On Tue 2017-05-30 22:48:20 +0200, Cyril Brulebois wrote: > Jonathan Wiltshire <j...@debian.org> (2017-05-30): >> Control: tag -1 moreinfo >> >> On Tue, May 30, 2017 at 12:41:48PM -0400, Daniel Kahn Gillmor wrote: >> > Please unblock package gnupg2 >> > >> > The gnupg2 source package 2.1.18-8 contains a significant number of >> > useful fixes from 2.1.18-6, and should be propagated into testing. >> >> Cc-ing the d-i RM for an ack. > > TBF I'm not thrilled by the amount of patches and the limited time before > the release. :(
I'm also not thrilled by the amount of patches, but these are clear
bugfixes from upstream. They've been in unstable for several weeks now,
and i've avoided an unblock specifically because i wanted to hear from
people that they solve their problems and don't introduce new ones.
that seems to be the case. :/
> ISTR we mainly use gpgv from src:gnupg2, through the gpgv-udeb package.
> Any chance you could pinpoint changesets affecting it, so that I can
> concentrate on those only?
sure thing. Most of these don't affect gpgv. The most relevant patches
for gpgv are these two patches from upstream which have an effect on the
use of specific file descriptors (the first catches errors in
mis-configured invocations, and the second ensures that gpgv works
cross-platform on windows):
0032-gpg-common-Make-sure-that-all-fd-given-are-valid.patch
debian/patches/0040-gpgv-w32-Fix-status-fd.patch
however, the following other patches since 2.1.18-6 all touch some
source file that contributes to the build of gpgv, though i think none
of them are relevant for gpgv generally, let alone for d-i's specific
use of gpgv -- the gpgv source is just mixed together with
GnuPG's other functionality:
0044-gpg-Make-export-options-work-with-export-secret-keys.patch
0048-gpg-Fix-attempt-to-double-free-an-UID-structure.patch
0050-gpg-Flush-stdout-before-printing-stats-with-check-si.patch
0059-gpg-Handle-critical-marked-Reason-for-Revocation.patch
0065-gpg-Fix-printing-of-offline-taken-subkey.patch
0072-g10-Minor-fixes.patch
0074-g10-invalidate-the-fd-cache-for-keyring.patch
avoid-spurious-warnings/0078-gpg-Avoid-spurious-warnings-about-trust-packets.patch
skel-file-removal/0077-g10-remove-skeleton-options-files.patch
skip-missing-signing-keys/0076-g10-Skip-signing-keys-where-no-secret-key-is-availab.patch
(for example, gpgv doesn't do export-secret-keys at all, but it does
include g10/main.h, which that 0044-*.patch does have to modify.
similarly, gpgv doesn't read config files at all, but
skel-file-removal/0077*.patch touches g10/openfile.c.)
Let me know if you have any more questions,
--dkg
signature.asc
Description: PGP signature
