Your message dated Sun, 09 Mar 2025 14:46:34 +0000 with message-id <e1trhvg-00ckts...@fasolo.debian.org> and subject line Bug#1087991: fixed in python-debian 1.0.0 has caused the Debian Bug report #1087991, regarding python-debian: GpgInfo fails for signatures with non-utf8 NOTATION_DATA to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1087991: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1087991 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Source: python-debian Version: 0.1.49ubuntu3 Severity: normal X-Debbugs-Cc: scho...@ubuntu.com, j...@debian.org Hi there, When trying to verify the attached DSC, it made python-debian crash with a decoding error. The DSC is completely valid, but the DD who signed it was using Sequoia rather than GnuPG at the time, and for some reason the NOTATION_DATA section of the signature contains binary data. While not particularly friendly, it's allowed by the spec. You can reproduce very easily: ```python from debian.deb822 import GpgInfo GpgInfo.from_file("autopkgtest_5.38ubuntu1.dsc") ``` That should yield the following exception: Traceback (most recent call last): File "<input>", line 1, in <module> GpgInfo.from_file("autopkgtest_5.38ubuntu1.dsc") File "/usr/lib/python3/dist-packages/debian/deb822.py", line 1404, in from_fil e return cls.from_sequence(target_file, *args, **kwargs) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/lib/python3/dist-packages/debian/deb822.py", line 1374, in from_seq uence return cls.from_output(out.decode('utf-8'), ^^^^^^^^^^^^^^^^^^^ UnicodeDecodeError: 'utf-8' codec can't decode byte 0xeb in position 374: invali d continuation byte Note that `dscverify` has no qualm with the signature. `gpgv --status-fd 1` gives us the following raw data: Cheers, Simon -- System Information: Debian Release: trixie/sid APT prefers plucky APT policy: (500, 'plucky') Architecture: amd64 (x86_64) Kernel: Linux 6.11.0-9-generic (SMP w/12 CPU threads; PREEMPT) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 3.0 (native) Source: autopkgtest Binary: autopkgtest Architecture: all Version: 5.38ubuntu1 Maintainer: Ubuntu Developers <ubuntu-devel-disc...@lists.ubuntu.com> Uploaders: Ian Jackson <ijack...@chiark.greenend.org.uk>, Martin Pitt <mp...@debian.org>, Antonio Terceiro <terce...@debian.org>, Paul Gevers <elb...@debian.org>, Simon McVittie <s...@debian.org>, Paride Legovini <par...@debian.org>, Standards-Version: 4.6.2 Vcs-Browser: https://salsa.debian.org/ci-team/autopkgtest Vcs-Git: https://salsa.debian.org/ci-team/autopkgtest.git Testsuite: autopkgtest Testsuite-Triggers: adduser, autodep8, build-essential, buildah, ca-certificates, catatonit, debhelper, debian-archive-keyring, debootstrap, devscripts, distro-info, dnsmasq, dnsmasq-base, docker.io, dumb-init, fakeroot, golang-github-containernetworking-plugin-dnsname, iproute2, iptables, libpam-cgfs, lxc, lxc-templates, lxcfs, lxd, lxd-installer, mmdebstrap, podman, python3-distro-info, rsync, sbuild, schroot, slirp4netns, tini, uidmap, util-linux Build-Depends: debhelper-compat (= 13), fakeroot <!nocheck>, procps <!nocheck>, pycodestyle | pep8 <!nocheck>, pyflakes3 <!nocheck>, python3 (>= 3.8), python3-debian <!nocheck>, python3-docutils Package-List: autopkgtest deb devel optional arch=all Checksums-Sha1: 4c0f9acec87b6c6e9d43cdf486d62a3ec69ec5b3 229420 autopkgtest_5.38ubuntu1.tar.xz Checksums-Sha256: dbc550a9c36e11c44c2a5317d44764ec8217b4c673676e929a6750be8ffa4010 229420 autopkgtest_5.38ubuntu1.tar.xz Files: eece5090a399d30148c6e7c8b64c0401 229420 autopkgtest_5.38ubuntu1.tar.xz Original-Maintainer: Debian CI team <team...