libmutil: dropped empty dir

7 files changed, 514 insertions, 14 deletions

diff --git a/packages/gnupg/gnupg-1.4.7/.mtn2git_empty b/packages/gnupg/gnupg-1.4.7/.mtn2git_empty
new file mode 100644
index 0000000000..e69de29bb2
--- /dev/null
+++ b/packages/gnupg/gnupg-1.4.7/.mtn2git_empty
diff --git a/packages/gnupg/gnupg-1.4.7/15_free_caps.dpatch b/packages/gnupg/gnupg-1.4.7/15_free_caps.dpatch
new file mode 100644
index 0000000000..d48b2e16b8
--- /dev/null
+++ b/packages/gnupg/gnupg-1.4.7/15_free_caps.dpatch
@@ -0,0 +1,124 @@
+#! /bin/sh -e
+## 15_free_caps.dpatch by  <mpitt@debian.org>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: cap_from_text() allocates a new capability context, which is not freed
+## DP: in the original sources. This patch fixes this.
+## DP: Please note that this approach alone is not safe: when using
+## DP: USE_CAPABILITIES the root user is not setuid() back any more to a normal
+## DP: user.
+
+if [ $# -lt 1 ]; then
+    echo "`basename $0`: script expects -patch|-unpatch as argument" >&2
+    exit 1
+fi
+
+[ -f debian/patches/00patch-opts ] && . debian/patches/00patch-opts
+patch_opts="${patch_opts:--f --no-backup-if-mismatch} ${2:+-d $2}"
+
+case "$1" in
+    -patch) patch -p1 ${patch_opts} < $0;;
+    -unpatch) patch -R -p1 ${patch_opts} < $0;;
+    *)
+        echo "`basename $0`: script expects -patch|-unpatch as argument" >&2
+        exit 1;;
+esac
+
+exit 0
+
+@DPATCH@
+diff -urNad /home/weasel/tmp/debian-gpg/gnupg-1.2.5/g10/status.c gnupg-1.2.5/g10/status.c
+--- /home/weasel/tmp/debian-gpg/gnupg-1.2.5/g10/status.c	2004-07-21 09:59:45.000000000 +0200
++++ gnupg-1.2.5/g10/status.c	2004-08-01 20:07:42.071690680 +0200
+@@ -346,6 +346,9 @@
+ {
+     char buf[100];
+     struct shmid_ds shmds;
++#ifdef USE_CAPABILITIES
++    cap_t caps;
++#endif
+ 
+ #ifndef IPC_RMID_DEFERRED_RELEASE
+     atexit( remove_shmid );
+@@ -371,7 +374,9 @@
+ 			    (unsigned)shm_size/1024, shm_area, shm_id );
+     if( lock_mem ) {
+ #ifdef USE_CAPABILITIES
+-	cap_set_proc( cap_from_text("cap_ipc_lock+ep") );
++	caps = cap_from_text("cap_ipc_lock=ep");
++	cap_set_proc( caps );
++	cap_free( caps );
+ #endif
+ 	/* (need the cast for Solaris with Sun's workshop compilers) */
+ 	if ( mlock ( (char*)shm_area, shm_size) )
+@@ -380,7 +385,9 @@
+ 	else
+ 	    shm_is_locked = 1;
+ #ifdef USE_CAPABILITIES
+-	cap_set_proc( cap_from_text("cap_ipc_lock+p") );
++	caps = cap_from_text("cap_ipc_lock=p");
++	cap_set_proc( caps );
++	cap_free( caps );
+ #endif
+     }
+ 
+@@ -407,7 +414,9 @@
+ 
+     if( lock_mem ) {
+ #ifdef USE_CAPABILITIES
+-	cap_set_proc( cap_from_text("cap_ipc_lock+ep") );
++	caps = cap_from_text("cap_ipc_lock=ep");
++	cap_set_proc( caps );
++	cap_free( caps );
+ #endif
+ #ifdef IPC_HAVE_SHM_LOCK
+ 	if ( shmctl (shm_id, SHM_LOCK, 0) )
+@@ -419,7 +428,9 @@
+ 	log_info("Locking shared memory %d failed: No way to do it\n", shm_id );
+ #endif
+ #ifdef USE_CAPABILITIES
+-	cap_set_proc( cap_from_text("cap_ipc_lock+p") );
++	caps = cap_from_text("cap_ipc_lock=p");
++	cap_set_proc( caps );
++	cap_free( caps );
+ #endif
+     }
+ 
+diff -urNad /home/weasel/tmp/debian-gpg/gnupg-1.2.5/util/secmem.c gnupg-1.2.5/util/secmem.c
+--- /home/weasel/tmp/debian-gpg/gnupg-1.2.5/util/secmem.c	2004-02-24 17:06:58.000000000 +0100
++++ gnupg-1.2.5/util/secmem.c	2004-08-01 20:08:10.873412378 +0200
+@@ -97,12 +97,18 @@
+ {
+ #if defined(USE_CAPABILITIES) && defined(HAVE_MLOCK)
+     int err;
++    cap_t caps;
++
++    caps = cap_from_text("cap_ipc_lock=ep");
++    cap_set_proc( caps );
++    cap_free( caps );
+ 
+-    cap_set_proc( cap_from_text("cap_ipc_lock+ep") );
+     err = mlock( p, n );
+     if( err && errno )
+ 	err = errno;
+-    cap_set_proc( cap_from_text("cap_ipc_lock+p") );
++    caps = cap_from_text("cap_ipc_lock=p");
++    cap_set_proc( caps );
++    cap_free( caps );
+ 
+     if( err ) {
+ 	if( errno != EPERM
+@@ -301,8 +307,12 @@
+     if( !n ) {
+ #ifndef __riscos__
+ #ifdef USE_CAPABILITIES
++	cap_t caps;
++
+ 	/* drop all capabilities */
+-	cap_set_proc( cap_from_text("all-eip") );
++	caps = cap_from_text("all-eip");
++	cap_set_proc( caps );
++	cap_free( caps );
+ 
+ #elif !defined(HAVE_DOSISH_SYSTEM)
+ 	uid_t uid;
diff --git a/packages/gnupg/gnupg-1.4.7/16_min_privileges.dpatch b/packages/gnupg/gnupg-1.4.7/16_min_privileges.dpatch
new file mode 100644
index 0000000000..464133ed61
--- /dev/null
+++ b/packages/gnupg/gnupg-1.4.7/16_min_privileges.dpatch
@@ -0,0 +1,98 @@
+#! /bin/sh -e
+## 16_min_privileges.dpatch by  <mpitt@debian.org>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: when using USE_CAPABILITIES, the uid was not setuid() back to a normal
+## DP: user; this would allow to regain _all_ capabilities just by doing
+## DP: exec(). This patch ensures minimal privileges by immediately revoking
+## DP: root user and all capabilities except CAP_IPC_LOCK. After the shared
+## DP: memory is set up, this last capability is dropped as well.
