Bug#923668: marked as done (apt update says "Signed file isn't valid", but apt-key verify passes)

To: Julian Andres Klode <jak@debian.org>
Subject: Bug#923668: marked as done (apt update says "Signed file isn't valid", but apt-key verify passes)
From: "Debian Bug Tracking System" <owner@bugs.debian.org>
Date: Sun, 03 Mar 2019 14:36:03 +0000
Message-id: <[🔎] handler.923668.D923668.155162359725279.ackdone@bugs.debian.org>
Reply-to: 923668@bugs.debian.org
References: <20190303152959.GA18600@debian.org> <[🔎] 155162258676.14221.18250333809926527202.reportbug@convex.localnet>

Your message dated Sun, 3 Mar 2019 15:33:09 +0100
with message-id <20190303152959.GA18600@debian.org>
and subject line Re: Bug#923668: apt update says "Signed file isn't valid", but apt-key verify passes
has caused the Debian Bug report #923668,
regarding apt update says "Signed file isn't valid", but apt-key verify passes
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
923668: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923668
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: apt update says "Signed file isn't valid", but apt-key verify passes
From: David Bremner <bremner@debian.org>
Date: Sun, 03 Mar 2019 10:16:26 -0400
Message-id: <[🔎] 155162258676.14221.18250333809926527202.reportbug@convex.localnet>

Package: apt
Version: 1.8.0~rc4
Severity: important

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

I have an apt repo managed by mini-dinstall

  deb http://apt.tethera.net/debian unstable/

It's signed by my key in the debian keyring.

This is working fine with stretch, and was working fine with buster until something like a month ago.

Now I get

    http://apt.tethera.net/debian unstable/ Release.gpg
        Signed file isn't valid, got 'NODATA' (does the network require authentication?)

when I run apt update.

On the other hand:

,----
| convex# pwd
| /var/lib/apt/lists/partial
| 
| convex# ls -l
| total 8
| -rw-r--r-- 1 root root 1557 Mar  3 10:07 apt.tethera.net_debian_unstable_Release
| -rw-r--r-- 1 root root  438 Oct  6 18:11 apt.tethera.net_debian_unstable_Release.gpg
| 
| convex# apt-key verify apt.tethera.net_debian_unstable_Release.gpg apt.tethera.net_debian_unstable_Release 
| gpgv: Signature made Sat 06 Oct 2018 06:11:21 PM ADT
| gpgv:                using RSA key DD54B6767C834572950900A9F202971DA4A79E2C
| gpgv: Good signature from "David Bremner <bremner@debian.org>"
| gpgv:                 aka "David Bremner <bremner@unb.ca>"
| gpgv:                 aka "David Bremner <david@tethera.net>"
`----

I'm not sure how to replicate the way apt calls gpgv.

I tried

# sudo -s -u _apt

and I get the same output from apt-key.

I use the option "-o Debug::Acquire::gpgv=true", then all I see is
that gpgv returned 113.

,----
| inside VerifyGetSigners
| Read: [GNUPG:] NODATA
| 
| gpgv exited with status 113
| Summary:
|   Good: 
|   Valid: 
|   Bad: 
|   Worthless: 
|   SoonWorthless: 
|   NoPubKey: 
|   Signed-By: 
|   NODATA: yes
| Err:5 http://apt.tethera.net/debian unstable/ Release.gpg
|   Signed file isn't valid, got 'NODATA' (does the network require authentication?)
| inside VerifyGetSigners
`----

The only other difference I noted is that pubkey in question is about
2-3x the size of most of the other ones.

Assuming reportbug cooperates I'll try attaching the pubkey to this report.

- -- Package-specific info:

- -- apt-config dump --

APT "";
APT::Architecture "amd64";
APT::Build-Essential "";
APT::Build-Essential:: "build-essential";
APT::Install-Recommends "1";
APT::Install-Suggests "0";
APT::Sandbox "";
APT::Sandbox::User "_apt";
APT::Authentication "";
APT::Authentication::TrustCDROM "true";
APT::NeverAutoRemove "";
APT::NeverAutoRemove:: "^firmware-linux.*";
APT::NeverAutoRemove:: "^linux-firmware$";
APT::NeverAutoRemove:: "^linux-image-[a-z0-9]*$";
APT::NeverAutoRemove:: "^linux-image-[a-z0-9]*-[a-z0-9]*$";
APT::NeverAutoRemove:: "^linux-image-4\.19\.0-1-amd64$";
APT::NeverAutoRemove:: "^linux-image-4\.19\.0-2-amd64$";
APT::NeverAutoRemove:: "^linux-headers-4\.19\.0-1-amd64$";
APT::NeverAutoRemove:: "^linux-headers-4\.19\.0-2-amd64$";
APT::NeverAutoRemove:: "^linux-image-extra-4\.19\.0-1-amd64$";
APT::NeverAutoRemove:: "^linux-image-extra-4\.19\.0-2-amd64$";
APT::NeverAutoRemove:: "^linux-modules-4\.19\.0-1-amd64$";
APT::NeverAutoRemove:: "^linux-modules-4\.19\.0-2-amd64$";
APT::NeverAutoRemove:: "^linux-modules-extra-4\.19\.0-1-amd64$";
APT::NeverAutoRemove:: "^linux-modules-extra-4\.19\.0-2-amd64$";
APT::NeverAutoRemove:: "^linux-signed-image-4\.19\.0-1-amd64$";
APT::NeverAutoRemove:: "^linux-signed-image-4\.19\.0-2-amd64$";
APT::NeverAutoRemove:: "^kfreebsd-image-4\.19\.0-1-amd64$";
APT::NeverAutoRemove:: "^kfreebsd-image-4\.19\.0-2-amd64$";
APT::NeverAutoRemove:: "^kfreebsd-headers-4\.19\.0-1-amd64$";
APT::NeverAutoRemove:: "^kfreebsd-headers-4\.19\.0-2-amd64$";
APT::NeverAutoRemove:: "^gnumach-image-4\.19\.0-1-amd64$";
APT::NeverAutoRemove:: "^gnumach-image-4\.19\.0-2-amd64$";
APT::NeverAutoRemove:: "^.*-modules-4\.19\.0-1-amd64$";
APT::NeverAutoRemove:: "^.*-modules-4\.19\.0-2-amd64$";
APT::NeverAutoRemove:: "^.*-kernel-4\.19\.0-1-amd64$";
APT::NeverAutoRemove:: "^.*-kernel-4\.19\.0-2-amd64$";
APT::NeverAutoRemove:: "^linux-backports-modules-.*-4\.19\.0-1-amd64$";
APT::NeverAutoRemove:: "^linux-backports-modules-.*-4\.19\.0-2-amd64$";
APT::NeverAutoRemove:: "^linux-modules-.*-4\.19\.0-1-amd64$";
APT::NeverAutoRemove:: "^linux-modules-.*-4\.19\.0-2-amd64$";
APT::NeverAutoRemove:: "^linux-tools-4\.19\.0-1-amd64$";
APT::NeverAutoRemove:: "^linux-tools-4\.19\.0-2-amd64$";
APT::NeverAutoRemove:: "^linux-cloud-tools-4\.19\.0-1-amd64$";
APT::NeverAutoRemove:: "^linux-cloud-tools-4\.19\.0-2-amd64$";
APT::VersionedKernelPackages "";
APT::VersionedKernelPackages:: "linux-image";
APT::VersionedKernelPackages:: "linux-headers";
APT::VersionedKernelPackages:: "linux-image-extra";
APT::VersionedKernelPackages:: "linux-modules";
APT::VersionedKernelPackages:: "linux-modules-extra";
APT::VersionedKernelPackages:: "linux-signed-image";
APT::VersionedKernelPackages:: "kfreebsd-image";
APT::VersionedKernelPackages:: "kfreebsd-headers";
APT::VersionedKernelPackages:: "gnumach-image";
APT::VersionedKernelPackages:: ".*-modules";
APT::VersionedKernelPackages:: ".*-kernel";
APT::VersionedKernelPackages:: "linux-backports-modules-.*";
APT::VersionedKernelPackages:: "linux-modules-.*";
APT::VersionedKernelPackages:: "linux-tools";
APT::VersionedKernelPackages:: "linux-cloud-tools";
APT::Never-MarkAuto-Sections "";
APT::Never-MarkAuto-Sections:: "metapackages";
APT::Never-MarkAuto-Sections:: "contrib/metapackages";
APT::Never-MarkAuto-Sections:: "non-free/metapackages";
APT::Never-MarkAuto-Sections:: "restricted/metapackages";
APT::Never-MarkAuto-Sections:: "universe/metapackages";
APT::Never-MarkAuto-Sections:: "multiverse/metapackages";
APT::Move-Autobit-Sections "";
APT::Move-Autobit-Sections:: "oldlibs";
APT::Move-Autobit-Sections:: "contrib/oldlibs";
APT::Move-Autobit-Sections:: "non-free/oldlibs";
APT::Move-Autobit-Sections:: "restricted/oldlibs";
APT::Move-Autobit-Sections:: "universe/oldlibs";
APT::Move-Autobit-Sections:: "multiverse/oldlibs";
APT::Update "";
APT::Update::Post-Invoke-Success "";
APT::Update::Post-Invoke-Success:: "test -x /usr/bin/apt-show-versions || exit 0 ; apt-show-versions -i";
APT::Update::Post-Invoke-Success:: "/usr/bin/test -e /usr/share/dbus-1/system-services/org.freedesktop.PackageKit.service && /usr/bin/test -S /var/run/dbus/system_bus_socket && /usr/bin/gdbus call --system --dest org.freedesktop.PackageKit --object-path /org/freedesktop/PackageKit --timeout 4 --method org.freedesktop.PackageKit.StateHasChanged cache-update > /dev/null; /bin/echo > /dev/null";
APT::Periodic "";
APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Unattended-Upgrade "1";
APT::Get "";
APT::Get::Install-Recommends "false";
APT::Architectures "";
APT::Architectures:: "amd64";
APT::Architectures:: "i386";
APT::Compressor "";
APT::Compressor::. "";
APT::Compressor::.::Name ".";
APT::Compressor::.::Extension "";
APT::Compressor::.::Binary "";
APT::Compressor::.::Cost "0";
APT::Compressor::zstd "";
APT::Compressor::zstd::Name "zstd";
APT::Compressor::zstd::Extension ".zst";
APT::Compressor::zstd::Binary "false";
APT::Compressor::zstd::Cost "60";
APT::Compressor::lz4 "";
APT::Compressor::lz4::Name "lz4";
APT::Compressor::lz4::Extension ".lz4";
APT::Compressor::lz4::Binary "lz4";
APT::Compressor::lz4::Cost "50";
APT::Compressor::lz4::CompressArg "";
APT::Compressor::lz4::CompressArg:: "-1";
APT::Compressor::lz4::UncompressArg "";
APT::Compressor::lz4::UncompressArg:: "-d";
APT::Compressor::gzip "";
APT::Compressor::gzip::Name "gzip";
APT::Compressor::gzip::Extension ".gz";
APT::Compressor::gzip::Binary "gzip";
APT::Compressor::gzip::Cost "100";
APT::Compressor::gzip::CompressArg "";
APT::Compressor::gzip::CompressArg:: "-6n";
APT::Compressor::gzip::UncompressArg "";
APT::Compressor::gzip::UncompressArg:: "-d";
APT::Compressor::xz "";
APT::Compressor::xz::Name "xz";
APT::Compressor::xz::Extension ".xz";
APT::Compressor::xz::Binary "xz";
APT::Compressor::xz::Cost "200";
APT::Compressor::xz::CompressArg "";
APT::Compressor::xz::CompressArg:: "-6";
APT::Compressor::xz::UncompressArg "";
APT::Compressor::xz::UncompressArg:: "-d";
APT::Compressor::bzip2 "";
APT::Compressor::bzip2::Name "bzip2";
APT::Compressor::bzip2::Extension ".bz2";
APT::Compressor::bzip2::Binary "bzip2";
APT::Compressor::bzip2::Cost "300";
APT::Compressor::bzip2::CompressArg "";
APT::Compressor::bzip2::CompressArg:: "-6";
APT::Compressor::bzip2::UncompressArg "";
APT::Compressor::bzip2::UncompressArg:: "-d";
APT::Compressor::lzma "";
APT::Compressor::lzma::Name "lzma";
APT::Compressor::lzma::Extension ".lzma";
APT::Compressor::lzma::Binary "xz";
APT::Compressor::lzma::Cost "400";
APT::Compressor::lzma::CompressArg "";
APT::Compressor::lzma::CompressArg:: "--format=lzma";
APT::Compressor::lzma::CompressArg:: "-6";
APT::Compressor::lzma::UncompressArg "";
APT::Compressor::lzma::UncompressArg:: "--format=lzma";
