Ubuntu
debsig-verify package

debsig-verify 0.14 source package in Ubuntu

Changelog

debsig-verify (0.14) unstable; urgency=low

  * Assume at least C89 and POSIX.1-2001.
  * Fix man page formatting.
  * Add references to debsigs(1) and gpg(1) to the man page.
  * Add missing man page .TH fields.
  * Use https instead of git or http in URLs.
  * Add new test case covering key to name id mapping.
  * Switch to use more of libdpkg instead of ad-hoc code:
    - Use path_make_temp_template().
    - Switch from popen() to subproc_fork() and execlp(), to avoid shell
      invocation and unsafe argument passing.
    - Use the command module to invoke GnuPG instead of execlp().
  * Do not use an absolute pathname to the GnuPG program.
  * Make the GnuPG program configurable through the DEBSIG_GNUPG_PROGRAM
    environment variable.
  * Fix handling of a possibly non-terminated origin ID string.
  * Fix a file TOCTOU issue in the XML parser.
  * Set umask() for mkstemp() calls.
  * Do not free() nor unlink() an uninitialized string.
  * Fix printing debug message on unmatched key IDs in getKeyID().
  * Update copyright years.

 -- Guillem Jover <email address hidden>  Sat, 13 Feb 2016 11:32:58 +0100

Upload details

Uploaded by:
Dpkg Mailing List
Uploaded to:
Sid
Original maintainer:
Dpkg Mailing List
Architectures:
any
Section:
admin
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Xenial release universe admin

Downloads

File Size SHA-256 Checksum
debsig-verify_0.14.dsc 1.6 KiB 8ed0552527cf76f67178920fb3ab8da2dd24ae7df67ec17558150a5b34e2be1b
debsig-verify_0.14.tar.xz 124.2 KiB a93346012c3602014ba28f7eb2e53ac7bd46ab78b481bb72afbb9871a2c376be

Available diffs

No changes file available.

Binary packages built by this source

debsig-verify: Debian package signature verification tool

 This tool inspects and verifies binary package digital signatures based
 on predetermined policies, complementing repository signatures or allowing
 to verify the authenticity of a package even after download when detached
 from a repository.

debsig-verify-dbgsym: debug symbols for package debsig-verify

 This tool inspects and verifies binary package digital signatures based
 on predetermined policies, complementing repository signatures or allowing
 to verify the authenticity of a package even after download when detached
 from a repository.