| Message ID | 20230201105414.1593373-1-felix.moessbauer@siemens.com |
|---|---|
| State | Superseded, archived |
| Headers | show |
| Series | [v2,1/1] meta: Update debian ports signing key | expand |
On 01.02.23 11:54, Felix Moessbauer wrote: > Remove the expired 2022 key (ID: E852514F5DF312F6). > > Replace the 2023 key due to an upstream replacement: > "Extend the 2023 key (ID: B523E5F3FC4E5F2C) by one year to fix the wrong > expiration date." > > Added Debian Ports Archive Automatic Signing Key (2024) > (ID: 8D69674688B6CB36) in advance. It will be used for signing > starting from 2024 Feb 01. > > These changes are made in sync with the debian-ports-archive-keyring, > version 2023.02.01 package. > > Signed-off-by: Felix Moessbauer <felix.moessbauer@siemens.com> > --- > This fixes the build issue on sid-ports from 01. Feb 2023 on. > I would be very happy if a second person could have a look into > the update and Ack that change. The upstream details can be > found in [1]. > > Best regards, > Felix Moessbauer > Siemens AG > > [1] https://metadata.ftp-master.debian.org/changelogs/main/d/debian-ports-archive-keyring/debian-ports-archive-keyring_2023.02.01_changelog > > meta/conf/distro/debian-sid-ports.conf | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/meta/conf/distro/debian-sid-ports.conf b/meta/conf/distro/debian-sid-ports.conf > index e71a467d..4d10e55d 100644 > --- a/meta/conf/distro/debian-sid-ports.conf > +++ b/meta/conf/distro/debian-sid-ports.conf > @@ -10,8 +10,8 @@ BASE_DISTRO_CODENAME = "sid" > > HOST_DISTRO ?= "debian-sid" > > -DEBIAN_PORTS_KEYS += "https://www.ports.debian.org/archive_2022.key;sha256sum=213531906f80d79a5dbc8573f57f2a2831b71383cc2d568feba97bb4db94adcc" That should make people unhappy using the 2022 snapshot (like isar-cip-core), no? Jan > -DEBIAN_PORTS_KEYS += "https://www.ports.debian.org/archive_2023.key;sha256sum=cd29cb45654c2d31e8c56c6215838bd7e2d29612021ab04486109e82175a0a98" > +DEBIAN_PORTS_KEYS += "https://www.ports.debian.org/archive_2023.key;sha256sum=a29b938b9f302dc7386cc77a743f50b1fe2a55eb17a9a22db938492047f59f3f" > +DEBIAN_PORTS_KEYS += "https://www.ports.debian.org/archive_2024.key;sha256sum=d7c297ea226bb685ac68195d0b61078f8964a611136b11b9514babfa3b92c448" > > DISTRO_APT_SOURCES = "conf/distro/debian-${BASE_DISTRO_CODENAME}-ports.list" > DISTRO_BOOTSTRAP_KEYS += "${DEBIAN_PORTS_KEYS}"
On Wed, 2023-02-01 at 12:36 +0100, Jan Kiszka wrote: > On 01.02.23 11:54, Felix Moessbauer wrote: > > Remove the expired 2022 key (ID: E852514F5DF312F6). > > > > Replace the 2023 key due to an upstream replacement: > > "Extend the 2023 key (ID: B523E5F3FC4E5F2C) by one year to fix the > > wrong > > expiration date." > > > > Added Debian Ports Archive Automatic Signing Key (2024) > > (ID: 8D69674688B6CB36) in advance. It will be used for signing > > starting from 2024 Feb 01. > > > > These changes are made in sync with the debian-ports-archive- > > keyring, > > version 2023.02.01 package. > > > > Signed-off-by: Felix Moessbauer <felix.moessbauer@siemens.com> > > --- > > This fixes the build issue on sid-ports from 01. Feb 2023 on. > > I would be very happy if a second person could have a look into > > the update and Ack that change. The upstream details can be > > found in [1]. > > > > Best regards, > > Felix Moessbauer > > Siemens AG > > > > [1] > > https://metadata.ftp-master.debian.org/changelogs/main/d/debian-ports-archive-keyring/debian-ports-archive-keyring_2023.02.01_changelog > > > > meta/conf/distro/debian-sid-ports.conf | 4 ++-- > > 1 file changed, 2 insertions(+), 2 deletions(-) > > > > diff --git a/meta/conf/distro/debian-sid-ports.conf > > b/meta/conf/distro/debian-sid-ports.conf > > index e71a467d..4d10e55d 100644 > > --- a/meta/conf/distro/debian-sid-ports.conf > > +++ b/meta/conf/distro/debian-sid-ports.conf > > @@ -10,8 +10,8 @@ BASE_DISTRO_CODENAME = "sid" > > > > HOST_DISTRO ?= "debian-sid" > > > > -DEBIAN_PORTS_KEYS += " > > https://www.ports.debian.org/archive_2022.key;sha256sum=213531906f80d79a5dbc8573f57f2a2831b71383cc2d568feba97bb4db94adcc > > " > > That should make people unhappy using the 2022 snapshot (like > isar-cip-core), no? Good point. There, we don't check for expiry but still need a "valid" key. I'll push a v3 where the old key is still included. Felix > > Jan > > > -DEBIAN_PORTS_KEYS += " > > https://www.ports.debian.org/archive_2023.key;sha256sum=cd29cb45654c2d31e8c56c6215838bd7e2d29612021ab04486109e82175a0a98 > > " > > +DEBIAN_PORTS_KEYS += " > > https://www.ports.debian.org/archive_2023.key;sha256sum=a29b938b9f302dc7386cc77a743f50b1fe2a55eb17a9a22db938492047f59f3f > > " > > +DEBIAN_PORTS_KEYS += " > > https://www.ports.debian.org/archive_2024.key;sha256sum=d7c297ea226bb685ac68195d0b61078f8964a611136b11b9514babfa3b92c448 > > " > > > > DISTRO_APT_SOURCES = "conf/distro/debian-${BASE_DISTRO_CODENAME}- > > ports.list" > > DISTRO_BOOTSTRAP_KEYS += "${DEBIAN_PORTS_KEYS}" >
diff --git a/meta/conf/distro/debian-sid-ports.conf b/meta/conf/distro/debian-sid-ports.conf index e71a467d..4d10e55d 100644 --- a/meta/conf/distro/debian-sid-ports.conf +++ b/meta/conf/distro/debian-sid-ports.conf @@ -10,8 +10,8 @@ BASE_DISTRO_CODENAME = "sid" HOST_DISTRO ?= "debian-sid" -DEBIAN_PORTS_KEYS += "https://www.ports.debian.org/archive_2022.key;sha256sum=213531906f80d79a5dbc8573f57f2a2831b71383cc2d568feba97bb4db94adcc" -DEBIAN_PORTS_KEYS += "https://www.ports.debian.org/archive_2023.key;sha256sum=cd29cb45654c2d31e8c56c6215838bd7e2d29612021ab04486109e82175a0a98" +DEBIAN_PORTS_KEYS += "https://www.ports.debian.org/archive_2023.key;sha256sum=a29b938b9f302dc7386cc77a743f50b1fe2a55eb17a9a22db938492047f59f3f" +DEBIAN_PORTS_KEYS += "https://www.ports.debian.org/archive_2024.key;sha256sum=d7c297ea226bb685ac68195d0b61078f8964a611136b11b9514babfa3b92c448" DISTRO_APT_SOURCES = "conf/distro/debian-${BASE_DISTRO_CODENAME}-ports.list" DISTRO_BOOTSTRAP_KEYS += "${DEBIAN_PORTS_KEYS}"
Remove the expired 2022 key (ID: E852514F5DF312F6). Replace the 2023 key due to an upstream replacement: "Extend the 2023 key (ID: B523E5F3FC4E5F2C) by one year to fix the wrong expiration date." Added Debian Ports Archive Automatic Signing Key (2024) (ID: 8D69674688B6CB36) in advance. It will be used for signing starting from 2024 Feb 01. These changes are made in sync with the debian-ports-archive-keyring, version 2023.02.01 package. Signed-off-by: Felix Moessbauer <felix.moessbauer@siemens.com> --- This fixes the build issue on sid-ports from 01. Feb 2023 on. I would be very happy if a second person could have a look into the update and Ack that change. The upstream details can be found in [1]. Best regards, Felix Moessbauer Siemens AG [1] https://metadata.ftp-master.debian.org/changelogs/main/d/debian-ports-archive-keyring/debian-ports-archive-keyring_2023.02.01_changelog meta/conf/distro/debian-sid-ports.conf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)