Ubuntu
signing-party package

Change logs for signing-party source package in Eoan

Eoan (19.10)
Change log

signing-party (2.10-2) unstable; urgency=high

  * gpg-key2ps: Security fix for CVE-2019-11627: unsafe shell call enabling
    shell injection via a User ID.  Use Perl's (core) module Encode.pm instead
    of shelling out to `iconv`. (Closes: #928256.)

 -- Guilhem Moulin <email address hidden>  Sun, 05 May 2019 15:13:54 +0200

signing-party (2.10-1) unstable; urgency=high

  * gpg-key2ps: Security fix for CVE-2018-15599: unsafe shell call enabling
    shell injection via a User ID.  Use Perl's (core) module Encode.pm instead
    of shelling out to `iconv`. (Closes: #928256.)

 -- Guilhem Moulin <email address hidden>  Wed, 01 May 2019 12:21:59 +0200

signing-party (2.9-1) unstable; urgency=medium

  * gpglist:
    + When --signer's argument is a long keyid or fingerprint, don't require
      the key to be present in the keyring.  This enable filtering on unknown
      signing keys.
    + Don't choke on direct-key signatures. (Closes: #921331.)
  * gpgparticipants:
    + Improve quoting and replace `echo` with `printf`.
    + Avoid including subkey fingerprints when gpg.conf contains 'fingerprint'.

 -- Guilhem Moulin <email address hidden>  Fri, 01 Mar 2019 15:39:40 +0100

Ubuntusigning-party package

Change logs for signing-party source package in Eoan

Ubuntu
signing-party package