Your message dated Sun, 11 May 2025 11:34:31 +0000
with message-id <[email protected]>
and subject line Bug#1101007: fixed in gnupg2 2.4.7-18
has caused the Debian Bug report #1101007,
regarding regression: gpg --edit-key clean removes signature that was kept in
2.2.45
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1101007: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1101007
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: gnupg
Version: 2.2.46-5
Severity: normal
X-Debbugs-Cc: [email protected]
Hello,
uwe@taurus:~$ keyringgpghome="$(mktemp -d)"
uwe@taurus:~$ gpg --homedir "$keyringgpghome" --locate-external-key
[email protected] [email protected]
gpg: keybox '/tmp/tmp.U5pMuWLasg/pubring.kbx' created
gpg: /tmp/tmp.U5pMuWLasg/trustdb.gpg: trustdb created
gpg: key E2DCDD9132669BD6: public key "Uwe Kleine-König
<[email protected]>" imported
gpg: Total number processed: 1
gpg: imported: 1
gpg: no ultimately trusted keys found
gpg: key B0D589D46708EC99: public key "Trevor Gamblin
<[email protected]>" imported
gpg: Total number processed: 1
gpg: imported: 1
gpg: no ultimately trusted keys found
pub rsa4096 2010-06-15 [SC] [expires: 2027-06-21]
0D2511F322BFAB1C1580266BE2DCDD9132669BD6
uid [ unknown] Uwe Kleine-König <[email protected]>
sub rsa2048 2023-03-17 [A] [expires: 2027-06-21]
sub rsa2048 2023-03-17 [S] [expires: 2027-06-21]
sub rsa2048 2023-03-17 [E] [expires: 2027-06-21]
pub rsa4096 2024-11-19 [C] [expires: 2026-11-19]
A3A9D4BDAB1069811F48D30EB0D589D46708EC99
uid [ unknown] Trevor Gamblin <[email protected]>
sub cv25519 2024-11-19 [E]
sub ed25519 2024-11-19 [S]
sub ed25519 2024-11-19 [A]
uwe@taurus:~$ gpg --homedir "$keyringgpghome" --list-sigs --with-colon
E2DCDD9132669BD6 | grep -E '(^pub|^uid|B0D589D46708EC99)'
pub:-:4096:1:E2DCDD9132669BD6:1276614694:1813572000::-:::scESCA::::::23:1742578410:4:
uid:-::::1739887646::7E218F31504E286A852C2E05459BA0DC22FF34AE::Uwe
Kleine-König <[email protected]>:::::::::1742578410:4
https\x3a//openpgpkey.baylibre.com:
sig:::1:B0D589D46708EC99:1732894509::::Trevor Gamblin
<[email protected]>:10x::A3A9D4BDAB1069811F48D30EB0D589D46708EC99:::10:
So my key E2DCDD9132669BD6 has a signature by Trevor's key.
uwe@taurus:~$ gpg --homedir "$keyringgpghome" --edit-key
E2DCDD9132669BD6 clean save
gpg (GnuPG) 2.2.46; Copyright (C) 2024 g10 Code GmbH
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
pub rsa4096/E2DCDD9132669BD6
created: 2010-06-15 expires: 2027-06-21 usage: SC
trust: unknown validity: unknown
The following key was revoked on 2023-03-17 by RSA key E2DCDD9132669BD6
Uwe Kleine-König <[email protected]>
sub rsa2048/DB334D9FBE6A05BF
created: 2015-01-11 revoked: 2023-03-17 usage: A
The following key was revoked on 2015-01-11 by RSA key E2DCDD9132669BD6
Uwe Kleine-König <[email protected]>
sub rsa4096/3C3A2D28B94A2928
created: 2010-06-15 revoked: 2015-01-11 usage: E
The following key was revoked on 2023-03-17 by RSA key E2DCDD9132669BD6
Uwe Kleine-König <[email protected]>
sub rsa2048/C1FC1478ADCAEC09
created: 2015-01-11 revoked: 2023-03-17 usage: S
sub rsa2048/B29A43280A6EF95B
created: 2023-03-17 expires: 2027-06-21 usage: A
sub rsa2048/8F80FB587D12FE4E
created: 2023-03-17 expires: 2027-06-21 usage: S
sub rsa2048/120E75698E64909B
created: 2023-03-17 expires: 2027-06-21 usage: E
The following key was revoked on 2023-03-17 by RSA key E2DCDD9132669BD6
Uwe Kleine-König <[email protected]>
sub rsa2048/F2FF566A57C91BC7
created: 2015-01-11 revoked: 2023-03-17 usage: E
[ unknown] (1). Uwe Kleine-König <[email protected]>
User ID "Uwe Kleine-König <[email protected]>": 7 signatures
removed
pub rsa4096/E2DCDD9132669BD6
created: 2010-06-15 expires: 2027-06-21 usage: SC
trust: unknown validity: unknown
The following key was revoked on 2023-03-17 by RSA key E2DCDD9132669BD6
Uwe Kleine-König <[email protected]>
sub rsa2048/DB334D9FBE6A05BF
created: 2015-01-11 revoked: 2023-03-17 usage: A
The following key was revoked on 2015-01-11 by RSA key E2DCDD9132669BD6
Uwe Kleine-König <[email protected]>
sub rsa4096/3C3A2D28B94A2928
created: 2010-06-15 revoked: 2015-01-11 usage: E
The following key was revoked on 2023-03-17 by RSA key E2DCDD9132669BD6
Uwe Kleine-König <[email protected]>
sub rsa2048/C1FC1478ADCAEC09
created: 2015-01-11 revoked: 2023-03-17 usage: S
sub rsa2048/B29A43280A6EF95B
created: 2023-03-17 expires: 2027-06-21 usage: A
sub rsa2048/8F80FB587D12FE4E
created: 2023-03-17 expires: 2027-06-21 usage: S
sub rsa2048/120E75698E64909B
created: 2023-03-17 expires: 2027-06-21 usage: E
The following key was revoked on 2023-03-17 by RSA key E2DCDD9132669BD6
Uwe Kleine-König <[email protected]>
sub rsa2048/F2FF566A57C91BC7
created: 2015-01-11 revoked: 2023-03-17 usage: E
[ unknown] (1). Uwe Kleine-König <[email protected]>
uwe@taurus:~$ gpg --homedir "$keyringgpghome" --list-sigs --with-colon
E2DCDD9132669BD6 | grep -E '(^pub|^uid|B0D589D46708EC99)'
pub:-:4096:1:E2DCDD9132669BD6:1276614694:1813572000::-:::scESCA::::::23:1742578410:4:
uid:-::::1739887646::7E218F31504E286A852C2E05459BA0DC22FF34AE::Uwe
Kleine-König <[email protected]>:::::::::1742578410:4
https\x3a//openpgpkey.baylibre.com:
So "clean"ing my key removed Trevor's signature.
With gnupg 2.2.45-2 the same sequence keeps the signature. With my
current understanding 2.2.45-2 is right to keep the signature and it's a
bug in 2.2.46-5 to drop it.
I have a few more reproducers and it's always only Trevor's signature
that is removed.
Best regards
Uwe
-- System Information:
Debian Release: trixie/sid
APT prefers testing-debug
APT policy: (750, 'testing-debug'), (750, 'testing'), (700,
'stable-updates'), (700, 'stable-security'), (700, 'stable-debug'), (700,
'stable'), (600, 'unstable'), (500, 'unstable-debug')
Architecture: amd64 (x86_64)
Foreign Architectures: armhf
Kernel: Linux 6.12.6-amd64 (SMP w/4 CPU threads; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages gnupg depends on:
ii dirmngr 2.2.46-5
ii gnupg-l10n 2.2.46-5
ii gpg 2.2.46-5
ii gpg-agent 2.2.46-5
ii gpgsm 2.2.46-5
Versions of packages gnupg recommends:
ii gnupg-utils 2.2.46-5
ii gpg-wks-client 2.2.46-5
ii gpgv 2.2.46-5
Versions of packages gnupg suggests:
ii gpg-wks-server 2.2.46-5
pn parcimonie <none>
pn xloadimage <none>
-- no debconf information
--- End Message ---
--- Begin Message ---
Source: gnupg2
Source-Version: 2.4.7-18
Done: Andreas Metzler <[email protected]>
We believe that the bug you reported is fixed in the latest version of
gnupg2, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Andreas Metzler <[email protected]> (supplier of updated gnupg2 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 11 May 2025 13:04:10 +0200
Source: gnupg2
Architecture: source
Version: 2.4.7-18
Distribution: experimental
Urgency: medium
Maintainer: Debian GnuPG Maintainers <[email protected]>
Changed-By: Andreas Metzler <[email protected]>
Closes: 1101007
Changes:
gnupg2 (2.4.7-18) experimental; urgency=medium
.
[ Daniel Kahn Gillmor ]
* Handle certification-only pubkeys correctly (Closes: #1101007)
.
[ Andreas Metzler ]
* Cherry-pick fixes from upstream STABLE-BRANCH-2-4:
+ Fix key generation with existing key from card.
(2.4.7 regression) https://dev.gnupg.org/T7457
+ gpgconf: Fix reload and kill of keyboxd
https://dev.gnupg.org/T7569
+ keyboxd: Convert upper-case email-address search string to lower-case
https://dev.gnupg.org/T7576
+ Fix use of undefined behavior in ksba-io-support.c
(Use memchr since calling strchr on a non-NUL terminated string is
undefined behavior.)
+ Fix --list-filter select='disabled-f'.
Checksums-Sha1:
1dd2c8d83e72992b957eba8bd7d53112d19a055b 4877 gnupg2_2.4.7-18.dsc
e594399f4dcc0ddd6cca365de3a25e03a6bb3458 110708 gnupg2_2.4.7-18.debian.tar.xz
Checksums-Sha256:
8750412c9ee0c9cf267ffe4bed45c78ace62f8d3824e5fe170772d8aafcd35d7 4877
gnupg2_2.4.7-18.dsc
940ec7e1d4a5bc1daa0c3b3e195f7eeb88f767d5e421b5a486b6cf7b79ff3af0 110708
gnupg2_2.4.7-18.debian.tar.xz
Files:
d614a9be64eb3379a8260358f79b65f0 4877 utils optional gnupg2_2.4.7-18.dsc
15e0541eaaf4826cc011d3c168eebdbd 110708 utils optional
gnupg2_2.4.7-18.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE0uCSA5741Jbt9PpepU8BhUOCFIQFAmggh7UACgkQpU8BhUOC
FIRDcA//TAajgvlnzT6+I7+GvQfrR0YJJ9tNzLlDWYb5WLL+p1W0x3GDdZ7O3Lxs
P/uIaHtqVaXmrDqYBIXzzZq5QUbzu6euzRFTgNP+AAur5PWzh3HHZcYDvT4ZP6Kq
IdYmT6clarIL1r/akt6fahKHPR9p1RlOmCWBi4YL0k+ivmEnV7C9+1qCvr/LX0Xl
gDllGVArdhd/ylzH3DAraPFMGH10WSHZ6TuTqiiUZhPn9Dt0QDrgeW6VICWsUs3z
X/xJTzUilX5A3lL48Y438Uyz/FwseVcGuv5ZYFk9fiW76Dzi3zsRpi005g8QIYJB
U2QeLCNK6BQ39QfIOvtmqyjsmqjVZFh0b8XNbNrJWp0MPSdNCTgBD+SzxHCzGts+
d3QXABO7I0Q2kU2zYFre7kJwJwRTFShN4EscEM/dAUR1besTllCPVYfIUQCVWnMC
3a2IccIvTPTjGTqn+2TNaOMotHUcsRGaAHF5+r9yykqEyP6zD/3rZ3al1ABGYBwZ
AYsoZ8bTWvNG8w1hqrQMu0KyfcAFc58KgGSaoLSjT09heqe/4TlXiuGBbzNFUd/i
HZLDKmgc6IetQIfsA2dRpzrI8agqlzDXxYVmqtiCfPN/uUKpcwjVy0mqXpUZsrES
m0Hn3aJijBBbeiNYgCHdhG6DWjeN26DcDCDkPZOahpZ8T6aZCgw=
=Mi/3
-----END PGP SIGNATURE-----
pgpJ5dS8epmsU.pgp
Description: PGP signature
--- End Message ---
