If I'm reading comment #4 correctly, we could only ever sync from Debian and not make our own changes to have a trusted signature. I don't think that would work out. At the version least we need to be able to have different package revision numbers for different releases when we do updates.
It seems to me like if we are going to do this, we would need some kind of plan like we use for clamav: https://wiki.ubuntu.com/ClamavUpdates If the signing key issue is important, we'll also need a MOTU who's key is trusted by TOR. ** Changed in: ubuntu Status: New => Incomplete -- Please sync tor 0.2.1.19-1 (universe) from Debian testing (main) https://bugs.launchpad.net/bugs/413657 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