+
+if [ $# -lt 1 ]; then
+    echo "`basename $0`: script expects -patch|-unpatch as argument" >&2
+    exit 1
+fi
+
+[ -f debian/patches/00patch-opts ] && . debian/patches/00patch-opts
+patch_opts="${patch_opts:--f --no-backup-if-mismatch} ${2:+-d $2}"
+
+case "$1" in
+    -patch) patch -p1 ${patch_opts} < $0;;
+    -unpatch) patch -R -p1 ${patch_opts} < $0;;
+    *)
+        echo "`basename $0`: script expects -patch|-unpatch as argument" >&2
+        exit 1;;
+esac
+
+exit 0
+
+@DPATCH@
+diff -urNad gnupg-1.4.0/g10/gpg.c /tmp/dpep.O5S02c/gnupg-1.4.0/g10/gpg.c
+--- gnupg-1.4.0/g10/gpg.c	2004-12-16 09:47:36.000000000 +0000
++++ /tmp/dpep.O5S02c/gnupg-1.4.0/g10/gpg.c	2005-02-03 23:31:40.645873299 +0000
+@@ -69,6 +69,11 @@
+ #endif
+ 
+ 
++#ifdef USE_CAPABILITIES
++#include <sys/capability.h>
++#include <sys/prctl.h>
++#endif
++
+ enum cmd_and_opt_values
+   {
+     aNull = 0,
+@@ -1618,6 +1623,10 @@
+ #ifdef USE_SHM_COPROCESSING
+     ulong requested_shm_size=0;
+ #endif
++#ifdef USE_CAPABILITIES
++    uid_t curr_uid;
++    cap_t caps;
++#endif
+ 
+ #ifdef __riscos__
+     opt.lock_once = 1;
+@@ -1629,6 +1638,33 @@
+      * when adding any stuff between here and the call to
+      * secmem_init()  somewhere after the option parsing
+      */
++
++    /* if we use capabilities and run as root, we can immediately setuid back
++     * to the normal user and only keep CAP_IPC_LOCK until the shared memory is
++     * set up.
++     */
++#ifdef USE_CAPABILITIES
++    curr_uid = getuid();
++    if( curr_uid && !geteuid() ) { /* we are setuid root */
++	if( prctl( PR_SET_KEEPCAPS, 1, 0, 0, 0 ) ) {
++	    perror( "main(): could not keep capabilities" );
++	    return -100;
++	}
++
++	if( setuid( curr_uid ) ) {
++	    perror( "main(): could not set user id" );
++	    return -100;
++	}
++
++	caps = cap_from_text( "cap_ipc_lock=p" );
++	if( cap_set_proc( caps ) ) {
++	    perror( "main(): could not install capabilities" );
++	    return -100;
++	}
++	cap_free( caps );
++    }
++#endif
++
+     log_set_name("gpg");
+     secure_random_alloc(); /* put random number into secure memory */
+     may_coredump = disable_core_dumps();
+@@ -1747,7 +1783,7 @@
+     }
+ #endif
+     /* initialize the secure memory. */
+-    got_secmem=secmem_init( 32768 );
++    got_secmem=secmem_init( 32768 ); /* this will drop all remaining privileges */
+     maybe_setuid = 0;
+     /* Okay, we are now working under our real uid */
+ 
diff --git a/packages/gnupg/gnupg-1.4.7/24_gpgv_manpage_cleanup.dpatch b/packages/gnupg/gnupg-1.4.7/24_gpgv_manpage_cleanup.dpatch
new file mode 100644
index 0000000000..0284334cf9
--- /dev/null
+++ b/packages/gnupg/gnupg-1.4.7/24_gpgv_manpage_cleanup.dpatch
@@ -0,0 +1,85 @@
+#! /bin/sh -e
+## 24_gpgv_manpage_cleanup.dpatch
+##
+## DP: Description: Small fixes for gpgv manpage (#177951)
+## DP: Author: "Jim W. Jaszewski" <grok@sprint.ca>
+## DP: Upstream status: Not yet submitted
+## DP: Date: 2003-01-22
+
+if [ $# -lt 1 ]; then
+    echo "`basename $0`: script expects -patch|-unpatch as argument" >&2
+    exit 1
+fi
+
+[ -f debian/patches/00patch-opts ] && . debian/patches/00patch-opts
+patch_opts="${patch_opts:--f --no-backup-if-mismatch} ${2:+-d $2}"
+
+case "$1" in
+    -patch) patch -p1 ${patch_opts} < $0;;
+    -unpatch) patch -R -p1 ${patch_opts} < $0;;
+    *)
+        echo "`basename $0`: script expects -patch|-unpatch as argument" >&2
+        exit 1;;
+esac
+
+exit 0
+
+@DPATCH@
+diff -urNad gnupg-1.4.6~/doc/gpgv.texi gnupg-1.4.6/doc/gpgv.texi
+--- gnupg-1.4.6~/doc/gpgv.texi	2006-12-04 14:01:31.000000000 +0000
++++ gnupg-1.4.6/doc/gpgv.texi	2006-12-07 02:33:20.000000000 +0000
+@@ -55,8 +55,8 @@
+ @mansect description
+ @code{@gpgvname} is an OpenPGP signature verification tool.
