Hello, I just saw that there is a new package available for KGPG (app-crypt/kgpg) which provides "KDE integration for GnuPG". Last version in portage is 0.8.2 new version available from the homepage is 0.9. The important thing about it is the fact that while looking at the homepage (http://devel-home.kde.org/~kgpg/index.html) I found the following: --- Full Quote: --- 9th of november 2002: Kgpg 0.9 released: GRAVE SECURITY BUG FIX A grave security bug affecting Kgpg's key generation wizard was discovered yesterday. It affects Kgpg versions 0.6 to 0.8.2. All users are STRONGLY recommended to upgrade to version 0.9 an to delete keys created through Kgpg's key wizard (bug does not affect console mode generation). Read more... --> Affects: Bug affects Kgpg's versions from 0.6 to 0.8.2. Description: A bug in Kgpg's key generation affects all secret keys generated through Kgpg's wizard. (Bug does not affect keys created in console/expert mode). All keys created through the wizard have an empty passphrase, which means that if someone has access to your computer and can read your secret key, he/she can decrypt your files whitout the need of a passphrase. What can you do: We strongly recommend that you delete all secret created with the wizard. You can also edit the key and give it a new passphrase, however, the key may have been compromised in the meantime. All Kgpg's users are also strongly advised to update to version 0.9. ----- // ----- Maybe this might even be a candidate for the gentoo-security mailinglist. (?) Regards, Daniel Seyffer
I'm having trouble compiling kgpg 0.9. The same old error: kgpgoption.ui.h: In member function `virtual void KOptions::toggle_fkey(bool)': kgpgoption.ui.h:12: invalid use of undefined type `struct KComboBox' kgpgoption.h:18: forward declaration of `struct KComboBox' ...and so on. It must be me this time, not the package. Somebody confirm?
ok, i wrote a patch and committed it to portage.