APT::Compressor::lzma::UncompressArg:: "-d";
Dir "/";
Dir::State "var/lib/apt";
Dir::State::lists "lists/";
Dir::State::cdroms "cdroms.list";
Dir::State::extended_states "extended_states";
Dir::State::status "/var/lib/dpkg/status";
Dir::Cache "var/cache/apt";
Dir::Cache::archives "archives/";
Dir::Cache::srcpkgcache "srcpkgcache.bin";
Dir::Cache::pkgcache "pkgcache.bin";
Dir::Etc "etc/apt";
Dir::Etc::sourcelist "sources.list";
Dir::Etc::sourceparts "sources.list.d";
Dir::Etc::main "apt.conf";
Dir::Etc::netrc "auth.conf";
Dir::Etc::netrcparts "auth.conf.d";
Dir::Etc::parts "apt.conf.d";
Dir::Etc::preferences "preferences";
Dir::Etc::preferencesparts "preferences.d";
Dir::Etc::trusted "trusted.gpg";
Dir::Etc::trustedparts "trusted.gpg.d";
Dir::Etc::apt-file-main "apt-file.conf";
Dir::Bin "";
Dir::Bin::methods "/usr/lib/apt/methods";
Dir::Bin::solvers "";
Dir::Bin::solvers:: "/usr/lib/apt/solvers";
Dir::Bin::planners "";
Dir::Bin::planners:: "/usr/lib/apt/planners";
Dir::Bin::dpkg "/usr/bin/dpkg";
Dir::Bin::gzip "/bin/gzip";
Dir::Bin::bzip2 "/bin/bzip2";
Dir::Bin::xz "/usr/bin/xz";
Dir::Bin::lz4 "/usr/bin/lz4";
Dir::Bin::zstd "/usr/bin/zstd";
Dir::Bin::lzma "/usr/bin/xz";
Dir::Media "";
Dir::Media::MountPath "/media/cdrom";
Dir::Log "var/log/apt";
Dir::Log::Terminal "term.log";
Dir::Log::History "history.log";
Dir::Log::Planner "eipp.log.xz";
Dir::Ignore-Files-Silently "";
Dir::Ignore-Files-Silently:: "~$";
Dir::Ignore-Files-Silently:: "\.disabled$";
Dir::Ignore-Files-Silently:: "\.bak$";
Dir::Ignore-Files-Silently:: "\.dpkg-[a-z]+$";
Dir::Ignore-Files-Silently:: "\.ucf-[a-z]+$";
Dir::Ignore-Files-Silently:: "\.save$";
Dir::Ignore-Files-Silently:: "\.orig$";
Dir::Ignore-Files-Silently:: "\.distUpgrade$";
Acquire "";
Acquire::AllowInsecureRepositories "0";
Acquire::AllowWeakRepositories "0";
Acquire::AllowDowngradeToInsecureRepositories "0";
Acquire::cdrom "";
Acquire::cdrom::mount "/media/cdrom";
Acquire::IndexTargets "";
Acquire::IndexTargets::deb "";
Acquire::IndexTargets::deb::Packages "";
Acquire::IndexTargets::deb::Packages::MetaKey "$(COMPONENT)/binary-$(ARCHITECTURE)/Packages";
Acquire::IndexTargets::deb::Packages::flatMetaKey "Packages";
Acquire::IndexTargets::deb::Packages::ShortDescription "Packages";
Acquire::IndexTargets::deb::Packages::Description "$(RELEASE)/$(COMPONENT) $(ARCHITECTURE) Packages";
Acquire::IndexTargets::deb::Packages::flatDescription "$(RELEASE) Packages";
Acquire::IndexTargets::deb::Packages::Optional "0";
Acquire::IndexTargets::deb::Translations "";
Acquire::IndexTargets::deb::Translations::MetaKey "$(COMPONENT)/i18n/Translation-$(LANGUAGE)";
Acquire::IndexTargets::deb::Translations::flatMetaKey "$(LANGUAGE)";
Acquire::IndexTargets::deb::Translations::ShortDescription "Translation-$(LANGUAGE)";
Acquire::IndexTargets::deb::Translations::Description "$(RELEASE)/$(COMPONENT) Translation-$(LANGUAGE)";
Acquire::IndexTargets::deb::Translations::flatDescription "$(RELEASE) Translation-$(LANGUAGE)";
Acquire::IndexTargets::deb::Contents-deb "";
Acquire::IndexTargets::deb::Contents-deb::MetaKey "$(COMPONENT)/Contents-$(ARCHITECTURE)";
Acquire::IndexTargets::deb::Contents-deb::ShortDescription "Contents-$(ARCHITECTURE)";
Acquire::IndexTargets::deb::Contents-deb::Description "$(RELEASE)/$(COMPONENT) $(ARCHITECTURE) Contents (deb)";
Acquire::IndexTargets::deb::Contents-deb::flatMetaKey "Contents-$(ARCHITECTURE)";
Acquire::IndexTargets::deb::Contents-deb::flatDescription "$(RELEASE) Contents (deb)";
Acquire::IndexTargets::deb::Contents-deb::PDiffs "true";
Acquire::IndexTargets::deb::Contents-deb::KeepCompressed "true";
Acquire::IndexTargets::deb::Contents-udeb "";
Acquire::IndexTargets::deb::Contents-udeb::MetaKey "$(COMPONENT)/Contents-udeb-$(ARCHITECTURE)";
Acquire::IndexTargets::deb::Contents-udeb::ShortDescription "Contents-udeb-$(ARCHITECTURE)";
Acquire::IndexTargets::deb::Contents-udeb::Description "$(RELEASE)/$(COMPONENT) $(ARCHITECTURE) Contents (udeb)";
Acquire::IndexTargets::deb::Contents-udeb::flatMetaKey "Contents-udeb-$(ARCHITECTURE)";
Acquire::IndexTargets::deb::Contents-udeb::flatDescription "$(RELEASE) Contents (udeb)";
Acquire::IndexTargets::deb::Contents-udeb::KeepCompressed "true";
Acquire::IndexTargets::deb::Contents-udeb::PDiffs "true";
Acquire::IndexTargets::deb::Contents-udeb::DefaultEnabled "false";
Acquire::IndexTargets::deb::Contents-deb-legacy "";
Acquire::IndexTargets::deb::Contents-deb-legacy::MetaKey "Contents-$(ARCHITECTURE)";
Acquire::IndexTargets::deb::Contents-deb-legacy::ShortDescription "Contents-$(ARCHITECTURE)";
Acquire::IndexTargets::deb::Contents-deb-legacy::Description "$(RELEASE) $(ARCHITECTURE) Contents (deb)";
Acquire::IndexTargets::deb::Contents-deb-legacy::PDiffs "true";
Acquire::IndexTargets::deb::Contents-deb-legacy::KeepCompressed "true";
Acquire::IndexTargets::deb::Contents-deb-legacy::Fallback-Of "Contents-deb";
Acquire::IndexTargets::deb::Contents-deb-legacy::Identifier "Contents-deb";
Acquire::IndexTargets::deb-src "";
Acquire::IndexTargets::deb-src::Sources "";
Acquire::IndexTargets::deb-src::Sources::MetaKey "$(COMPONENT)/source/Sources";
Acquire::IndexTargets::deb-src::Sources::flatMetaKey "Sources";
Acquire::IndexTargets::deb-src::Sources::ShortDescription "Sources";
Acquire::IndexTargets::deb-src::Sources::Description "$(RELEASE)/$(COMPONENT) Sources";
Acquire::IndexTargets::deb-src::Sources::flatDescription "$(RELEASE) Sources";
Acquire::IndexTargets::deb-src::Sources::Optional "0";
Acquire::IndexTargets::deb-src::Contents-dsc "";
Acquire::IndexTargets::deb-src::Contents-dsc::MetaKey "$(COMPONENT)/Contents-source";
Acquire::IndexTargets::deb-src::Contents-dsc::ShortDescription "Contents-source";
Acquire::IndexTargets::deb-src::Contents-dsc::Description "$(RELEASE)/$(COMPONENT) source Contents (dsc)";
Acquire::IndexTargets::deb-src::Contents-dsc::flatMetaKey "Contents-source";
Acquire::IndexTargets::deb-src::Contents-dsc::flatDescription "$(RELEASE) Contents (dsc)";
Acquire::IndexTargets::deb-src::Contents-dsc::PDiffs "true";
Acquire::IndexTargets::deb-src::Contents-dsc::KeepCompressed "true";
Acquire::IndexTargets::deb-src::Contents-dsc::DefaultEnabled "false";
Acquire::Changelogs "";
Acquire::Changelogs::URI "";
Acquire::Changelogs::URI::Origin "";
Acquire::Changelogs::URI::Origin::Debian "https://metadata.ftp-master.debian.org/changelogs/@CHANGEPATH@_changelog";;
Acquire::Changelogs::URI::Origin::Ubuntu "https://changelogs.ubuntu.com/changelogs/pool/@CHANGEPATH@/changelog";;
Acquire::Changelogs::AlwaysOnline "";
Acquire::Changelogs::AlwaysOnline::Origin "";
Acquire::Changelogs::AlwaysOnline::Origin::Ubuntu "1";
Acquire::Languages "";
Acquire::Languages:: "en";
Acquire::Languages:: "none";
Acquire::CompressionTypes "";
Acquire::CompressionTypes::xz "xz";
Acquire::CompressionTypes::bz2 "bzip2";
Acquire::CompressionTypes::lzma "lzma";
Acquire::CompressionTypes::gz "gzip";
Acquire::CompressionTypes::lz4 "lz4";
Acquire::CompressionTypes::zst "zstd";
DPkg "";
DPkg::Path "/usr/sbin:/usr/bin:/sbin:/bin";
DPkg::Pre-Invoke "";
DPkg::Pre-Invoke:: "if [ -x /usr/bin/etckeeper ]; then etckeeper pre-install; fi";
DPkg::Post-Invoke "";
DPkg::Post-Invoke:: "if [ -x /usr/bin/etckeeper ]; then etckeeper post-install; fi";
DPkg::Post-Invoke:: "adequate --help >/dev/null 2>&1 || exit 0; exec adequate --debconf --user nobody --pending";
DPkg::Post-Invoke:: "/usr/bin/test -e /usr/share/dbus-1/system-services/org.freedesktop.PackageKit.service && /usr/bin/test -S /var/run/dbus/system_bus_socket && /usr/bin/gdbus call --system --dest org.freedesktop.PackageKit --object-path /org/freedesktop/PackageKit --timeout 4 --method org.freedesktop.PackageKit.StateHasChanged cache-update > /dev/null; /bin/echo > /dev/null";
DPkg::Post-Invoke:: "[ ! -e /usr/bin/how-can-i-help ] || /usr/bin/how-can-i-help --apt";
DPkg::Post-Invoke:: "test -x /usr/lib/needrestart/apt-pinvoke && /usr/lib/needrestart/apt-pinvoke || true";
DPkg::Pre-Install-Pkgs "";
DPkg::Pre-Install-Pkgs:: "adequate --help >/dev/null 2>&1 || exit 0; exec adequate --user nobody --apt-preinst";
DPkg::Pre-Install-Pkgs:: "/usr/bin/apt-listchanges --apt || test $? -lt 10";
DPkg::Pre-Install-Pkgs:: "/usr/sbin/dpkg-preconfigure --apt || true";
DPkg::Tools "";
DPkg::Tools::Options "";
DPkg::Tools::Options::adequate "";
DPkg::Tools::Options::adequate::Version "2";
DPkg::Tools::Options::/usr/bin/apt-listchanges "";
DPkg::Tools::Options::/usr/bin/apt-listchanges::Version "2";
DPkg::Tools::Options::/usr/bin/apt-listchanges::InfoFD "20";
RPM "";
RPM::Pre-Invoke "";
RPM::Pre-Invoke:: "if [ -x /usr/bin/etckeeper ]; then etckeeper pre-install; fi";
RPM::Post-Invoke "";
RPM::Post-Invoke:: "if [ -x /usr/bin/etckeeper ]; then etckeeper post-install; fi";
Adequate "";
Adequate::Enabled "false";
apt-file "";
apt-file::Index-Names "deb";
apt-file::Parser "";
apt-file::Parser::Check-For-Description-Header "false";
Unattended-Upgrade "";
Unattended-Upgrade::Origins-Pattern "";
Unattended-Upgrade::Origins-Pattern:: "origin=Debian,codename=${distro_codename},label=Debian-Security";
Unattended-Upgrade::Origins-Pattern:: "o=Debian,a=testing";
Unattended-Upgrade::Mail "root";
Binary "apt-config";
Binary::apt "";
Binary::apt::APT "";
Binary::apt::APT::Color "1";
Binary::apt::APT::Cache "";
Binary::apt::APT::Cache::Show "";
Binary::apt::APT::Cache::Show::Version "2";
Binary::apt::APT::Cache::AllVersions "0";
Binary::apt::APT::Cache::ShowVirtuals "1";
Binary::apt::APT::Cache::Search "";
Binary::apt::APT::Cache::Search::Version "2";
Binary::apt::APT::Cache::ShowDependencyType "1";
Binary::apt::APT::Cache::ShowVersion "1";
Binary::apt::APT::Get "";
Binary::apt::APT::Get::Upgrade-Allow-New "1";
Binary::apt::APT::Get::Update "";
Binary::apt::APT::Get::Update::InteractiveReleaseInfoChanges "1";
Binary::apt::APT::Cmd "";
Binary::apt::APT::Cmd::Show-Update-Stats "1";
Binary::apt::APT::Keep-Downloaded-Packages "0";
Binary::apt::DPkg "";
Binary::apt::DPkg::Progress-Fancy "1";
CommandLine "";
CommandLine::AsString "apt-config dump";

- -- (no /etc/apt/preferences present) --


- -- (/etc/apt/preferences.d/10propellor_elpa_45circe.pref present, but not submitted) --


- -- (/etc/apt/preferences.d/10propellor_elpa_45debian_45el.pref present, but not submitted) --


- -- (/etc/apt/preferences.d/10propellor_elpa_45dpkg_45dev_45el.pref present, but not submitted) --


- -- (/etc/apt/preferences.d/10propellor_elpa_45htmlize.pref present, but not submitted) --


- -- (/etc/apt/preferences.d/10propellor_elpa_45message_45templ.pref present, but not submitted) --


- -- (/etc/apt/preferences.d/10propellor_elpa_45notmuch.pref present, but not submitted) --


- -- (/etc/apt/preferences.d/10propellor_elpa_45org.pref present, but not submitted) --


- -- (/etc/apt/preferences.d/10propellor_elpa_45racket_45mode.pref present, but not submitted) --


- -- (/etc/apt/preferences.d/10propellor_elpa_45s.pref present, but not submitted) --


- -- (/etc/apt/preferences.d/10propellor_libnotmuch5.pref present, but not submitted) --


- -- (/etc/apt/preferences.d/10propellor_notmuch.pref present, but not submitted) --


- -- (/etc/apt/preferences.d/10propellor_python3_45dateparser.pref present, but not submitted) --


- -- (/etc/apt/preferences.d/10propellor_webmacs.pref present, but not submitted) --


- -- (/etc/apt/preferences.d/10propellor_xournal.pref present, but not submitted) --


- -- (/etc/apt/preferences.d/20unstable.pref present, but not submitted) --


- -- /etc/apt/sources.list --

deb http://deb.debian.org/debian testing main contrib non-free
deb-src http://deb.debian.org/debian testing main contrib non-free
deb http://security.debian.org/ testing/updates main contrib non-free
deb-src http://security.debian.org/ testing/updates main contrib non-free

- -- /etc/apt/sources.list.d/debug-testing-proposed-updates.list --

deb http://debug.mirrors.debian.org/debian-debug/ testing-proposed-updates-debug main

- -- /etc/apt/sources.list.d/debug-testing.list --

deb http://debug.mirrors.debian.org/debian-debug/ testing-debug main

- -- /etc/apt/sources.list.d/debug-unstable.list --

deb http://debug.mirrors.debian.org/debian-debug/ unstable-debug main

- -- /etc/apt/sources.list.d/tethera.list --

deb http://apt.tethera.net/debian unstable/

- -- /etc/apt/sources.list.d/unstable.list --

deb http://deb.debian.org/debian unstable main contrib non-free
deb-src http://deb.debian.org/debian unstable main contrib non-free

- -- System Information:
Debian Release: buster/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'testing-debug'), (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.19.0-2-amd64 (SMP w/8 CPU cores)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8), LANGUAGE=en_CA:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages apt depends on:
ii  adduser                 3.118
ii  debian-archive-keyring  2018.1
ii  gpgv                    2.2.12-1
ii  libapt-pkg5.0           1.8.0~rc3
ii  libc6                   2.28-7
ii  libgcc1                 1:8.2.0-21
ii  libgnutls30             3.6.6-2
ii  libseccomp2             2.3.3-4
ii  libstdc++6              8.2.0-21

Versions of packages apt recommends:
ii  ca-certificates  20190110

Versions of packages apt suggests:
pn  apt-doc         <none>
ii  aptitude        0.8.11-7
ii  dpkg-dev        1.19.5
ii  gnupg           2.2.12-1
ii  powermgmt-base  1.33

- -- no debconf information

-----BEGIN PGP SIGNATURE-----

iQGzBAEBCAAdFiEE3VS2dnyDRXKVCQCp8gKXHaSnniwFAlx74bkACgkQ8gKXHaSn
nixtLwv+JK5yaNZodU+oTwPN0fF2VIwabVNC7q1KdP0iZ4JMcglbd6dG/gwk7wJR
RjF5seOMtOZ7Wus+UPGzhBJrr66SVyw2nxzAEGocke0leF1EMVKcBzA4aDLgKRCF
7UAiki+8YXSyRLSsC0WJxWEOwgnU9pKqKtk6hqf05fVGnTKyxlSkbKn+wnFW1/kW
Jb/SWEgQD9domVbR2YzA2fMPJL43TUfD0J/7vIAMq2T4PteE6Bl8RnkUXxBYpz95
lzj3ss4Utwa92FGEHDeEbsRG2uLd6xXvE+QltcdKGaa1JdRCcWLCjU08/rKCd28v
uJ7mcWbBRTQ0N+ktKRTCyjaFDTJBMDm3iMvEEuM2uPIg6et2l1J3Mb3aOXkJs/CR
ntT5CYWQATNbe/m4UW0VxdKFNpRTo9oJTSEFjFQr9CJ0CDQipdSbPlgkh1u1zmMc
cpR28jnh8+ZZNnBItKRZ4m54dGKsQUJf17dRQ9xBcbele+As39i7N7phbOI8fW91
aMXvpvqd
=v24Z
-----END PGP SIGNATURE-----

Attachment: 815B63982A79F8E7C72786C4762B57BB784206AD.gpg
Description: application/pgp-keys

--- End Message ---

--- Begin Message ---

To: David Bremner <bremner@debian.org>, 923668-close@bugs.debian.org

Subject: Re: Bug#923668: apt update says "Signed file isn't valid", but apt-key verify passes

From: Julian Andres Klode <jak@debian.org>

Date: Sun, 3 Mar 2019 15:33:09 +0100

Message-id: <20190303152959.GA18600@debian.org>

In-reply-to: <[🔎] 155162258676.14221.18250333809926527202.reportbug@convex.localnet>

References: <[🔎] 155162258676.14221.18250333809926527202.reportbug@convex.localnet>
On Sun, Mar 03, 2019 at 10:16:26AM -0400, David Bremner wrote:
> Package: apt
> Version: 1.8.0~rc4
> Severity: important
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
> 
> I have an apt repo managed by mini-dinstall
> 
>   deb http://apt.tethera.net/debian unstable/
> 
> It's signed by my key in the debian keyring.
> 
> This is working fine with stretch, and was working fine with buster until something like a month ago.
> 
> Now I get
> 
>     http://apt.tethera.net/debian unstable/ Release.gpg
>         Signed file isn't valid, got 'NODATA' (does the network require authentication?)

The Release.gpg must be ASCII armored, as documented in:

 https://wiki.debian.org/DebianRepository/Format#A.22Release.22_files

Following the recent CVE, checks where added that the Release.gpg
contains only such signatures, to prevent hiding packages (or other
things for that matter) in there.
-- 
debian developer - deb.li/jak | jak-linux.org - free software dev
ubuntu core developer                              i speak de, en
Attachment: signature.asc
Description: PGP signature

--- End Message ---

Reply to:

References:
- Bug#923668: apt update says "Signed file isn't valid", but apt-key verify passes
  - From: David Bremner <bremner@debian.org>

Prev by Date: Bug#923668: apt update says "Signed file isn't valid", but apt-key verify passes
Next by Date: Bug#923668: apt update says "Signed file isn't valid", but apt-key verify passes
Previous by thread: Bug#923668: apt update says "Signed file isn't valid", but apt-key verify passes
Next by thread: Bug#923668: apt update says "Signed file isn't valid", but apt-key verify passes
Index(es):
- Date
- Thread