Your message dated Mon, 26 Feb 2007 21:47:03 +0000 with message-id <E1HLngV-0000Jp-7f@ries.debian.org> and subject line Bug#412572: fixed in apt 0.6.46.4-0.1 has caused the attached Bug report to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database)
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: apt-key is broken, passes garbage to gpg to remove keys, and currently breaks d-i
- From: Joey Hess <joeyh@debian.org>
- Date: Mon, 26 Feb 2007 15:45:27 -0500
- Message-id: <[🔎] 20070226204527.GA11248@kitenet.net>
Package: apt Version: 0.6.46.4 Severity: grave Tags: d-i All d-i installs are broken today, because a new version of debian-archive-keyring exposed a bug in apt-key, causing it to remove the wrong key during a debootstrap, leaving the system without the current etch automatic signing key. This illistrates the bug: $ gpg --no-default-keyring --keyring /usr/share/keyrings/debian-archive-removed-keys.gpg --with-colons --list-keys | grep ^pub pub:e:1024:1:6FFA8EF91DB114E0:2004-01-15:2005-01-27::-:Debian Archive Automatic Signing Key (2004) <ftpmaster@debian.org>::sc: pub:e:1024:17:F1D53D8C4F368D5D:2005-01-31:2006-01-31::-:Debian Archive Automatic Signing Key (2005) <ftpmaster@debian.org>::sca: pub:-:1024:17:E415B2B4B5F5BBED:2005-04-24:::-:Debian AMD64 Archive Key <debian-amd64@lists.debian.org>::scESC: fjp@strider:~$ gpg --no-default-keyring --keyring /usr/share/keyrings/debian-archive-removed-keys.gpg --with-colons --list-keys | grep ^pub | cut -d: -f5 6FFA8EF91DB114E0 F1D53D8C4F368D5D E415B2B4B5F5BBED fjp@strider:~$ gpg --no-default-keyring --keyring /usr/share/keyrings/debian-archive-removed-keys.gpg --with-colons --list-keys| awk '/^pub/{FS=":";print $5}' Key F1D53D8C4F368D5D E415B2B4B5F5BBED The last command, with awk, is what apt-key does, and note that it does not output the right thing. Apparently the FS setting only takes effect after the first match, so awk outputs the 5th _word_ the first time, which happens to be "key". I haven't fully analised how this causes apt-key to remove the wrong thing from the keyring, but it apparently does. -- see shy joAttachment: signature.asc
Description: Digital signature
--- End Message ---
--- Begin Message ---
- To: 412572-close@bugs.debian.org
- Subject: Bug#412572: fixed in apt 0.6.46.4-0.1
- From: Joey Hess <joeyh@debian.org>
- Date: Mon, 26 Feb 2007 21:47:03 +0000
- Message-id: <E1HLngV-0000Jp-7f@ries.debian.org>
Source: apt Source-Version: 0.6.46.4-0.1 We believe that the bug you reported is fixed in the latest version of apt, which is due to be installed in the Debian FTP archive: apt-doc_0.6.46.4-0.1_all.deb to pool/main/a/apt/apt-doc_0.6.46.4-0.1_all.deb apt-utils_0.6.46.4-0.1_i386.deb to pool/main/a/apt/apt-utils_0.6.46.4-0.1_i386.deb apt_0.6.46.4-0.1.dsc to pool/main/a/apt/apt_0.6.46.4-0.1.dsc apt_0.6.46.4-0.1.tar.gz to pool/main/a/apt/apt_0.6.46.4-0.1.tar.gz apt_0.6.46.4-0.1_i386.deb to pool/main/a/apt/apt_0.6.46.4-0.1_i386.deb libapt-pkg-dev_0.6.46.4-0.1_i386.deb to pool/main/a/apt/libapt-pkg-dev_0.6.46.4-0.1_i386.deb libapt-pkg-doc_0.6.46.4-0.1_all.deb to pool/main/a/apt/libapt-pkg-doc_0.6.46.4-0.1_all.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 412572@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Joey Hess <joeyh@debian.org> (supplier of updated apt package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmaster@debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Mon, 26 Feb 2007 16:00:22 -0500 Source: apt Binary: apt-utils libapt-pkg-doc libapt-pkg-dev apt-doc apt Architecture: source all i386 Version: 0.6.46.4-0.1 Distribution: unstable Urgency: emergency Maintainer: APT Development Team <deity@lists.debian.org> Changed-By: Joey Hess <joeyh@debian.org> Description: apt - Advanced front-end for dpkg apt-doc - Documentation for APT apt-utils - APT utility programs libapt-pkg-dev - Development files for APT's libapt-pkg and libapt-inst libapt-pkg-doc - Documentation for APT development Closes: 412572 Changes: apt (0.6.46.4-0.1) unstable; urgency=emergency . * NMU * Fix broken use of awk in apt-key that caused removal of the wrong keys from the keyring. Closes: #412572 Files: 114944263a2ef3dc6153b1571a9948a2 796 admin important apt_0.6.46.4-0.1.dsc 5f2c7231b17b2d2826e15b4684d25aef 1797866 admin important apt_0.6.46.4-0.1.tar.gz e350f8cf1b4bbe9132d6659930459629 89624 doc optional apt-doc_0.6.46.4-0.1_all.deb 0ee24a708a3169657d9e7c7ea5f8e373 112092 doc optional libapt-pkg-doc_0.6.46.4-0.1_all.deb 3ae7759d8bf2fe14ea01039f87be63aa 1437270 admin important apt_0.6.46.4-0.1_i386.deb ddade31b8e42a0b7d63c560911673130 84050 libdevel optional libapt-pkg-dev_0.6.46.4-0.1_i386.deb 397325cda544de542c171144462f1430 198216 admin important apt-utils_0.6.46.4-0.1_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFF41Ij2tp5zXiKP0wRAlYCAKDUs6YfYf72eLfbJz/LaP04/b8q7ACgzVkq iB2ib27cFZbux6CS/8qHg8c= =1pEl -----END PGP SIGNATURE-----
--- End Message ---