[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

debsig-verify_0.24_amd64.changes ACCEPTED into unstable


Accepted:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 16 Nov 2021 06:02:07 +0100
Source: debsig-verify
Architecture: source
Version: 0.24
Distribution: unstable
Urgency: medium
Maintainer: Dpkg Developers <debian-dpkg@lists.debian.org>
Changed-By: Guillem Jover <guillem@debian.org>
Changes:
 debsig-verify (0.24) unstable; urgency=medium
 .
   * Switch keyring parser from gpg --list-packets to --show-keys --with-colons.
   * Use fingerprint and fallback to use long keyIDs for database filenames.
   * Reject weak RIPEMD160 and SHA1 algorithms.
   * Documentation:
     - Update .gpg keyring references to .pgp in man page.
     - Mention OpenPGP instead of gpg in generic code comments.
     - Clarify the requirement for OpenPGP keyrings.
       Prompted by Steve McIntyre <steve@einval.com>.
       See #988646.
     - Update and modernize the policy-syntax specification.
   * Code internals:
     - Move GnuPG specific macros to the GnuPG backend module.
     - Rename gpgVerify() to sigVerify().
     - Add a new find_command() function.
     - Abstract the OpenPGP operations behind a frontend driver.
     - Move checkSigExist() from misc to openpgp module.
     - Rename XML parser file to policy-xml.
     - Refactor key ID comparison function.
     - Support comparing keyIDs and fingerprints.
     - Refactor database filename generation into a new function.
     - Refactor prefix matching into a new function.
     - Regroup header includes.
   * Build system:
     - Add GitLab CI support.
     - Update .gitignore file.
   * Packaging:
     - Fix typo for Standards-Version field.
     - Switch to Standards-Version 4.6.0 (no changes needed).
     - Do not include the keyid in the example policies pathname.
   * Test suite:
     - Rename .gpg keyrings to .pgp.
     - Abstract OpenPGP details into debsig_openpgp_* functions.
     - Check OpenPGP backend availability.
     - Add sqop and sq OpenPGP backend support.
     - Remove obsolete and non-compliant test data.
       Reported by Charles Duffy <charles@dyfis.net>.
     - Shorten test case titles.
     - Move bad sig case after no sig case.
Checksums-Sha1:
 fd52457e7b27f305bfdbc2ff2a79863532b919b7 1865 debsig-verify_0.24.dsc
 25e7b847f86adfed91804cbbcbb349ccb1357f48 134852 debsig-verify_0.24.tar.xz
 75babac0ac0537835edaf221bc329097494decf0 6996 debsig-verify_0.24_amd64.buildinfo
Checksums-Sha256:
 72e93f6cfd72fd21c2b788267ea75c707bc506c8672ab983ca75fac2e0134b04 1865 debsig-verify_0.24.dsc
 0e30b571cf5408585fa7691ce2fa51b58608f6444aa291fd6cbf0e385149bb17 134852 debsig-verify_0.24.tar.xz
 0481fa1dca5340108bedb1d08ce3d0f167ff914e2f28e7cd5fbe31adb3f34509 6996 debsig-verify_0.24_amd64.buildinfo
Files:
 c7c1e15ed2f3d7a591dd5b2ec255d8b8 1865 admin optional debsig-verify_0.24.dsc
 00b598e12e13354f24af90b044006fa4 134852 admin optional debsig-verify_0.24.tar.xz
 28265b80241becf29286e62d0f034f67 6996 admin optional debsig-verify_0.24_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEETz509DYFDBD1aWV0uXK/PqSuV6MFAmGTPEMACgkQuXK/PqSu
V6MEOA//ezrk3b2TbyFIbou00LqPdHn8XpDQvqwqIDyiSzTuIIfkMgsUfr/Y2WrY
/FlNRImH3t5jQ/7zl5x7B10+uD1ZYrVWrdBJupftKEF/Qa0lJfEMji707niNohwH
bhOcrkln/hsOwxntLJRCL3gA4nKKJNdXmAyQLA4v4lHxYvUXF3fxDwpVbpAI2yRl
EfvwbJOV3EruItBtB48m2+TdprYjl3RsF7SlM/dA71R7fLzzKOlvJUJp0AVlro++
vmBLqiafY8q0Z+YMxjPGh2ulmxVBe5V/9e5RP/zPXGNwFRYxumnuZHCP9bnnPRlT
DvnRC0g6I9bE+7IPPQLxsETJzb09gKu8HcXPaP/CnMyjG6z/x413CPORrc/kRXfu
y5kOv+DNzNzuGgFq0s6C8Ryxbw62ME4NujUjoRVu+a6bBGgnMU9OOioPHcHxtKae
/rrUdE6Cramxwl2RQFsAQW9bYAmxQMoOBvMoP9KLKcAJLrgc+dMMjD21bpf7nD6A
zBqqtSJCnUkE/1mzOKcYctz3JSEYzvyIjdzoykmMhDu4S126wMJh1wWKNFXOU5t+
t+kIQ3v0qnwtoP5vEZIAhBM/Na+MOvj245xtKbvvcXtSwYwjhSDcq51TVFiZjt3y
82+MtQ28pHGgP8LWbKHXwnGt6XGVkMuNWGV9GWuYHeQcz61LAD4=
=563S
-----END PGP SIGNATURE-----


Thank you for your contribution to Debian.
Reply to: