Bug#893644: stretch-pu: package leap-archive-keyring/2016.03.08

To: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 893644@bugs.debian.org
Subject: Bug#893644: stretch-pu: package leap-archive-keyring/2016.03.08
From: micah anderson <micah@debian.org>
Date: Tue, 03 Apr 2018 13:00:41 -0400
Message-id: <[🔎] 87h8os2pja.fsf@muck.riseup.net>
Reply-to: micah anderson <micah@debian.org>, 893644@bugs.debian.org
In-reply-to: <1522530220.3129.87.camel@adam-barratt.org.uk>
References: <152157795708.6107.11774770508154554723.reportbug@localhost> <1521581215.3014.20.camel@adam-barratt.org.uk> <152157795708.6107.11774770508154554723.reportbug@localhost> <87o9jhpogb.fsf@riseup.net> <1522530220.3129.87.camel@adam-barratt.org.uk> <152157795708.6107.11774770508154554723.reportbug@localhost>

"Adam D. Barratt" <adam@adam-barratt.org.uk> writes:

> Control: tags -1 + moreinfo
>
> On Wed, 2018-03-21 at 14:07 +0100, micah wrote:
>> "Adam D. Barratt" <adam@adam-barratt.org.uk> writes:
>> 
>> > Control: tags -1 + moreinfo
>> > 
>> > On Tue, 2018-03-20 at 16:32 -0400, micah wrote:
>> > > The leap-archive-keyring is a simple archive keyring package that
>> > > contains the
>> > > signing key for trusting the archive of the LEAP encryption
>> > > access
>> > > project. Unfortunately, the expiration date chosen for the key
>> > > that
>> > > is included
>> > > in the package in Stretch was too low, and it has expired.
>> > > 
>> > > The newer package that is available in testing, unstable, and
>> > > backports provides
>> > > a key with a sufficient length to cover the stable release cycle.
>> > > 
>> > > I would like to propose that this package be included in the next
>> > > stable release point update.
>> > 
>> > We'd need to see a debdiff of the proposed upload, built on and
>> > tested
>> > against stretch, please.
>> 
>> Sorry, I thought I had attached the debdiff, here it is:
>
> Ah, sorry, I meant of the source packages, not the binaries.

Of course, I should have assumed that. I've attached the source debdiff
to this email.

> (Also, as per above - "of the proposed upload, built on and tested
> against stretch". The provided debdiff is against the version that was
> uploaded to unstable.

Fixed.

> An upload to stretch at least needs a new changelog stanza with a
> different version number - most likely 2016.03.08+deb9u1, but possibly
> 2017.11.24~deb9u1 if you wish to argue that all of the changes since
> the current version in stretch are appropriate for a stable update.)

I went with 2017.11.24~deb9u1 because indeed, the changes since the
current version in stretch are appropriate for a stable update, namely:

1. Providing keys in a second location, to aid in the transition from
jessie->stretch methods for how sources.list [signed-by=] method changed
to allow for both paths and fingerprints

2. fix priority to be in-line with debian policy

3. add a dependency on gnupg

4. update the expirations on the keys themselves

I'm only unsure if changing the Priority section is allowed in a stable
point update?

Thanks!
Micah

Attachment: leap-archive-keyring-src.debdiff
Description: Binary data

Attachment: signature.asc
Description: PGP signature

Reply to:

Prev by Date: Bug#894721: nmu: octave - record changed jvm path
Next by Date: Bug#894735: RM: simutrans/unstable [armhf] -- ROM; FTBFS
Previous by thread: Bug#894721: marked as done (nmu: octave - record changed jvm path)
Next by thread: Bug#894735: RM: simutrans/unstable [armhf] -- ROM; FTBFS
Index(es):
- Date
- Thread