Your message dated Tue, 28 Nov 2023 15:35:20 +0000
with message-id <[email protected]>
and subject line Bug#922348: fixed in ubuntu-keyring 2023.11.28.1-0.2
has caused the Debian Bug report #922348,
regarding unsupported APT keyring format (GPG keybox database version 1)
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
922348: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922348
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: ubuntu-dbgsym-keyring
Version: 2018.09.18.1-4
Severity: normal
Dear Maintainer,
the following files are in a GPG keybox database version 1 format.
- keyrings/ubuntu-dbgsym-keyring.gpg
- keyrings/ubuntu-dbgsym-removed-keys.gpg
As said in the apt-key(8) man page:
> apt-key supports only the binary OpenPGP format (also known as "GPG
> key public ring") in files with the "gpg" extension, not the keybox
> database format introduced in newer gpg(1) versions as default for
> keyring files.
$ file keyrings/ubuntu-dbgsym-keyring.gpg
keyrings/ubuntu-dbgsym-removed-keys.gpg
keyrings/ubuntu-dbgsym-keyring.gpg: GPG keybox database version 1,
created-at Thu Feb 1 12:47:14 2018, last-maintained Thu Feb 1 12:47:14 2018
keyrings/ubuntu-dbgsym-removed-keys.gpg: GPG keybox database version 1,
created-at Thu Feb 1 12:47:35 2018, last-maintained Thu Feb 1 12:47:35 2018
The latter of these keyringss can be configured with debconf(1) to be
installed as an APT trust anchor. This won't work.
(ubuntu-dbgsym-keyring.gpg does not seem to be offered?)
The issue is not as severe, because this is not the default behavior for
the package. It may also be rather unlikely anyone would install the
removed keys.
-- System Information:
Debian Release: buster/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 4.19.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages ubuntu-dbgsym-keyring depends on:
ii debconf [debconf-2.0] 1.5.70
Versions of packages ubuntu-dbgsym-keyring recommends:
ii gpgv 2.2.12-1
ubuntu-dbgsym-keyring suggests no packages.
apt 1.8.0~rc3.
--- End Message ---
--- Begin Message ---
Source: ubuntu-keyring
Source-Version: 2023.11.28.1-0.2
Done: Dimitri John Ledkov <[email protected]>
We believe that the bug you reported is fixed in the latest version of
ubuntu-keyring, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Dimitri John Ledkov <[email protected]> (supplier of updated
ubuntu-keyring package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 28 Nov 2023 15:02:25 +0000
Source: ubuntu-keyring
Built-For-Profiles: noudeb
Architecture: source
Version: 2023.11.28.1-0.2
Distribution: unstable
Urgency: medium
Maintainer: Hideki Yamane <[email protected]>
Changed-By: Dimitri John Ledkov <[email protected]>
Closes: 922348 929165 987393 1019165 1033746 1057035
Changes:
ubuntu-keyring (2023.11.28.1-0.2) unstable; urgency=medium
.
* Non-maintainer upload.
* Correct Provides, Depends, Breaks, Replaces. Closes: #1057035
.
ubuntu-keyring (2023.11.28.1-0.1) unstable; urgency=medium
.
* Non-maintainer upload.
* New upstream release. Closes: #922348
* Drop support to configure keyring as trusted, on non-Ubuntu systems
this keyrings only make sense for debootstrap purposed and image
validation. Also obsolete (removed-keys) should never have been
offered to be treated as trusted, as they are for EOL
products. Closes: #987393, #1019165, #1033746
* Cleanup broken filenames using correct maintainer scripts. Closes:
#929165
* Remove autopkgtest, doesn't test keyrings themselves.
Checksums-Sha1:
850818dfd909af35a2254ad22bd0399ac39306ea 2222
ubuntu-keyring_2023.11.28.1-0.2.dsc
263f937a6219873cfdbe48ebacab75d198308cb9 5660
ubuntu-keyring_2023.11.28.1-0.2.debian.tar.xz
cbbf1b07f96a5ff60e621754c7db8834ac0e67e8 11426
ubuntu-keyring_2023.11.28.1-0.2_source.buildinfo
Checksums-Sha256:
637bc0a8d1f3ad19620963d55e8ba81e31787950f5e7de3b260dbecddabdf3f7 2222
ubuntu-keyring_2023.11.28.1-0.2.dsc
d3ba3c7dc43dd2cd4e39555677aa2e7f6b3be2dd10b4eb7c2a33f13ea308281f 5660
ubuntu-keyring_2023.11.28.1-0.2.debian.tar.xz
365a60b2c0efe032eb1720fc9f5a17f1628272477d26206e5e9ae34525feb689 11426
ubuntu-keyring_2023.11.28.1-0.2_source.buildinfo
Files:
8b02ffce58aa6e5bafa82c7e2481018b 2222 misc optional
ubuntu-keyring_2023.11.28.1-0.2.dsc
a7602718382d7610190b5b3eaadf4600 5660 misc optional
ubuntu-keyring_2023.11.28.1-0.2.debian.tar.xz
1fb2074fb6f8d0170f936a185c728972 11426 misc optional
ubuntu-keyring_2023.11.28.1-0.2_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE7iQKBSojGtiSWEHXm47ISdXvcO0FAmVmAs8ACgkQm47ISdXv
cO2FdhAAtByp5A27tLx+3I5KjaufFiCjTzuVGwtiaPKsq9lJxjbDFwB4baXMvqsd
VomVLm5RFZxDwzjUmXVsAUy7f9pbi//XYUsuWODpXecB84qraE+eyoNGGsIYVAuo
hi5MJkTPCvXoGdqT4fmZiPEWwjU5GMBNvQ2B3rnPae2I6CEg6LLKAACSb2Lvq8Y9
DRaHT9I5BURINr/kWkvRnHQXOX7B8dAsaOy66Fe08vpCSt0RSX8nGOu89KVpl/Bj
zMjkkFdyU7/tfJjikqJ++TVMR7jsILlSrM3yQfnjuw1Iet7/cX5iHYD2F5ZQTJ3b
ea2UxNjtr9JFnoqCGlNsKkj4aDU3Dgre8tu7VGRVyzbvtq0tfe7qTObA7+tYypf4
+otXxiMtKMYPeUrTBO/xhHMKbe+cGnWavdh6KaKkc1aoLNcelIxIPNdJSJf0Eg1j
uPxE287tHlxSJnyLyr9AjxDYupNvri50GvTAq32jqa4K9SkljMBxCYT9PRadyhts
K+P6Eve4XtxXF6LBfEX/89RPptDTxpSd4fdtzhTzs4qCOQ8eeSN54FvF3LM4kIVs
RYeRMi49jzzkZoBJyPEPfQdNA38rr2c2eTYYFyJ2gHO5nDA3Zv6d+t6u8wUkWsHd
Wgdsv68Utour5rvRYDsT3eOjRsTC839rAzH+R50nQZrSBAG1GoY=
=uZDB
-----END PGP SIGNATURE-----
--- End Message ---