+ 
+-This program is actually a stripped down version of @code{gpg} which is
+-only able to check signatures. It is somewhat smaller than the fully blown
++This program is actually a stripped-down version of @code{gpg} which is
++only able to check signatures. It is somewhat smaller than the fully-blown
+ @code{gpg} and uses a different (and simpler) way to check that
+ the public keys used to make the signature are valid. There are
+ no configuration files and only a few options are implemented.
+@@ -114,7 +114,7 @@
+ 
+ @mansect return value
+ 
+-The program returns 0 if everything was fine, 1 if at least
++The program returns 0 if everything is fine, 1 if at least
+ one signature was bad, and other error codes for fatal errors.
+ 
+ @mansect examples
+@@ -126,7 +126,7 @@
+ @itemx @gpgvname @code{sigfile} 
+ Verify the signature of the file. The second form
+ is used for detached signatures, where @code{sigfile} is the detached
+-signature (either ASCII armored or binary) and are the signed
++signature (either ASCII-armored or binary) and are the signed
+ data; if this is not given the name of the file holding the signed data is
+ constructed by cutting off the extension (".asc", ".sig" or ".sign") from
+ @code{sigfile}.
+@@ -152,7 +152,7 @@
+ @table @asis
+ 
+ @item ~/.gnupg/trustedkeys.gpg
+-The default keyring with the allowed keys
++The default keyring with the allowed keys.
+ 
+ @end table
+ 
+diff -urNad gnupg-1.4.6~/doc/opt-homedir.texi gnupg-1.4.6/doc/opt-homedir.texi
+--- gnupg-1.4.6~/doc/opt-homedir.texi	2006-12-04 13:31:56.000000000 +0000
++++ gnupg-1.4.6/doc/opt-homedir.texi	2006-12-07 02:32:48.000000000 +0000
+@@ -1,11 +1,11 @@
+ @c This option is included at several places.
+ @item --homedir @var{dir}
+ @opindex homedir
+-Set the name of the home directory to @var{dir}. If his option is not
++Set the name of the home directory to @var{dir}. If this option is not
+ used, the home directory defaults to @file{~/.gnupg}.  It is only
+ recognized when given on the command line.  It also overrides any home
+ directory stated through the environment variable @env{GNUPGHOME} or
+-(on W32 systems) by means on the Registry entry
++(on W32 systems) by means of the Registry entry
+ @ifset isman
+ @var{HKCU\\Software\\GNU\\GnuPG:HomeDir}.
