Re: Please re-sign a few security builds
On Tue, Jul 26, 2011 at 12:51:41PM +0200, Kurt Roeckx wrote:
> On Mon, Jul 25, 2011 at 05:44:00PM +0200, Moritz Muehlenhoff wrote:
> > Hi wanna-build team,
> > due to the key rollover a few security packages got rejected after
> > running "dak new-security-install" on the changes file; the key was
> > valid when the files were accepted for upload, but the key expired
> > when the actual release happened.
> >
> > As discussed with Phil here are the files, which need to be re-signed:
> >
> > krb5-appl_1.0.1-1.1_i386.reason
> > krb5-appl_1.0.1-1.1_ia64.reason
> > krb5-appl_1.0.1-1.1_mipsel.reason
> > krb5-appl_1.0.1-1.1_mips.reason
> > krb5-appl_1.0.1-1.1_powerpc.reason
> > krb5-appl_1.0.1-1.1_s390.reason
> > krb5-appl_1.0.1-1.1_sparc.reason
> > opensaml2_2.0-2+lenny3_alpha.reason
> > opensaml2_2.0-2+lenny3_amd64.reason
> > opensaml2_2.0-2+lenny3_armel.reason
> > opensaml2_2.0-2+lenny3_hppa.reason
> > opensaml2_2.0-2+lenny3_ia64.reason
> > opensaml2_2.0-2+lenny3_mipsel.reason
> > opensaml2_2.0-2+lenny3_mips.reason
> > opensaml2_2.0-2+lenny3_s390.reason
> > opensaml2_2.0-2+lenny3_sparc.reason
> > opensaml2_2.3-2+squeeze1_amd64.reason
> > opensaml2_2.3-2+squeeze1_ia64.reason
> > opensaml2_2.3-2+squeeze1_mipsel.reason
> > opensaml2_2.3-2+squeeze1_s390.reason
> > opensaml2_2.3-2+squeeze1_sparc.reason
> > qemu-kvm_0.12.5+dfsg-5+squeeze6_amd64.reason
> >
> > If you can't fix it, I'll go bug FTP masters here at DebConf.
>
> I think you're going to have to do that in any case? Or can we
> just reupload the .deb files too?
Phil said something along the lines of the debs still being
on the buildds, so it would be sufficient to resign them with
the correct key, which would lead to them being reuploaded
to security-master and processed like any other build, which
arrived after a DSA release.
Cheers,
Moritz
Reply to: