[SRU] Package unusable due to yearly key changes
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
debian-ports-archive-keyring (Ubuntu) |
Fix Released
|
Medium
|
Unassigned | ||
Bionic |
New
|
Medium
|
Unassigned | ||
Focal |
New
|
Medium
|
Unassigned |
Bug Description
[Impact]
* ftp.ports.
* Packages in bionic and focal do not have 2022's key, making the packages unusable.
* SRU falls under "Updates that need to be applied to Ubuntu packages to adjust to changes in the environment, server protocols, web services, and similar"
* Package can be synced directly from Debian
[Test Plan]
sudo debootstrap --arch=riscv64 --force-check-gpg --foreign --keyring=
Expected:
I: Checking Release signature
I: Valid Release signature (key id CBC70A60B9ED6F2
I: Retrieving Packages
I: Validating Packages
I: Resolving dependencies of required packages...
I: Resolving dependencies of base packages...
[...]
Currently:
I: Checking Release signature
E: Release signed by unknown key (key id E852514F5DF312F6)
The specified keyring /usr/share/
You can find the latest Debian release key at https:/
[Where problems could occur]
* Very old keys are removed from the keyring by subsequent package updates. An existing program might be looking for old keys and start failing, but this scenario is probably unlikely.
[Other Info]
tags: | added: bionic focal |
Changed in debian-ports-archive-keyring (Ubuntu): | |
status: | New → Fix Released |
importance: | Undecided → Medium |
Changed in debian-ports-archive-keyring (Ubuntu Bionic): | |
importance: | Undecided → Medium |
Changed in debian-ports-archive-keyring (Ubuntu Focal): | |
importance: | Undecided → Medium |
This bug doesn't make much sense to me (it seems to be a rolling issue) and there's nothing to sponsor here. Please update the bug to be specific about the issue being fixed this cycle, and include tested debdiffs to sponsor, presumably against the version in devel if it's a straightforward backport like ~22.04.1 and like that.