These have been forcemerged.
--
I pledge not to post to any systemd-related thread on -devel until
(at least) 2013.
--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive:
Hi,
I recently looked at several packages using gpg to verify signatures and
found ways to circumvent the signature check, see [1] for a few bug
reports demonstrating this.
[1]
http://bugs.debian.org/cgi-bin/pkgreport.cgi?tag=gpg-clearsign;users=ans...@debian.org
So far I have found two
Ansgar Burchardt ans...@debian.org writes:
I recently looked at several packages using gpg to verify signatures
Thanks for your work! Please try to raise this upstream so that they can
provide proper interfaces.
Is
/usr/bin/gpgv --quiet --keyring /etc/myprogram/trusted.gpg file file.sig
chmod
Package: wnpp
Severity: wishlist
Owner: Jotam Jr. Trejo jota...@debian.org.sv
* Package name: libbot-basicbot-pluggable-perl
Version : 0.98
Upstream Author : Mario Domgoergen m...@cpan.org
* URL : http://search.cpan.org/dist/Bot-BasicBot-Pluggable/
* License :
Package: wnpp
Severity: wishlist
Owner: Jotam Jr. Trejo jota...@debian.org.sv
* Package name: libconfig-find-perl
Version : 0.26
Upstream Author : Salvador Fandino sfand...@yahoo.com
* URL : http://search.cpan.org/dist/Config-Find/
* License : Artistic
Package: wnpp
Severity: wishlist
Owner: Jotam Jr. Trejo jota...@debian.org.sv
* Package name: liburi-title-perl
Version : 1.86
Upstream Author : Tom Insam t...@jerakeen.org
* URL : http://search.cpan.org/dist/URI-Title/
* License : GPL-1+, Artistic
Package: wnpp
Severity: wishlist
Owner: Jotam Jr. Trejo jota...@debian.org.sv
* Package name: liburi-find-simple-perl
Version : 1.03
Upstream Author : Tom Insam t...@jerakeen.org
* URL : http://search.cpan.org/dist/URI-Find-Simple/
* License : Artistic, GPL-1+
* Ansgar Burchardt ans...@debian.org [121214 16:18]:
2, Not asking gpg to verify signatures:
I also found packages that call gpg in the form gpg $file and expect
gpg to verify the signature on $file and output the signed data. Indeed
it does so for *signed* files, but if you just give it
[Timo Juhani Lindfors]
Is
/usr/bin/gpgv --quiet --keyring /etc/myprogram/trusted.gpg file file.sig
chmod a+x file
./file
still a safe way to ensure that only code signed by a key in trusted.gpg
gets executed?
From the manpage:
Note that this adds a keyring to the current list. If
Peter Samuelson pe...@p12n.org writes:
Note that this adds a keyring to the current list. If the intent
is to use the specified keyring alone, use --keyring along with
--no-default-keyring.
You probably read man gpg but gpgv is simpler:
gpgv: Invalid option --no-default-keyring
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Fri, 14 Dec 2012 10:54:32 +0100
Source: glusterfs
Binary: glusterfs-client glusterfs-server glusterfs-common glusterfs-dbg
Architecture: source amd64
Version: 3.4.0~qa5-1
Distribution: experimental
Urgency: low
Maintainer: Patrick
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Fri, 14 Dec 2012 11:10:19 +0100
Source: otrs2
Binary: otrs2 otrs
Architecture: source all
Version: 3.1.12+dfsg1-2
Distribution: experimental
Urgency: low
Maintainer: Patrick Matthäi pmatth...@debian.org
Changed-By: Patrick Matthäi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Fri, 14 Dec 2012 10:41:13 +0100
Source: cflow
Binary: cflow
Architecture: source i386
Version: 1:1.4+dfsg1-2
Distribution: unstable
Urgency: high
Maintainer: Serafeim Zanikolas s...@debian.org
Changed-By: Serafeim Zanikolas
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Fri, 14 Dec 2012 11:34:12 +
Source: dnsmasq
Binary: dnsmasq dnsmasq-base dnsmasq-utils
Architecture: source i386 all
Version: 2.65-1
Distribution: unstable
Urgency: low
Maintainer: Simon Kelley si...@thekelleys.org.uk
Changed-By:
libtarantoolsql1 libtarantoolsql1-dbg
libtarantoolrpl1 libtarantoolrpl1-dbg
Architecture: source all amd64
Version: 1.4.8+20121214-1
Distribution: unstable
Urgency: low
Maintainer: Dmitry E. Oboukhov un...@debian.org
Changed-By: Dmitry E. Oboukhov un...@debian.org
Description:
libtarantool-dev
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Fri, 14 Dec 2012 13:55:36 +0100
Source: base-files
Binary: base-files
Architecture: source amd64
Version: 7.1
Distribution: unstable
Urgency: low
Maintainer: Santiago Vila sanv...@debian.org
Changed-By: Santiago Vila
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Fri, 14 Dec 2012 14:44:22 +0100
Source: nwchem
Binary: nwchem nwchem-data
Architecture: source amd64 all
Version: 6.1-5
Distribution: unstable
Urgency: low
Maintainer: Michael Banck mba...@debian.org
Changed-By: Michael Banck
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Thu, 13 Dec 2012 17:45:13 +
Source: flashplugin-nonfree
Binary: flashplugin-nonfree
Architecture: source amd64
Version: 1:3.2
Distribution: unstable
Urgency: low
Maintainer: Bart Martens ba...@debian.org
Changed-By: Bart
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Fri, 14 Dec 2012 20:45:15 +0100
Source: elki
Binary: elki
Architecture: source all
Version: 0.5.5-1
Distribution: unstable
Urgency: low
Maintainer: Erich Schubert er...@debian.org
Changed-By: Erich Schubert er...@debian.org
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Fri, 14 Dec 2012 21:06:39 +0100
Source: jabref
Binary: jabref jabref-plugin-oo
Architecture: source all
Version: 2.9+ds-1
Distribution: experimental
Urgency: low
Maintainer: gregor herrmann gre...@debian.org
Changed-By: gregor
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Fri, 14 Dec 2012 21:12:46 +0100
Source: lightproof
Binary: libreoffice-lightproof-en libreoffice-lightproof-hu
libreoffice-lightproof-ru-ru
Architecture: source all
Version: 1.5+git20121123-1
Distribution: experimental
Urgency:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Fri, 14 Dec 2012 22:42:09 +0100
Source: lintian4python
Binary: lintian4python
Architecture: source all
Version: 0.11
Distribution: experimental
Urgency: low
Maintainer: Jakub Wilk jw...@debian.org
Changed-By: Jakub Wilk
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Tue, 11 Dec 2012 15:08:07 +0100
Source: vxi
Binary: vxi-dev libvxiclient0
Architecture: source amd64
Version: 0.0.20121206-1
Distribution: unstable
Urgency: low
Maintainer: Simon Richter s...@debian.org
Changed-By: Simon Richter
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Tue, 11 Dec 2012 17:29:33 +0100
Source: ruby-distribution
Binary: ruby-distribution
Architecture: source all
Version: 0.7.0+dfsg-1
Distribution: unstable
Urgency: low
Maintainer: Debian Ruby Extras Maintainers
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Wed, 28 Nov 2012 18:17:34 +0100
Source: libmialm
Binary: libmialm-dev libmialm2
Architecture: source amd64
Version: 1.0.6-1
Distribution: unstable
Urgency: low
Maintainer: Debian Med Packaging Team
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Sun, 24 Jun 2012 18:37:32 -0400
Source: libzapojit
Binary: libzapojit-0.0-0 libzapojit-dev libzapojit-doc gir1.2-zpj-0.0
Architecture: source all amd64
Version: 0.0.2-1
Distribution: unstable
Urgency: low
Maintainer: Debian GNOME
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Wed, 12 Dec 2012 22:02:12 +0100
Source: oce
Binary: liboce-foundation5 liboce-modeling5 liboce-visualization5
liboce-ocaf-lite5 liboce-ocaf5 oce-draw liboce-foundation-dev
liboce-modeling-dev liboce-ocaf-lite-dev liboce-ocaf-dev
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Wed, 12 Dec 2012 00:25:00 +0100
Source: python-defaults
Binary: python python-minimal python-examples python-dev libpython-dev idle
python-doc python-dbg libpython-dbg python-all python-all-dev python-all-dbg
Architecture: source
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Thu, 01 Nov 2012 12:05:27 +0100
Source: ruby-mysql2
Binary: ruby-mysql2
Architecture: source amd64
Version: 0.3.11-1
Distribution: unstable
Urgency: low
Maintainer: Debian Ruby Extras Maintainers
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Thu, 13 Dec 2012 17:19:31 +0100
Source: live-images
Binary: live-image-all live-image-gnome-desktop live-image-kde-desktop
live-image-lxde-desktop live-image-rescue live-image-standard
live-image-xfce-desktop
Architecture: source
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Thu, 13 Dec 2012 15:42:11 +0100
Source: refdb
Binary: refdb-clients refdb-server refdb-www refdb-doc
Architecture: source amd64 all
Version: 0.9.9-2
Distribution: unstable
Urgency: low
Maintainer: Debian XML/SGML Group
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Sun, 25 Nov 2012 14:53:59 +
Source: perl-cross-debian
Binary: perl-cross-debian
Architecture: source all
Version: 0.0.1
Distribution: experimental
Urgency: low
Maintainer: Neil Williams codeh...@debian.org
Changed-By: Neil
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Mon, 10 Dec 2012 08:04:54 +0100
Source: ruby-minimization
Binary: ruby-minimization
Architecture: source all
Version: 0.2.1-1
Distribution: unstable
Urgency: low
Maintainer: Debian Ruby Extras Maintainers
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Wed, 12 Dec 2012 18:43:55 +0100
Source: epiphany-browser
Binary: epiphany-browser epiphany-browser-data epiphany-browser-dev
epiphany-browser-dbg gir1.2-epiphany-3.6
Architecture: source all amd64
Version: 3.6.1-2
Distribution:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Tue, 11 Dec 2012 16:10:56 -0800
Source: undistract-me
Binary: undistract-me
Architecture: source all
Version: 0.1.0+bzr10-1
Distribution: unstable
Urgency: low
Maintainer: Clint Byrum spam...@debian.org
Changed-By: Clint Byrum
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Fri, 16 Nov 2012 14:29:41 +
Source: openstack-pkg-tools
Binary: openstack-pkg-tools
Architecture: source all
Version: 1
Distribution: experimental
Urgency: low
Maintainer: PKG OpenStack openstack-de...@lists.alioth.debian.org
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Format: 1.8
Date: Fri, 14 Dec 2012 12:28:50 +
Source: pybit
Binary: pybit-svn pybit-client pybit-web pybit-common pybit-watcher
Architecture: source all
Version: 0.4.0-1
Distribution: experimental
Urgency: low
Maintainer: Neil Williams
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Tue, 11 Dec 2012 14:33:33 +0100
Source: ucommon
Binary: libucommon-dev libucommon6-dbg libucommon6 ucommon-utils ucommon-doc
Architecture: source all amd64
Version: 6.0.2-1
Distribution: experimental
Urgency: low
Maintainer: Jonas
38 matches
Mail list logo