(re-adding Adam.)
Didier 'OdyX' Raboud <odyx@debian.org> (2016-04-22):
> Le vendredi, 22 avril 2016, 19.57:55 Cyril Brulebois a écrit :
> > Didier, I see you have committed a fix in git master, so I'm tagging
> > this bug report accordingly. Did you test it (e.g. by faking a
> > Release file corruption)?
>
> Yes, right. I hacked on that bug, but forgot to update the buglog;
> sorry for that.
No worries.
> > This seems like something we should cherry-pick in stable branches,
> > but I don't want to do so without a confirmation first.
>
> The following patch makes the build fail indeed:
>
> diff --git a/get-images.sh b/get-images.sh
> index caea03d..31f25bf 100755
> --- a/get-images.sh
> +++ b/get-images.sh
> @@ -159,6 +159,9 @@ unpack_installer () {
> wget -c $MIRROR/dists/$DISTRIBUTION/Release.gpg -O $RELEASE_FILE.gpg
> wget -c $MIRROR/dists/$DISTRIBUTION/Release -O $RELEASE_FILE
>
> +# Corrupt the release file
> +echo "Break the signature" >> $RELEASE_FILE
> +
> gpgv --keyring /usr/share/keyrings/debian-archive-keyring.gpg $RELEASE_FILE.gpg $RELEASE_FILE
>
> get_di_built_using $1
Thanks!
I've therefore git cherry-picked your patch to both wheezy and jessie
branches, but I didn't do any build testing. Adam, if you end up being
the one preparing the next dini upload(s) [I hope to be around for good
by then but…], feel free to hunt me down if that doesn't work out as
planned.
KiBi.
Attachment:
signature.asc
Description: Digital signature