@tracker.debian.org> -----BEGIN PGP SIGNATURE----- wsC7BAEBCgBvBYJmsPmjCRDWWGGIPgFNuUcUAAAAAAAeACBzYWx0QG5vdGF0aW9u cy5zZXF1b2lhLXBncC5vcmcaIQdWc+sT5HQhi5CZcNvDhiP/z8aJPt0OzmfG2hdf BxYhBFYa1YXu12aSG6jdltZYYYg+AU25AAAShwf+K+OmWZa+0EnvY2xFXIzafxq4 BmzD6Sk2zWrN3pxvu4Pge0iK8Z/ixTH3nlcsuSfc1x/68XX/w1cL1ft5x86oUJaT f5vNZnXImebgX6dQJFXbje79RMIduWUwYr4Qdyn1IVP/2pjWxWp/ajjF0E8lCpgL hAfafblvLG4uCAUc8aaBHjrJhxQYPu/qNe99GBY6HhEa5yqJOnL/fFakeFvl69eO AhbA4uoGOogd0xR74kr3qlSbfAk7tstLdLxqVyPh4/fy3kxfyROZQ2gwtC2taCUT J27NqZHD5Rtsh+rbs1ixdoku4X+KXYFH3/aSh6tGz1GOJaPhkH0iwEkCZHE2eg== =t3av -----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---Source: python-debian Source-Version: 1.0.0 Done: Stuart Prescott <stu...@debian.org> We believe that the bug you reported is fixed in the latest version of python-debian, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1087...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Stuart Prescott <stu...@debian.org> (supplier of updated python-debian package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 10 Mar 2025 01:05:59 +1100 Source: python-debian Architecture: source Version: 1.0.0 Distribution: unstable Urgency: medium Maintainer: Debian python-debian Maintainers <pkg-python-debian-ma...@lists.alioth.debian.org> Changed-By: Stuart Prescott <stu...@debian.org> Closes: 1086512 1087991 1095835 Changes: python-debian (1.0.0) unstable; urgency=medium . * The 1.0.0 release of python-debian :) * Upload to unstable (and release to pypi). * Update typing imports to keep new mypy happy. * Handle non-UTF-8 data in gpgv output from sequoia-generated data (Closes: #1095835, #1087991). * Permit filenames and Path objects in Deb822.iter_paragraphs() (Closes: #1086512). Checksums-Sha1: eda960d89595c01e585c98eb08b6f7bab3038d15 2384 python-debian_1.0.0.dsc 95aef8759e0d07b4dd078f99cba5ee6026aeeb38 197964 python-debian_1.0.0.tar.xz 40da09ec5c7dc8a85efff660eadff1bfc9ef6eba 7401 python-debian_1.0.0_amd64.buildinfo Checksums-Sha256: a3282caceffda65f7e4d7749bab5bb4575da399eb53d8ecb58e955871c79812b 2384 python-debian_1.0.0.dsc f8d8010294244507305dc2dd7f803e879caaae5f512019efc97c83d980a52ec8 197964 python-debian_1.0.0.tar.xz 3a634cbd4cf38bd23d62e900e141fc4a8103aad4312caf5b1f7cea302fd04ffa 7401 python-debian_1.0.0_amd64.buildinfo Files: 9bdc55d3f03c595ef915a4aaeccdb420 2384 python optional python-debian_1.0.0.dsc 1bfcb9eaf23741cb32227a6a2da59f0f 197964 python optional python-debian_1.0.0.tar.xz 80a9ae907ac023ac7546ac9f503ff9df 7401 python optional python-debian_1.0.0_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEkOLSwa0Uaht+u4kdu8F+uxOW8vcFAmfNoIgACgkQu8F+uxOW 8vdntQ//XXfhCRVVSa1Ow/tumEfRb7Yw5JI2WgK4M8u6BySRcsHT0KNBeEg8I0NG vlQrgLhQOCi/iTFCQpEyjb4p4HD30+P9QcSoSVTBGRPcEzwQPNGN1PNQPsmYdCSK 7ZoqUS/fbwxyAInPIKYx60fOhyz0TLJ91WUltOMGfIiuAf5slAScDJeyDUTBJswK 8+b9kR79nBbKCC7zcYDrXY3SiOF64otikXEysB1nvyQgO61xKeTssNs+GTEqv6Qk /EZvOzT8vJtDzChWvX/Y+N4BypZ3y0XWka5xZfItG8Sg5BtamJaIC0jF8nNcQG+1 6/o6gjrlOlX99K8YJzvHnACNN9BCYV35rse1+JDqDmbLwLTmNq58Qt/mDeNsP8yT dybkIF0nkdH4nHLK2/F1XcyjUal0HPCp4TGp0Ex9YC8UBDj3qXXKj0BwqYEKN6vA bnYmto7rFMtGm6wUflk/bcRGJTf7NxlnOxlrNlkpqjJH5ZmuQZsKBCElekFEFQCT GYB+LOUlMHdxcayFX5lZdhsMKeLjiEXzuToc8n0HeLaBF6npZCNnJ/VvRPwPTPNK MJQr3ZC/5FAvxrHH9tOdEW8RlP4vzvy1XX2FekOi2qUBo8BGEZSU6B9fqwqnRTY1 QHH4eU1asYUJTGVzxO1iWfsR3sseUmV5Pqt13oE4C81UR/wQBag= =F8Jh -----END PGP SIGNATURE-----
pgp27X8BnnSSg.pgp
Description: PGP signature
--- End Message ---
-- https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-python-debian-maint
