Your message dated Tue, 30 May 2006 13:38:13 -0400
with message-id <[EMAIL PROTECTED]>
and subject line closing this bug
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: apt
Version: 0.6.43
Severity: normal
Since the year has turned over, apt-get update now produces the error:
[...]
Reading package lists... Done
W: GPG error: http://http.us.debian.org testing Release: The following
signatures couldn't be verified because the public key is not available:
NO_PUBKEY 010908312D230C5F
W: GPG error: http://http.us.debian.org unstable Release: The following
signatures couldn't be verified because the public key is not available:
NO_PUBKEY 010908312D230C5F
Because the release key is not provided via an automated mechanism.
Leaveing aside that the means for getting a new key are not documented
in /usr/share/doc/apt or apt-doc, there is the additional issue that
undocumented, this looks like the debian servers may be compromised.
Secondarily, the recipes I can find for updating to the new release key
do not make clear whether the new release key is verifiable in any way.
I am worried that debian may be violating its trust model once a year.
-- Package-specific info:
-- apt-config dump --
APT "";
APT::Architecture "i386";
APT::Build-Essential "";
APT::Build-Essential:: "build-essential";
APT::Default-Release "testing";
APT::Cache-Limit "10000000";
Dir "/";
Dir::State "var/lib/apt/";
Dir::State::lists "lists/";
Dir::State::cdroms "cdroms.list";
Dir::State::userstatus "status.user";
Dir::State::status "/var/lib/dpkg/status";
Dir::Cache "var/cache/apt/";
Dir::Cache::archives "archives/";
Dir::Cache::srcpkgcache "srcpkgcache.bin";
Dir::Cache::pkgcache "pkgcache.bin";
Dir::Etc "etc/apt/";
Dir::Etc::sourcelist "sources.list";
Dir::Etc::sourceparts "sources.list.d";
Dir::Etc::vendorlist "vendors.list";
Dir::Etc::vendorparts "vendors.list.d";
Dir::Etc::main "apt.conf";
Dir::Etc::parts "apt.conf.d";
Dir::Etc::preferences "preferences";
Dir::Bin "";
Dir::Bin::methods "/usr/lib/apt/methods";
Dir::Bin::dpkg "/usr/bin/dpkg";
DPkg "";
DPkg::Pre-Install-Pkgs "";
DPkg::Pre-Install-Pkgs:: "/usr/sbin/dpkg-preconfigure --apt || true";
DPkg::Post-Invoke "";
DPkg::Post-Invoke:: "if [ -x /usr/bin/debsums ]; then /usr/bin/debsums
--generate=nocheck -sp /var/cache/apt/archives; fi";
DPkg::Post-Invoke:: "if [ -x /usr/sbin/localepurge ] && [ $(ps w -p $PPID |
grep -c remove) != 1 ]; then /usr/sbin/localepurge; else exit 0; fi";
Acquire "";
Acquire::http "";
Acquire::http::Pipeline-Depth "3";
-- /etc/apt/preferences --
Package: *
Pin: release a=testing
Pin-Priority: 900
Package: *
Pin: release a=etch
Pin-Priority: 900
Package: *
Pin: release o=Debian
Pin-Priority: -10
-- /etc/apt/sources.list --
deb file:/var/cache/apt-build/repository apt-build main
# Testing sources
deb http://http.us.debian.org/debian/ testing main contrib non-free
# sonic mirrors binaries (slowly!!!)
#deb ftp://ftp.sonic.net/mirrors/debian/ testing main contrib non-free
deb-src http://http.us.debian.org/debian/ testing main contrib non-free
#deb http://non-us.debian.org/debian-non-US testing/non-US main contrib non-free
#deb-src http://non-us.debian.org/debian-non-US testing/non-US main contrib
non-free
# Unstable sources
deb http://http.us.debian.org/debian/ unstable main non-free contrib
#deb ftp://ftp.sonic.net/mirrors/debian/ unstable main contrib non-free
deb-src http://http.us.debian.org/debian/ unstable main non-free contrib
#deb http://non-us.debian.org/debian-non-US unstable/non-US main contrib
non-free
#deb-src http://non-us.debian.org/debian-non-US unstable/non-US main contrib
non-free
# Stable sources
#deb http://http.us.debian.org/debian stable main contrib non-free
#deb http://non-us.debian.org/debian-non-US stable/non-US main contrib non-free
#deb http://security.debian.org stable/updates main contrib non-free
#deb-src http://http.us.debian.org/debian stable main contrib
# Special sources
# java ?
# broke one day
#deb ftp://ftp.tux.org/pub/java/debian unstable main non-free
#deb ftp://ftp.tux.org/pub/java/debian testing main non-free
#experimental UAE
deb http://www.rcdrummond.net/uae sid main
# various contraband
deb ftp://ftp.nerim.net/debian-marillat/ etch main
deb ftp://ftp.nerim.net/debian-marillat/ sid main
# dotgnu
# not using anymore
#deb-src http://mentors.debian.net/debian unstable main
#deb http://mentors.debian.net/debian unstable main
# cross compilers
#deb http://debian.speedblue.org ./
# down
# mrxvt, (some other stuff like libtorrent.. whatever)
deb http://mayhq.org/deb/ ./
deb-src http://mayhq.org/deb/ ./
# xmms2 development versions
# this shit is not working! host down
#deb http://exodus.xmms.se/debian stable main
#deb http://exodus.xmms.se/debian testing main
-- System Information:
Debian Release: testing/unstable
APT prefers testing
APT policy: (990, 'testing')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.14-jsr
Locale: LANG=C, LC_CTYPE=C (charmap=ISO-8859-1) (ignored: LC_ALL set to
en_US.iso88591)
Versions of packages apt depends on:
ii libc6 2.3.5-8 GNU C Library: Shared libraries an
ii libgcc1 1:4.0.2-5 GCC support library
ii libstdc++6 4.0.2-5 The GNU Standard C++ Library v3
apt recommends no packages.
-- no debconf information
--- End Message ---
--- Begin Message ---
Version: 0.6.43.1
I don't think this bug needs to remain open, like I said before. If you
disagree, feel free to reopen it.
--
see shy jo
signature.asc
Description: Digital signature
--- End Message ---
