[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#893644: marked as done (stretch-pu: package leap-archive-keyring/2016.03.08)

Your message dated Sun, 12 Jul 2020 20:49:56 +0100
with message-id <174b3ae67d02f4b793f4423eada3d6e908e95991.camel@adam-barratt.org.uk>
and subject line Re: Bug#893644: stretch-pu: package leap-archive-keyring/2016.03.08
has caused the Debian Bug report #893644,
regarding stretch-pu: package leap-archive-keyring/2016.03.08
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
893644: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893644
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: release.debian.org
Severity: normal
Tags: stretch
User: release.debian.org@packages.debian.org
Usertags: pu

Hello,

The leap-archive-keyring is a simple archive keyring package that contains the
signing key for trusting the archive of the LEAP encryption access
project. Unfortunately, the expiration date chosen for the key that is included
in the package in Stretch was too low, and it has expired.

The newer package that is available in testing, unstable, and backports provides
a key with a sufficient length to cover the stable release cycle.

I would like to propose that this package be included in the next stable release
point update.

Thank you!
micah

-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (500, 'oldstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.15.0-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

--- End Message ---
--- Begin Message --- 
On Mon, 2020-06-15 at 20:24 +0100, Adam D. Barratt wrote:
> On Tue, 2018-04-03 at 13:00 -0400, micah anderson wrote:
> > "Adam D. Barratt" <adam@adam-barratt.org.uk> writes:
> [...]
> > An upload to stretch at least needs a new changelog stanza with a
> > > different version number - most likely 2016.03.08+deb9u1, but
> > > possibly
> > > 2017.11.24~deb9u1 if you wish to argue that all of the changes
> > > since
> > > the current version in stretch are appropriate for a stable
> > > update.)
> > 
> > I went with 2017.11.24~deb9u1 because indeed, the changes since the
> > current version in stretch are appropriate for a stable update,
> > namely:
> > 
> > 1. Providing keys in a second location, to aid in the transition
> > from
> > jessie->stretch methods for how sources.list [signed-by=] method
> > changed
> > to allow for both paths and fingerprints
> > 
> > 2. fix priority to be in-line with debian policy
> > 
> > 3. add a dependency on gnupg
> > 
> > 4. update the expirations on the keys themselves
> 
> Apologies for letting this sit in "moreinfo" for quite so long
> without re-pinging. Is this still something that's of interest? I can
> see that there's what I assume is an equivalent package in stretch-
> backports.

We've now closed updates for the final stretch point release, so I'm
afraid I'm closing this bug now.

Regards,

Adam

--- End Message ---
Reply to: