[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Upgrade.tar available (was Re: [dark: READ!] CD images)

On Mon, 15 May 2000, Richard Braakman wrote:

> On Mon, May 15, 2000 at 04:49:54PM +0200, J.A. Bezemer wrote:
> > Okay. Will a developer-signed "fake" .changes file with md5sum of the
> > upgrade-all.tar do? Does it have to be placed in Incoming (on ftp-master I
> > guess) or can you just fetch it from my website?
> 
> Yes, that will do.  I can fetch it, but that may be slow.  It's best
> if it's already on the machine.

Well, it has taken some time because nobody felt like recompiling i386
apt/dpkg, but things are finally ready.

The files you can (read "should" ;-) fetch are:
  http://panic.et.tudelft.nl/~costar/potato/upgrade-all_1.1.tar
  http://panic.et.tudelft.nl/~costar/potato/upgrade-all_1.1.changes

All binaries in the .tar have md5sums that are signed by the Debian developer
that compiled them; see the md5sum.* files. This looks a bit kludgy, but it
seems the most appropriate solution, given the distributed nature of Debian. 

The docs have no developer-signed checksum, but you said you could verify
those yourself (which is pretty easy in this case).

Finally, I've signed the "fake" .changes file myself, because it essentially
only covers the documentation.

You can find my PGP public key (which is BTW signed by a Debian developer) at
  http://panic.et.tudelft.nl/~costar/pubkey.pgp

I hope this is okay; if not, please tell me!


Regards,
  Anne Bezemer
Reply to: