*** This bug is a security vulnerability *** Public security bug reported:
Instead of shipping a single keyring with 4 keys, ship each key individually in trusted.gpg.d and do not call apt-key update at all. Remove keys from /etc/apt/trusted.gpg This is similar to changes done in debian-archive-keyring 2012.1 upload. ** Affects: ubuntu-keyring (Ubuntu) Importance: Undecided Status: New ** Patch added: "ubuntu-keyring_2016.09.16.debdiff.asc" https://bugs.launchpad.net/bugs/1624408/+attachment/4742035/+files/ubuntu-keyring_2016.09.16.debdiff.asc -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1624408 Title: ubuntu-keyring migrate to fragment files To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-keyring/+bug/1624408/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs