Dear all

The X2Go project is proud to announce a new release of the X2Go
component ,,x2go-keyring''.

New gains of this version of ,,x2go-keyring'' are:

  o new internal format, bastardization of debian-keyring and
  o added key for Mihai Moldovan
  o added new, stronger packages signing key (RSA4096) to be used in the future
  o correct usage of new apt.trusted.d directory with individual keyfiles
  o lots of metadata updates

X2Go Component: x2go-keyring
Version: 2019.08.20
Timestamp: 1566318311
Date: Tue, 20 Aug 2019 18:25:11 +0200
 x2go-keyring (2019.08.20) RELEASED; urgency=medium
   [ Mike Gabriel ]
   * Rename LICENSE file to COPYING.
   [ Mihai Moldovan ]
   * Change string "X2go" to "X2Go" where appropriate.
   * Makefile: remove unnecessary newline.
   * debian/rules: add myself to Copyright header.
   * t/keyids-complete.t: use spaces instead of tabs.
   * t/keyids-complete.t: more quotes and curly braces!
   * t/keyids-complete.t: even more quotes!
   * t/keyids-complete.t: use the last directory in the stack instead of the
     top-level directory.
   * runtests: use more quotes and curly braces.
   * runtests: use spaces instead of tabs.
   * t/keyids-complete.t: use bash.
   * t/keyids-complete.t: make return-code an integer.
   * t/keyids-complete.t: use pushd/popd instead of cd.
   * t/keyids-complete.t: update comment.
   * t/keyids-complete.t: use find ... -print0 | while read -r -d '' ...
     instead of for loop.
   * t/keyids-complete.t: more quotes.
   * runtests: use trap and explicit exit statement while switching to using
     the mktemp command.
   * runtests: switch to bash.
   * runtests: rework counters and exit status.
   * runtests: rework quoting and shellcheck warnings.
   * Makefile: replace with jetring-based top-level Makefile from
     debian-archive-keyring package. Changes: Renamed files. Added test target.
     "team-members" renamed to x2go-maintainers. Added
     x2go-maintainers-removed-keys. Both files get installed as well.
   * runtests: adapt to new layout.
   * t/keyids-complete.t: adapt to new layout.
   * t/no-expired.t: switch to bash.
   * t/no-expired.t: improve quoting.
   * t/no-expired.t: make exit code variable an integer.
   * t/no-expired.t: adapt to new layout.
   * scripts/:
     - Remove create-prerm-script.
   * Rename x2go-keyring-gpg to active-keys.
   * Rename x2go-maintainers-gpg to x2go-maintainers.
   * removed-keys/:
     - Add empty index file.
   * x2go-maintainers-removed-keys/:
     - Add empty index file.
   * Add README.maintainer file, copied from debian-archive-keyring and
   * x2go-maintainers/: convert to new mechanism, add own key, drop key for
     Oleksandr Shneyder (invalid format).
   - x2go-maintainers/: re-add key for Oleksandr Shneyder.
   * active-keys/: convert to new mechanism.
   * active-keys/: sign index.
   * removed-keys/: sign index.
   * x2go-maintainers/: sign index.
   * x2go-maintainers-removed-keys/: sign index.
   * keyrings: add signatures.
   * Makefile: accept empty indices.
   * .gitignore: rework.
   * runtests: fix tempdir -> tmpdir typo.
   * t/keyids-complete.t: fix stupid while -r ... read typo.
   * t/keyids-complete.t: avoid using a subshell via pipes.
   * t/keyids-complete.t: fix key name checking.
   * active-keys/: add new RSA4096-based X2Go Packages Automatic Signing Key.
   * keyrings/: refresh signature.
   * Makefile: make gpg binary pseudo-selectable via a variable, defaulting to
   * Makefile: manually try to clean up keyrings via --export | --import if the
     filtering command that uses newer GnuPG 2 syntax fails.
   * Makefile: switch back to unversioned gpg binary. Even gnupg1 should be
     good enough on older system like Jessie.
   * keyrings/x2go-archive-keyring.gpg.asc: refresh signature after actually
     inserting the correct key.
   * README.maintainer: update documentation. We want to update the keyrings
     before signing them and also reference the maintainers keyring which DOES
     get installed in our package.
   * keyrings/: update signatures on all keyring files.
   * Makefile: create empty keyring files if the index file is empty. Newer
     GnuPG versions create keybox files by default, but we explicitly (or
     rather implicitly through jetring touching keyring files before importing
     actual data and thus bypassing keybox creation) don't want this.
   * Makefile: for good measure, also verify signatures on
   * Makefile: we don't need keyrings/x2go-maintainers-removed-keys.gpg as a
     prerequisite for checking index signatures.
   * Makefile: likewise compare signatures on
     keyrings/x2go-maintainers{,-removed-keys}.gpg. Doesn't really make a huge
     difference for the x2go-maintainers keyring, but why not.
   * Makefile: add maintonly target for generating gpg-1.4/2.0-style
   * Makefile: fallback to old-style keyring signature checks if the default
     new-style ones failed validation.
   * README.maintainer: update documentation to include old-style keyrings and
     their signatures.
   * Makefile: do not require a full build and verification run for the
     maintonly target.
   * Makefile: do not try to run gpg1 to export and import keys if the keyrings
     are actually empty.
   * Makefile: add old-style keyrings to cleanup.
   * keyrings/: refresh signatures on new-style keyrings.
   * keyrings/: add signatures on old-style keyrings.
   * .gitignore: refresh with old-style and vim backup files.
   * Makefile: check file size on prerequisite, not the just-generated target
   * keyrings/: refresh signatures on all keyrings.
   * t/no-expired.t: make mawk-compatible.
   * debian/control:
     - Change maintainer to the mailing list.
     - Add the old package maintainer to the Uploaders field and myself.
     - Add build dependency upon jetring to create keyring files more easily.
     - Add build dependency upon gnupg, needed anyway. We probably want a
       fallback to gnupg2, but that might be a bit more tricky.
     - Add Multi-Arch: foreign. As long as we can execute the build
       dependencies, we don't care about their architecture.
     - Replace gnupg Recommends with a version-less one. By now, the version
       should be new enough in any case.
     - Add ${misc:Depends}, mostly for good measure.
     - Add build-dependency upon bash.
     - Add build-dependency upon coreutils.
     - Add build-dependency on debhelper >= 7.
     - Bump up dh dependency to 9.
     - Make sure we pull in gnupg2 on older Debian versions.
     - Depend on gnupg package only. Making sure that gnupg2 is getting
       installed unless such a package doesn't exist is too complicated. A
       dependency such as "gnupg2 | gnupg" sadly doesn't work, because gnupg is
       a base package and hence always installed, which immediately fulfils the
   * debian/rules:
     - Simplify file... a lot.
     - Don't use --no-parallel with dh commands in compat-9-mode.
   * debian/:
     - Add docs file, installing README.
     - Add install file, installing actual data.
     - Add postrm file, copied from debian-archive-keyring.
     - Remove prerm.template.
     - Add compat file, using dh-9 features.
   * debian/postinst:
     - Sync with debian-archive-keyring package.
     - Update version for removals to 2019.08.04.
   * debian/install:
     - Clear out. We don't need this any longer since the Makefile stages all
       files to the correct location.
   * debian/postrm:
     - Don't try to remove a symlink that never existed.


Mihai Moldovan

Attachment: signature.asc
Description: OpenPGP digital signature

x2go-announcements mailing list

Reply via email to