security-and-privacy/gnupg
security-and-privacy/gnupg
1
0
Fork 0
mirror of git://git.gnupg.org/gnupg.git synced 2025-01-23 15:07:03 +01:00
Code Activity

Post release updates

Browse Source
This commit is contained in:
Werner Koch 2011-01-13 17:04:47 +01:00
parent 1f874f860c
commit 846d574407
4 changed files with 36 additions and 101 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
NEWS
View File

@ -1,3 +1,7 @@
Noteworthy changes in version 2.0.18 (unreleased)
-------------------------------------------------
Noteworthy changes in version 2.0.17 (2011-01-13) Noteworthy changes in version 2.0.17 (2011-01-13)
------------------------------------------------- -------------------------------------------------

71
README.maint
View File

@ -1,71 +0,0 @@
Notes for the GnuPG maintainer (SVN only)
============================================
Here are some notes on how to maintain GnuPG.
Release Planning:
=================
If you are planning a new release and strings have changed you should
send a notification to all translators, so that they have time to
update their translations. scripts/mail-to-translators is useful for
this. It might need some tweaking and it needs to be armored for
actual sending. Running it as is to see what will happen is a good
idea, though.
Release process:
================
* Make sure that all new PO files are checked in.
* Decide whether you want to update the automake standard files
(Mainly config.guess and config.sub).
* [1.4 only] Update gpg.texi and gpgv.texi from the trunk:
make -C doc update-source-from-gnupg-2
* Run "make -C po update-po".
* Write NEWS entries and set the release date in NEWS.
* In configure.ac set "my_issvn" to "no".
* Put a "Released <version>" line into the top level ChangeLog.
* Commit all changes to the SVN.
* Update the SVN then (to sync the release number of all files).
* Run "./autogen.sh --force"
(--force is required for the svn magic in configure.ac and a good
idea in any case)
* Run "configure --enable-maintainer-mode".
* Run "make distcheck".
* Build and test the new tarball (best on a different machine).
* Build and test the W32 version.
* [2.x only] Using the final test build run a "make -C doc online".
* Sign the tarball
* Get the previous tarball and run "mkdiff gnupg".
You might need to set a different signature key than mine. mkdiff
has an option for this.
* If you are satisfied with the result tag the release. Use "svn
info" to get the current URL and use an svn cp command similar to
"svn cp svn+ssh://host/gnupg/trunk svn+ssh://host/gnupg/tags/gnupg-2.n.m"
(for 1.4 you should see "branches/STABLE-BRANCH-1-4" instead of "trunk",
however tags are all below tags).
* Copy the files to the FTP server
* Update the webpages - at least the file swdb.wml needs an update.
* Add a new headline to NEWS.
* Bump "my_version" up and set "my_issvn" back to "yes" in configure.ac
* Write an announcement. Update https://savannah.gnu.org/projects/gnupg .
Gotchas
=======
- If during "make distcheck" you get an error about a permission
problem moving foo.new.po to foo.po; this is caused by a check
whether the po files can be re-created. Now if the first tarball
has been created in a different top directory and if there exists a
no distributed file with the string "GNU gnupg" (e.g. a log file
from running make) you end up with different comments in the po
files. Check out /usr/lib/gettext/project-id for that silliness.
As a hack we added this string into configure.ac.

