[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#1037363: marked as done (libkf5mimetreeparser5abi1: does not find the key used to sign a message if a signing subkey was used)

Your message dated Tue, 27 Jun 2023 12:34:18 +0000
with message-id <E1qE7ti-001jwA-Ce@fasolo.debian.org>
and subject line Bug#1037363: fixed in kf5-messagelib 4:22.12.3-2
has caused the Debian Bug report #1037363,
regarding libkf5mimetreeparser5abi1: does not find the key used to sign a message if a signing subkey was used
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
1037363: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1037363
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: libkf5mimetreeparser5abi1
Version: 4:22.12.3-1
Tags: bookworm sid patch upstream
Forwarded: https://bugs.kde.org/show_bug.cgi?id=469304
Control: affects -1 kmail

SUMMARY
KMail claims that messages signed with a subkey of my own key are
signed with an unknown key.

STEPS TO REPRODUCE
1. You need an OpenPGP certficate with a signing subkey.
2. Sign a message with this key and send it to yourself (or use Send
Later to put it in your outbox).
3. View the message.

OBSERVED RESULT
I have an OpenPGP certficate with a signing subkey that is used to
sign my messages. KMail has no problem signing my messages, but when
viewing my messages KMail says:
> Message was signed on 25.04.23 18:24 with unknown key 0xDB8E020E328C30942060BF21B16F599516474ABA.
> The validity of the signature cannot be verified.
> Status: Good signature

Obviously, this doesn't make any sense because how can the signature
be good if it was signed with an unknown key. It turns out that gpg
which is used to verify the signature very well knows the key, but
KMail is not able to find it.

EXPECTED RESULT
KMail should say something like:
> Message was signed by *@ingo-kloecker.de (Key ID: 0xE375339BF4C51840).
> The signature is valid and the key is ultimately trusted.


The fix can be found at
https://invent.kde.org/pim/messagelib/commit/70f39256784280d2034aa7bf1c4765f606c22d56

--- End Message ---
--- Begin Message --- 
Source: kf5-messagelib
Source-Version: 4:22.12.3-2
Done: Sandro Knauß <hefee@debian.org>

We believe that the bug you reported is fixed in the latest version of
kf5-messagelib, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1037363@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Sandro Knauß <hefee@debian.org> (supplier of updated kf5-messagelib package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 27 Jun 2023 14:09:30 +0200
Source: kf5-messagelib
Architecture: source
Version: 4:22.12.3-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>
Changed-By: Sandro Knauß <hefee@debian.org>
Closes: 1037363
Changes:
 kf5-messagelib (4:22.12.3-2) unstable; urgency=medium
 .
   * Add upstream patch to search also for subkeys (Closes: #1037363).
Checksums-Sha1:
 c820d75fa1daf04bbc18e21b03a214bc8b6184af 5005 kf5-messagelib_22.12.3-2.dsc
 8855a40e6ca306f83b8f5650d8025fbeddcb939f 22416 kf5-messagelib_22.12.3-2.debian.tar.xz
 33383277f0eeb2f41ecfb22255e46b89db29ad0e 20436 kf5-messagelib_22.12.3-2_source.buildinfo
Checksums-Sha256:
 652c1a4edd76e8bda33a3c2a5ec3c45234ed105767278544e6c5b9aef6e6bfeb 5005 kf5-messagelib_22.12.3-2.dsc
 3bf69126b15e51f7b5b7c7dc213aef8457dd46a94a521dd0965d83eb86560d50 22416 kf5-messagelib_22.12.3-2.debian.tar.xz
 bfcd06dd58af578a4e3fbe3b333a9e0a7b771bc0412b2a307b6df0ca054e5feb 20436 kf5-messagelib_22.12.3-2_source.buildinfo
Files:
 31acf18e3e96d74b6a8718113c13428f 5005 libs optional kf5-messagelib_22.12.3-2.dsc
 8ecf84a0468a156acbb5bc1a66a4226e 22416 libs optional kf5-messagelib_22.12.3-2.debian.tar.xz
 f1ce6cec3e333fa4de3e04bc19f19d71 20436 libs optional kf5-messagelib_22.12.3-2_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJFBAEBCgAvFiEEOewRoCAWtykmSRoG462wCFBgVjYFAmSa0Y0RHGhlZmVlQGRl
Ymlhbi5vcmcACgkQ462wCFBgVjZQeQ/+OdflX5LVvT6cwvFKv9H6VGQEPcHWDQ0J
K93ukFJ4tXZDQ2umD+X1pxfJMZ/vi4/UOs5G2n1xpAHNfZDENceur65seHm2koQ3
v3KjGU0yBJsshxdOTTwMqYy2LAXp48y7S/OXRJJblE1v/GuwcrpR8rWy0+AjeCI3
SGZgwm2P9KYFLaw5iM9Kxyned4PCfU7kJgV3Iiwu6PZgKtZ8N00MgdN37bMfKaX9
f4gRLXKYSXllUzCWz8ew/YVa9pi/IEzCtucPrMQNCmMCFlYPR09H6wbhqeK4y7Uy
mgkYasubvYvFv0OgILmlk58lqb7NJkfFtBfd7XNFf++w03rmHisI6YU5iTiRdydF
LkNQyqENq56QPno3HJt0YIZq1YUK1dkx+o97WVeYmI9xHP/H6dJdmQsw+9mlt0/i
WiIiqz8hLUbK0Zw+b8UNX/jKWH2LudWx2N87fbgGmUJW5KiX3hEbEfBiY5R02kPm
83tW9e0hHDQOM1udFGPHj9/m2UI96sUKXJz+5APaHGkJ4O7E829jcV4gok3aS5Uw
OUXoz1uOfanVGBmgSycOQNW2Ey6yplY8jTckvkzJrylsIA3EEti0z6A17XkBrWWm
TVvtZuOBUI7fgshyB4lE6mfhTXJbOA8g233pprOQNNVmVb48wLAFkgmRDzzOfmyV
2Kwe0Z9upqI=
=RUWk
-----END PGP SIGNATURE-----

--- End Message ---
Reply to: