On Fri, 2020-07-03 at 09:56 +0200, Daniel Veillard wrote: > Half a day late, but I pushed the 6.5.0 release out, it is as usual > available as a signed tarball and source rpms from the server: > > https://libvirt.org/sources/ > > I also tagged and pushed the 6.5.0 python bindings that one can find at > > https://libvirt.org/sources/python/ > > This release includes a number of new features and some improvement, > as well as a crash which had made its way in 6.4.0. > It will also be my last release of libvirt after close to 15 years, > so expect new releases to be signed by Jiri Denemark from now on.
Hi Daniel, unfortunately the way the handover of release responsibilities was handled is not considered up to scratch for at least one downstream community, Arch Linux. More specifically, since no formal trust path between your PGP key and Jiri's has been established, the Arch maintainers are not comfortable updating the package past 6.5.0. The situation has been in a standstill for several months now, and Arch users are increasingly suffering from it. See [1] and following comments for more details on this. Can you and Jiri (CC'd) please get in touch and arrange for his key to be signed with yours, so that a proper trust path is established? I would really love to see this resolved once and for all. Thanks in advance to both of you! [1] https://bugs.archlinux.org/task/67921#comment193381 -- Andrea Bolognani / Red Hat / Virtualization
