.bz2
sha1sum gnupg-2.0.17.tar.bz2
and check that the output matches the first line from the
following list:
e7eb4f60026884bd90803b531472bc518804b95d gnupg-2.0.16.tar.bz2
be77c0ba597b9ad9e38941e85ba1750890067227 gnupg-2.0.15-2.0.16.diff.bz2
41ef5460417ca0a1131fc730849fe3afd49ad2de gnupg-2.0.17.tar.bz2
ba49d5ab2659bfe6403d52df58722f439e393bbb gnupg-2.0.16-2.0.17.diff.bz2
Internationalization
====================
GnuPG comes with support for 27 languages. Due to a lot of new and
changed strings many translations are not entirely complete. Jedi,
Maxim Britov, Jaime Suárez and Nilgün Belma Bugüner have been kind
enough to go over their translations and thus the Chinese, German,
Russian, Spanish, and Turkish translations are pretty much complete.
changed strings many translations are not entirely complete. Jakub
Bogusz, Petr Pisar, Jedi and Daniel Nylander have been kind enough to
update their translations on short notice. Thus the Chinese, Czech,
German, Polish and Swedish translations are complete.
Documentation

4
configure.ac
View File

@ -24,8 +24,8 @@ min_automake_version="1.10"
# Remember to change the version number immediately *after* a release.
# Set my_issvn to "yes" for non-released code. Remember to run an
# "svn up" and "autogen.sh" right before creating a distribution.
m4_define([my_version], [2.0.17])
m4_define([my_issvn], [no])
m4_define([my_version], [2.0.18])
m4_define([my_issvn], [yes])
m4_define([svn_revision], m4_esyscmd([printf "%d" $(svn info 2>/dev/null \
| sed -n '/^Revision:/ s/[^0-9]//gp'|head -1)]))