gnome-keyring (40.0-3ubuntu3) jammy; urgency=medium
* debian/patches/git_ssh_arm.patch:
- cherry pick an upstream change to fix the ssh agent crashing on arm,
thanks Anthony Sottile for pointing out the fix (lp: #1964795)
-- Sebastien Bacher <seb128@ubuntu.com> Tue, 21 Jun 2022 09:27:03 +0200
gnome-keyring (40.0-3ubuntu2) jammy; urgency=medium
* No-change rebuild for ppc64el baseline bump.
-- Ćukasz 'sil2100' Zemczak <lukasz.zemczak@ubuntu.com> Wed, 23 Mar 2022 14:54:49 +0100
gnome-keyring (40.0-3ubuntu1) jammy; urgency=medium
* Sync with Debian. Remaining changes:
- debian/user/*, debian/gnome-keyring.links, debian/gnome-keyring.install:
+ Install units to start gnome-keyring with systemd if the session
is using it
-- Rico Tzschichholz <ricotz@ubuntu.com> Wed, 27 Oct 2021 08:45:29 +0200
gnome-keyring (40.0-3) unstable; urgency=medium
* Team upload
* Don't add CAP_IPC_LOCK capability to gnome-keyring-daemon.
GNOME Keyring uses "memory locking" to prevent memory buffers from being
written out to swap, in an attempt to prevent passwords and other secrets
from being written to disk unencrypted. Since Linux 2.6.9 (Debian 4.0,
2007) it has been possible to lock memory up to the limit defined by
RLIMIT_MEMLOCK without requiring the CAP_IPC_LOCK capability.
Since GLib 2.70, security hardening in GLib means that this capability
interferes with the ability to connect to the D-Bus session bus, which
is required functionality for gnome-keyring.
RLIMIT_MEMLOCK defaults to 64 KiB, although it is considerably higher on
typical Debian systems due to #976373. If memory locking for larger
quantities of secret data is required, please configure a higher
RLIMIT_MEMLOCK in /etc/security/limits.conf.
Using encrypted swap, with an ephemeral key if suspend-to-disk is not
required, is recommended as a more robust way to prevent passwords
from reaching disk. Full-disk encryption is also recommended for
systems where confidentiality is important.
(Closes: #994961)
* Don't build with capabilities support on Linux architectures.
Now that we are not setting CAP_IPC_LOCK, this is not useful, and
disabling it silences some misleading warnings. gnome-keyring will still
log a warning if it cannot allocate enough locked memory for its needs.
* Add proposed patches to avoid unnecessary use of unlocked memory.
Older versions of gnome-keyring did not always prevent larger items of
secret data from being swapped out, even if they could, due to a logic
error when allocating new blocks of locked memory.
-- Simon McVittie <smcv@debian.org> Sun, 26 Sep 2021 17:28:50 +0100
gnome-keyring (40.0-2) unstable; urgency=medium
* Build-Depend on debhelper-compat 13
* Build-Depend on dh-sequence-gnome instead of gnome-pkg-tools
* debian/rules: clean up unneeded rules
* Release to unstable
-- Jeremy Bicha <jbicha@debian.org> Sat, 21 Aug 2021 07:43:03 -0400
gnome-keyring (40.0-1ubuntu1) impish; urgency=medium
* Sync with Debian. Remaining changes:
- debian/user/*, debian/gnome-keyring.links, debian/gnome-keyring.install:
+ Install units to start gnome-keyring with systemd if the session
is using it
-- Sebastien Bacher <seb128@ubuntu.com> Wed, 02 Jun 2021 17:11:50 +0200
gnome-keyring (40.0-1) experimental; urgency=medium
* New upstream release
* debian/watch:
- Update to follow the new GNOME version scheme
-- Sebastien Bacher <seb128@ubuntu.com> Wed, 02 Jun 2021 17:06:23 +0200
gnome-keyring (3.36.0-1) unstable; urgency=medium
* New upstream release
-- Sebastien Bacher <seb128@ubuntu.com> Wed, 11 Mar 2020 10:00:29 +0100
gnome-keyring (3.35.90-1) experimental; urgency=medium
[ Simon McVittie ]
* Build-depend on python3 instead of python.
build/tap-driver is now a python3 script, and Python 2 is deprecated.
(Closes: #943047)
* Qualify python3 build-dependency with :native for cross-compilation.
Thanks to Helmut Grohne. (Closes: #856507)
* Qualify dbus and python3 build-dependencies with <!nocheck>
[ Sebastien Bacher ]
* New upstream release
* debian/gnome-keyring.install:
- include the new xdg-desktop-portal files
-- Sebastien Bacher <seb128@ubuntu.com> Mon, 24 Feb 2020 17:18:02 +0100
gnome-keyring (3.34.0-1) unstable; urgency=medium
* New upstream release
* Drop patches applied in new release:
- Remove-tap-gtester-rely-on-GLib-2.38-built-in-TAP-output-.patch
- test-gkd-ssh-agent-service-Avoid-race-condition-with-serv.patch
* Release to unstable
-- Jeremy Bicha <jbicha@debian.org> Mon, 30 Sep 2019 21:08:35 -0400
# For older changelog entries, run 'apt-get changelog gnome-keyring'
Generated by dwww version 1.14 on Thu Jan 23 03:28:39 CET 2025.