Your message dated Sat, 7 Feb 2015 01:55:19 +0100 with message-id <20150207005519.GA28765@crossbow> and subject line Re: Bug#777145: apt-key del fails to remove key if given long id has caused the Debian Bug report #777145, regarding apt-key del fails to remove key if given long id to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 777145: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777145 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: apt-key del fails to remove key if given long id
- From: Peter Keel <bugtraq@discordia.ch>
- Date: Thu, 05 Feb 2015 16:19:24 +0100
- Message-id: <[🔎] 20150205151924.19087.89621.reportbug@gretel.discordia.ch>
Package: apt Version: 0.9.7.9+deb7u7 Severity: normal Dear Maintainer, *** Please consider answering these questions, where appropriate *** * What led up to the situation? trying to delete a key with apt-key * What exactly did you do (or not do) that was effective (or ineffective)? apt-key del <long-gpg-id> apt-key list * What was the outcome of this action? The key was still there. * What outcome did you expect instead? The key being deleted, not only when given the short id. Also applies to newer versions of apt. *** End of the template - remove these lines *** -- Package-specific info: -- (no /etc/apt/preferences present) -- -- (/etc/apt/sources.list present, but not submitted) -- -- System Information: Debian Release: 7.8 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Kernel: Linux 3.18.5-grsec Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages apt depends on: ii debian-archive-keyring 2014.3~deb7u1 ii gnupg 1.4.12-7+deb7u6 ii libapt-pkg4.12 0.9.7.9+deb7u7 ii libc6 2.13-38+deb7u7 ii libgcc1 1:4.7.2-5 ii libstdc++6 4.7.2-5 apt recommends no packages. Versions of packages apt suggests: pn apt-doc <none> ii aptitude 0.6.8.2-1 ii dpkg-dev 1.16.15 ii python-apt 0.8.8.2 ii xz-utils 5.1.1alpha+20120614-2 -- no debconf information
--- End Message ---
--- Begin Message ---
- To: Peter Keel <bugtraq@discordia.ch>, 777145-done@bugs.debian.org
- Subject: Re: Bug#777145: apt-key del fails to remove key if given long id
- From: David Kalnischkies <david@kalnischkies.de>
- Date: Sat, 7 Feb 2015 01:55:19 +0100
- Message-id: <20150207005519.GA28765@crossbow>
- In-reply-to: <[🔎] 20150205151924.19087.89621.reportbug@gretel.discordia.ch>
- References: <[🔎] 20150205151924.19087.89621.reportbug@gretel.discordia.ch>
Version: 1.0.9.4 Hi, On Thu, Feb 05, 2015 at 04:19:24PM +0100, Peter Keel wrote: > Also applies to newer versions of apt. I can't reproduce this claim. APT will properly handle it in the next stable release (jessie) as advertised in the changelog: apt (1.0.9.4) unstable; urgency=medium […] [ James McCoy ] * support long keyids in "apt-key del" instead of ignoring them (Closes: 754436) […] -- David Kalnischkies <david@kalnischkies.de> Wed, 03 Dec 2014 14:26:04 +0100 The version in experimental (which will be 'stretch' material) even deals with the even longer fingerprints (and supported it before jessie did long keyids – just as a random useless trivia). I am therefore closing with the appropriate version. If you really can reproduce this with this version (or newer) please reopen this bug with an exact example interaction so we can reproduce it. If you are in fact asking for an update for current stable: Unlikely as it feels to unimportant to cross the stable-updates barrier. Short keyids have all sorts of problems while interacting with gnupg as it deals with untrusted data all the time, but apt-key deals with trusted data only, so stuff like same-short keyid attacks are not really an issue here, so this bug is just an annoyance, not a security issue. Best regards David KalnischkiesAttachment: signature.asc
Description: Digital signature
--- End Message ---