+ @end ifset
diff --git a/packages/gnupg/gnupg-1.4.7/25_de.po_fixes.dpatch b/packages/gnupg/gnupg-1.4.7/25_de.po_fixes.dpatch
new file mode 100644
index 0000000000..d83d59dddb
--- /dev/null
+++ b/packages/gnupg/gnupg-1.4.7/25_de.po_fixes.dpatch
@@ -0,0 +1,195 @@
+#! /bin/sh -e
+## 25_de.po_fixes.dpatch
+##
+## DP: Description: Small fixes for the German translation (#314069)
+## DP: Author: Jens Seidel <jensseidel@users.sf.net>
+## DP: Upstream status: Not yet submitted
+## DP: Date: 2005-06-14
+
+if [ $# -lt 1 ]; then
+    echo "`basename $0`: script expects -patch|-unpatch as argument" >&2
+    exit 1
+fi
+
+[ -f debian/patches/00patch-opts ] && . debian/patches/00patch-opts
+patch_opts="${patch_opts:--f --no-backup-if-mismatch} ${2:+-d $2}"
+
+case "$1" in
+    -patch) patch -p1 ${patch_opts} < $0;;
+    -unpatch) patch -R -p1 ${patch_opts} < $0;;
+    *)
+        echo "`basename $0`: script expects -patch|-unpatch as argument" >&2
+        exit 1;;
+esac
+
+exit 0
+
+@DPATCH@
+diff -urNad gnupg-1.4.5~/po/de.po gnupg-1.4.5/po/de.po
+--- gnupg-1.4.5~/po/de.po	2006-08-01 12:08:06.000000000 +0100
++++ gnupg-1.4.5/po/de.po	2006-08-01 21:50:19.000000000 +0100
+@@ -1241,7 +1241,7 @@
+ 
+ #: g10/gpg.c:791
+ msgid "Pubkey: "
+-msgstr "Öff.Schlüssel: "
++msgstr "Öff. Schlüssel: "
+ 
+ #: g10/gpg.c:797 g10/keyedit.c:2310
+ msgid "Cipher: "
+@@ -2330,7 +2330,7 @@
+ #: g10/import.c:319
+ #, c-format
+ msgid " secret keys unchanged: %lu\n"
+-msgstr "                 unveränderte geh.Schl.: %lu\n"
++msgstr "                unveränderte geh. Schl.: %lu\n"
+ 
+ #: g10/import.c:321
+ #, c-format
+@@ -3388,11 +3388,11 @@
+ 
+ #: g10/keyedit.c:2035
+ msgid "Do you really want to revoke the selected subkeys? (y/N) "
+-msgstr "Möchten Sie die ausgewählten Unterschlüssel wirklich widerrufen? "
++msgstr "Möchten Sie die ausgewählten Unterschlüssel wirklich widerrufen? (j/N) "
+ 
+ #: g10/keyedit.c:2037
+ msgid "Do you really want to revoke this subkey? (y/N) "
+-msgstr "Möchten Sie diesen Schlüssel wirklich widerrufen? "
++msgstr "Möchten Sie diesen Unterschlüssel wirklich widerrufen? (j/N) "
+ 
+ #: g10/keyedit.c:2087
+ msgid ""
+@@ -3568,7 +3568,7 @@
+ 
+ #: g10/keyedit.c:3022
+ msgid "You may not add a photo ID to a PGP2-style key.\n"
+-msgstr "Sie können einem PGP2-artigen SchlüÂüsel keine Foto-ID hinzufügen.\n"
++msgstr "Sie können einem PGP2-artigen Schlüssel keine Foto-ID hinzufügen.\n"
+ 
+ #: g10/keyedit.c:3162
+ msgid "Delete this good signature? (y/N/q)"
+@@ -3622,7 +3622,7 @@
+ #: g10/keyedit.c:3352
+ msgid "You may not add a designated revoker to a PGP 2.x-style key.\n"
+ msgstr ""
+-"Sie können einem PGP2-artigen SchlüÂüsel keine vorgesehenen Widerrufer "
++"Sie können einem PGP2-artigen Schlüssel keine vorgesehenen Widerrufer "
+ "hinzufügen.\n"
+ 
+ #: g10/keyedit.c:3372
+@@ -5034,7 +5034,7 @@
+ "Wählen Sie ein Bild für Ihre Photo ID aus. Das Bild muß eine JPEG Datei\n"
+ "sein.  Bitte beachten Sie, daß das Bild in Ihrem öffentlichen\n"
+ "Schlüssel gespeichert wird.  Wenn Sie ein sehr großes Bild benutzen,\n"
+-"wir Ihr Schlüssel leider auch sehr groß werden.  Ein Bild der GröÂße\n"
++"wir Ihr Schlüssel leider auch sehr groß werden.  Ein Bild der Größe\n"
+ "240x288 Pixel ist eine gute Wahl.\n"
+ 
+ #: g10/photoid.c:95
+@@ -5406,7 +5406,7 @@
+ #: g10/pubkey-enc.c:244
+ #, c-format
+ msgid "cipher algorithm %d%s is unknown or disabled\n"
+-msgstr "Verschüsselungsverfahren %d%s ist unbekannt oder abgeschaltet\n"
++msgstr "Verschlüsselungsverfahren %d%s ist unbekannt oder abgeschaltet\n"
+ 
+ #: g10/pubkey-enc.c:282
+ #, fuzzy, c-format
+@@ -5504,7 +5504,7 @@
+ msgstr ""
+ "Widerrufszertifikat wurde erzeugt.\n"
+ "\n"
+-"Bitte speichern Sie es auf einem Medium welches sie wegschliessen\n"
++"Bitte speichern Sie es auf einem Medium welches sie wegschließen\n"
+ "können; falls Mallory (ein Angreifer) Zugang zu diesem Zertifikat\n"
+ "erhält, kann erIhren Schlüssel unbrauchbar machen.  Es wäre klug,\n"
+ "dieses Widerrufszertifikat auch auszudrucken und sicher aufzubewahren,\n"
+@@ -5588,7 +5588,7 @@
+ msgid "cannot avoid weak key for symmetric cipher; tried %d times!\n"
+ msgstr ""
+ "Trotz %d-fachen Versuch konnte die Erzeugung eines unsicheren Schlüssels für "
+-"sym.Verschlüsselung nicht vermieden werden!\n"
++"sym. Verschlüsselung nicht vermieden werden!\n"
+ 
+ #: g10/seskey.c:222
+ msgid "DSA requires the hash length to be a multiple of 8 bits\n"
+@@ -6133,7 +6133,7 @@
+ #, fuzzy, c-format
+ msgid "public key of ultimately trusted key %s not found\n"
+ msgstr ""
+-"öff.Schlüssel des uneingeschränkt vertrautem Schlüssel %08lX nicht gefunden\n"
++"öff. Schlüssel des uneingeschränkt vertrautem Schlüssel %08lX nicht gefunden\n"
+ 
+ #: g10/trustdb.c:2197
+ #, c-format
+@@ -6190,7 +6190,7 @@
+ 
+ #: util/errors.c:60
+ msgid "bad public key"
+-msgstr "Falscher öffentlicher Schüssel"
++msgstr "Falscher öffentlicher Schlüssel"
+ 
+ #: util/errors.c:61
+ msgid "bad secret key"
+@@ -6366,7 +6366,7 @@
+ 
+ #: util/errors.c:106
+ msgid "unusable public key"
+-msgstr "unbrauchbarer öffentlicher Schüssel"
++msgstr "unbrauchbarer öffentlicher Schlüssel"
+ 
+ #: util/errors.c:107
+ msgid "unusable secret key"
+@@ -6775,7 +6775,7 @@
+ #~ "Es wird ein neues %s Schlüsselpaar erzeugt.\n"
+ #~ "              kleinste Schlüssellänge ist  768 Bit\n"
+ #~ "              standard Schlüssellänge ist 1024 Bit\n"
+-#~ "      gröÂßte sinnvolle Schlüssellänge ist 2048 Bit\n"
++#~ "      größte sinnvolle Schlüssellänge ist 2048 Bit\n"
+ 
+ #~ msgid "DSA only allows keysizes from 512 to 1024\n"
+ #~ msgstr "DSA erlaubt nur Schlüssellängen von 512 bis 1024\n"
+@@ -6787,13 +6787,13 @@
+ #~ msgstr "zu kurz; 768 ist die kleinste mögliche Schlüssellänge.\n"
