Bug#203741: v0_6 branch

To: 203741@bugs.debian.org
Subject: Bug#203741: v0_6 branch
From: Matt Zimmerman <mdz@debian.org>
Date: Thu, 25 Dec 2003 12:05:07 -0800
Message-id: <[🔎] 20031225200507.GJ17472@alcor.net>
Reply-to: Matt Zimmerman <mdz@debian.org>, 203741@bugs.debian.org

I've created a v0_6 branch in CVS and merged the current edition of the
signature verification code into it.

  * Signature verification support patch ("apt-secure") from Colin Walters
    <walters@debian.org> and Isaac Jones <ijones@syntaxpolice.org>.  This
    implements:
     - Release signature verification (Release.gpg)
     - Packages, Sources md5sum verification against Release
     - Closes: #203741
  * Make some modifications to signature verification support:
    - Release.gpg is always retrieved and verified if present, rather than
      requiring that sources be configured as secure
    - Print a hint about installing gnupg if exec(gpgv) fails
    - Remove obsolete pkgAcqIndexRel
    - Move vendors.list stuff into a separate module (vendorlist.{h,cc})
    - If any files about to be retrieved are not authenticated, issue a
      warning to the user and require confirmation
  * Suggests: gnupg
  * Install a keyring in /usr/share/apt/debian-archive.gpg containing an
    initial set of Debian archive signing keys to seed /etc/apt/trusted.gpg
  * Add a new tool, apt-key(8) used to manage the keyring

-- 
 - mdz

Reply to:

Prev by Date: Bug#221542: marked as done (/usr/bin/apt-get: apt-get: goes into a busy loop without /proc)
Next by Date: Processing of apt_0.6.0_i386.changes
Previous by thread: Bug#221542: marked as done (/usr/bin/apt-get: apt-get: goes into a busy loop without /proc)
Next by thread: Processing of apt_0.6.0_i386.changes
Index(es):
- Date
- Thread