Your message dated
with message-id <[email protected]>
and subject line apt-proxy removed from Debian unstable
has caused the Debian Bug report #434678,
regarding apt-proxy: Fetch Release and Release.gpg from the same server
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
434678: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=434678
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: apt-proxy
Version: 1.9.35-0.3
Severity: normal
My aptitude update calls the past two days have been ending in this
message:
W: GPG error: http://green.gecko etch/updates Release: The following
signatures were invalid: BADSIG A70DAF536070D3A1 Debian Archive
Automatic Signing Key (4.0/etch) <[email protected]>
W: You may want to run apt-get update to correct these problems
Doing some digging with wget I found that the Release file is different
on one of the three servers in the secure.debian.org DNS rotation:
ja...@green:/tmp/r-by-ip$ diff 128.31.0.36/Release
212.211.132.250/Release
5c5
< Date: Tue, 24 Jul 2007 07:13:06 UTC
---
> Date: Tue, 24 Jul 2007 16:14:51 UTC
If I use wget twice in a row to fetch the Release and Release.gpg files,
there is a chance that I will get the Release file from a different
server than I get the Release.gpg file. If I make wget fetch both files
in the same session, the signature is good.
When I diff the apt-proxy cached Release and Release.gpg files against
those I fetched with wget using the --input-file option I found that the
apt-proxy cached files were not from the same server. I deleted the
cached Release and Release.gpg files and repeated the update a few times
with the same results.
In this case the difference between the release files is minor, and
generally the servers should all be in sync. It seems that all the files
should come from the same server so that all the signatures match up
even when the servers aren't in sync.
-- System Information:
Debian Release: 4.0
APT prefers stable
APT policy: (500, 'stable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-4-686
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Versions of packages apt-proxy depends on:
ii adduser 3.102 Add and remove users and groups
ii bzip2 1.0.3-6 high-quality block-sorting file co
ii debconf [debconf-2.0] 1.5.11 Debian configuration management sy
ii logrotate 3.7.1-3 Log rotation utility
ii python 2.4.4-2 An interactive high-level object-o
ii python-apt 0.6.19 Python interface to libapt-pkg
ii python-central 0.5.12 register and build utility for Pyt
ii python-twisted-web 0.6.0-1 An HTTP protocol implementation to
apt-proxy recommends no packages.
-- debconf information:
apt-proxy/upgrading-v2:
apt-proxy/upgrading-v2-result:
--- End Message ---
--- Begin Message ---
Version: 1.9.37+rm
apt-proxy has been removed from Debian unstable: http://bugs.debian.org/576821
Closing its bugs with a Version higher than the last unstable upload.
More information about this script at:
http://git.debian.org/?p=users/morph/mass-bugs-close.git;a=blob_plain;f=README;hb=HEAD
--- End Message ---