+ 
+ #~ msgid "keysize too large; %d is largest value allowed.\n"
+-#~ msgstr "SchüsselgröÂße zu hoch; %d ist der Maximalwert.\n"
++#~ msgstr "Schlüsselgröße zu hoch; %d ist der Maximalwert.\n"
+ 
+ #~ msgid ""
+ #~ "Keysizes larger than 2048 are not suggested because\n"
+ #~ "computations take REALLY long!\n"
+ #~ msgstr ""
+-#~ "Schlüssellängen gröÂßer als 2048 werden nicht empfohlen, da die\n"
++#~ "Schlüssellängen größer als 2048 werden nicht empfohlen, da die\n"
+ #~ "Berechnungen dann WIRKLICH lange brauchen!\n"
+ 
+ #, fuzzy
+@@ -7136,7 +7136,7 @@
+ #~ msgstr "zu viele `%c' Voreinstellungen\n"
+ 
+ #~ msgid "key %08lX: not a rfc2440 key - skipped\n"
+-#~ msgstr "Schlüssel %08lX: dies ist kein RFC2440-Schüssel - übersprungen\n"
++#~ msgstr "Schlüssel %08lX: dies ist kein RFC2440-Schlüssel - übersprungen\n"
+ 
+ #~ msgid ""
+ #~ "NOTE: Elgamal primary key detected - this may take some time to import\n"
+@@ -7292,7 +7292,7 @@
+ #~ msgstr ""
+ #~ "Dieses Verfahren wird nur von GnuPG unterstützt.  Sie können diesen "
+ #~ "Schlüssel\n"
+-#~ "nicht zur Verständigung mit PGP-Anwendern benutzen.  Ausserdem ist "
++#~ "nicht zur Verständigung mit PGP-Anwendern benutzen.  Außerdem ist "
+ #~ "dieses\n"
+ #~ "Verfahren sehr langsam, und es könnte nicht so sicher wie die anderen "
+ #~ "sein.\n"
+@@ -7603,7 +7603,7 @@
+ 
+ #~ msgid "Do you really want to create a sign and encrypt key? "
+ #~ msgstr ""
+-#~ "Möchten Sie wirklich einen Unterschriften-/Verschlüsselungschlüssel "
++#~ "Möchten Sie wirklich einen Unterschriften-/Verschlüsselungsschlüssel "
+ #~ "erzeugen? "
+ 
+ #~ msgid "%s: user not found: %s\n"
diff --git a/packages/gnupg/gnupg_1.4.2.2.bb b/packages/gnupg/gnupg_1.4.2.2.bb
deleted file mode 100644
index b21eb88b91..0000000000
--- a/packages/gnupg/gnupg_1.4.2.2.bb
+++ /dev/null
@@ -1,14 +0,0 @@
-require gnupg.inc
-
-DEPENDS += "readline"
-EXTRA_OECONF += "--with-readline=${STAGING_LIBDIR}/.."
-#   --without-readline      do not support fancy command line editing
-
-SRC_URI += "file://15_free_caps.patch;patch=1 \
-	    file://16_min_privileges.patch;patch=1 \
-	    file://22_zero_length_mpi_fix.patch;patch=1 \
-            file://30_nm_always_check.patch;patch=1"
-
-S = "${WORKDIR}/gnupg-${PV}"
-
-PR = "r2"
diff --git a/packages/gnupg/gnupg_1.4.7.bb b/packages/gnupg/gnupg_1.4.7.bb
new file mode 100644
index 0000000000..19a82b5efe
--- /dev/null
+++ b/packages/gnupg/gnupg_1.4.7.bb
@@ -0,0 +1,12 @@
+require gnupg.inc
+
+DEPENDS += "readline"
+EXTRA_OECONF += "--with-readline=${STAGING_LIBDIR}/.."
+#   --without-readline      do not support fancy command line editing
+
+SRC_URI += "file://15_free_caps.dpatch;patch=1 \
+	    file://16_min_privileges.dpatch;patch=1 \
+            file://24_gpgv_manpage_cleanup.dpatch;patch=1 \
+            file://25_de.po_fixes.dpatch;patch=1"
+
+S = "${WORKDIR}/gnupg-${PV}"