58
announce.txt
View File

@ -5,7 +5,7 @@ Mail-Followup-To: gnupg-users@gnupg.org
Hello! Hello!
We are pleased to announce the availability of a new stable GnuPG-2 We are pleased to announce the availability of a new stable GnuPG-2
release: Version 2.0.16. release: Version 2.0.17.
The GNU Privacy Guard (GnuPG) is GNU's tool for secure communication The GNU Privacy Guard (GnuPG) is GNU's tool for secure communication
and data storage. It can be used to encrypt data, create digital and data storage. It can be used to encrypt data, create digital
@ -14,7 +14,7 @@ framework for public key cryptography. It includes an advanced key
management facility and is compliant with the OpenPGP and S/MIME management facility and is compliant with the OpenPGP and S/MIME
standards. standards.
GnuPG-2 has a different architecture than GnuPG-1 (e.g. 1.4.10) in GnuPG-2 has a different architecture than GnuPG-1 (e.g. 1.4.11) in
that it splits up functionality into several modules. However, both that it splits up functionality into several modules. However, both
versions may be installed alongside without any conflict. In fact, versions may be installed alongside without any conflict. In fact,
the gpg version from GnuPG-1 is able to make use of the gpg-agent as the gpg version from GnuPG-1 is able to make use of the gpg-agent as
@ -31,14 +31,17 @@ GnuPG is distributed under the terms of the GNU General Public License
What's New What's New
=========== ===========
* If the agent's --use-standard-socket option is active, all tools * Allow more hash algorithms with the OpenPGP v2 card.
try to start and daemonize the agent on the fly. In the past this
was only supported on W32; on non-W32 systems the new configure
option --use-standard-socket may now be used to use this feature by
default.
* The gpg-agent commands KILLAGENT and RELOADAGENT are now available * The gpg-agent now tests for a new gpg-agent.conf on a HUP.
on all platforms.
* Fixed output of "gpgconf --check-options".
* Fixed a bug where Scdaemon sends a signal to Gpg-agent running in
non-daemon mode.
* Fixed TTY management for pinentries and session variable update
problem.
* Minor bug fixes. * Minor bug fixes.
@ -49,7 +52,7 @@ Getting the Software
Please follow the instructions found at http://www.gnupg.org/download/ Please follow the instructions found at http://www.gnupg.org/download/
or read on: or read on:
GnuPG 2.0.16 may be downloaded from one of the GnuPG mirror sites or GnuPG 2.0.17 may be downloaded from one of the GnuPG mirror sites or
direct from ftp://ftp.gnupg.org/gcrypt/gnupg/ . The list of mirrors direct from ftp://ftp.gnupg.org/gcrypt/gnupg/ . The list of mirrors
can be found at http://www.gnupg.org/mirrors.html . Note, that GnuPG can be found at http://www.gnupg.org/mirrors.html . Note, that GnuPG
is not available at ftp.gnu.org. is not available at ftp.gnu.org.
@ -57,14 +60,14 @@ is not available at ftp.gnu.org.
On the FTP server and its mirrors you should find the following files On the FTP server and its mirrors you should find the following files
in the gnupg/ directory: in the gnupg/ directory:
gnupg-2.0.16.tar.bz2 (3910k) gnupg-2.0.17.tar.bz2 (3904k)
gnupg-2.0.16.tar.bz2.sig gnupg-2.0.17.tar.bz2.sig
GnuPG source compressed using BZIP2 and OpenPGP signature. GnuPG source compressed using BZIP2 and OpenPGP signature.
gnupg-2.0.15-2.0.16.diff.bz2 (51k) gnupg-2.0.16-2.0.17.diff.bz2 (75k)
A patch file to upgrade a 2.0.15 GnuPG source tree. This patch A patch file to upgrade a 2.0.16 GnuPG source tree. This patch
does not include updates of the language files. does not include updates of the language files.
Note, that we don't distribute gzip compressed tarballs for GnuPG-2. Note, that we don't distribute gzip compressed tarballs for GnuPG-2.
@ -79,9 +82,9 @@ the following ways:
* If you already have a trusted version of GnuPG installed, you * If you already have a trusted version of GnuPG installed, you
can simply check the supplied signature. For example to check the can simply check the supplied signature. For example to check the
signature of the file gnupg-2.0.16.tar.bz2 you would use this command: signature of the file gnupg-2.0.17.tar.bz2 you would use this command:
gpg --verify gnupg-2.0.16.tar.bz2.sig gpg --verify gnupg-2.0.17.tar.bz2.sig
This checks whether the signature file matches the source file. This checks whether the signature file matches the source file.
You should see a message indicating that the signature is good and You should see a message indicating that the signature is good and
@ -94,36 +97,35 @@ the following ways:
or using a keyserver like or using a keyserver like
gpg --recv-key 1CE0C630 gpg --keyserver keys.gnupg.net --recv-key 4F25E3B6
The distribution key 1CE0C630 is signed by the well known key The distribution key 4F25E3B6 is signed by the well known key
5B0358A2. If you get an key expired message, you should retrieve a 1E42B367.
fresh copy as the expiration date might have been prolonged.
NEVER USE A GNUPG VERSION YOU JUST DOWNLOADED TO CHECK THE NEVER USE A GNUPG VERSION YOU JUST DOWNLOADED TO CHECK THE
INTEGRITY OF THE SOURCE - USE AN EXISTING GNUPG INSTALLATION! INTEGRITY OF THE SOURCE - USE AN EXISTING GNUPG INSTALLATION!
* If you are not able to use an old version of GnuPG, you have to verify * If you are not able to use an old version of GnuPG, you have to verify
the SHA-1 checksum. Assuming you downloaded the file the SHA-1 checksum. Assuming you downloaded the file
gnupg-2.0.16.tar.bz2, you would run the sha1sum command like this: gnupg-2.0.17.tar.bz2, you would run the sha1sum command like this:
sha1sum gnupg-2.0.16.tar.bz2 sha1sum gnupg-2.0.17.tar.bz2
and check that the output matches the first line from the and check that the output matches the first line from the
following list: following list:
e7eb4f60026884bd90803b531472bc518804b95d gnupg-2.0.16.tar.bz2 41ef5460417ca0a1131fc730849fe3afd49ad2de gnupg-2.0.17.tar.bz2
be77c0ba597b9ad9e38941e85ba1750890067227 gnupg-2.0.15-2.0.16.diff.bz2 ba49d5ab2659bfe6403d52df58722f439e393bbb gnupg-2.0.16-2.0.17.diff.bz2
Internationalization Internationalization
==================== ====================
GnuPG comes with support for 27 languages. Due to a lot of new and GnuPG comes with support for 27 languages. Due to a lot of new and
changed strings many translations are not entirely complete. Jedi, changed strings many translations are not entirely complete. Jakub
Maxim Britov, Jaime Suárez and Nilgün Belma Bugüner have been kind Bogusz, Petr Pisar, Jedi and Daniel Nylander have been kind enough to
enough to go over their translations and thus the Chinese, German, update their translations on short notice. Thus the Chinese, Czech,
Russian, Spanish, and Turkish translations are pretty much complete. German, Polish and Swedish translations are complete.
Documentation Documentation

4
configure.ac
View File

@ -24,8 +24,8 @@ min_automake_version="1.10"
# Remember to change the version number immediately *after* a release. # Remember to change the version number immediately *after* a release.
# Set my_issvn to "yes" for non-released code. Remember to run an # Set my_issvn to "yes" for non-released code. Remember to run an
# "svn up" and "autogen.sh" right before creating a distribution. # "svn up" and "autogen.sh" right before creating a distribution.
m4_define([my_version], [2.0.17]) m4_define([my_version], [2.0.18])
m4_define([my_issvn], [no]) m4_define([my_issvn], [yes])
m4_define([svn_revision], m4_esyscmd([printf "%d" $(svn info 2>/dev/null \ m4_define([svn_revision], m4_esyscmd([printf "%d" $(svn info 2>/dev/null \
| sed -n '/^Revision:/ s/[^0-9]//gp'|head -1)])) | sed -n '/^Revision:/ s/[^0-9]//gp'|head -1)]))