Your message dated Fri, 19 Jan 2024 19:00:18 +0000
with message-id <e1rqu6e-009sff...@fasolo.debian.org>
and subject line Bug#1060815: fixed in relic 7.6.1-1
has caused the Debian Bug report #1060815,
regarding ITP: relic -- digitally sign Linux/Java/Windows packages
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1060815: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1060815
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: wnpp
Severity: wishlist
Owner: Simon Josefsson <si...@josefsson.org>
* Package name : relic
Version : 7.6.1-1
Upstream Author : SAS Institute, Inc.
* URL : https://github.com/sassoftware/relic
* License : Apache-2.0
Programming Lang: Go
Description : digitally sign Linux/Java/Windows packages
relic is a multi-tool and server for package signing and working with
hardware security modules (HSMs).
.
Package types
.
* RPM - RedHat packages
* DEB - Debian packages
* JAR - Java archives
* EXE (PE/COFF) - Windows executable
* MSI - Windows installer
* appx, appxbundle - Windows universal application
* CAB - Windows cabinet file
* CAT - Windows security catalog
* XAP - Silverlight and legacy Windows Phone applications
* PS1, PS1XML, MOF, etc. - Microsoft Powershell scripts and modules
* manifest, application - Microsoft ClickOnce manifest
* VSIX - Visual Studio extension
* Mach-O - macOS/iOS signed executables
* DMG, PKG - macOS disk images / installer packages
* APK - Android package
* PGP - inline, detached or cleartext signature of data
.
Token types
.
relic can work with several types of token:
.
* pkcs11 - Industry standard PKCS#11 HSM interface using shared object
files
* Cloud services - AWS, Azure and Google Cloud managed keys
* scdaemon - The GnuPG scdaemon service can enable access to OpenPGP
cards (such as Yubikey NEO)
* file - Private keys stored in a password-protected file
.
Features
.
Relic is primarily meant to operate as a signing server, allowing
clients to authenticate with a TLS certificate and sign packages
remotely. It can also be used as a standalone signing tool.
.
Other features include:
.
* Generating and importing keys in the token
* Importing certificate chains from a PKCS#12 file
* Creating X509 certificate signing requests (CSR) and self-signed
certificates
* Limited X509 CA support -- signing CSRs and cross-signing certificates
* Creating simple PGP public keys
* RSA and ECDSA supported for all signature types
* Verify signatures, certificate chains and timestamps on all supported
package types
* Sending audit logs to an AMQP broker, with an optional sealing
signature
* Save token PINs in the system keyring
.
Linux, Windows and MacOS are supported. Other platforms probably work as
well.
.
relic is tested using libsofthsm2 and Gemalto SafeNet Network HSM (Luna
SA).
I hope to maintain this package as part of Debian Go Packaging Team:
https://salsa.debian.org/go-team/packages/relic
/Simon
signature.asc
Description: PGP signature
--- End Message ---
--- Begin Message ---
Source: relic
Source-Version: 7.6.1-1
Done: Simon Josefsson <si...@josefsson.org>
We believe that the bug you reported is fixed in the latest version of
relic, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 1060...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Simon Josefsson <si...@josefsson.org> (supplier of updated relic package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 17 Jan 2024 03:04:27 +0100
Source: relic
Binary: golang-github-sassoftware-relic-dev
Architecture: source all
Version: 7.6.1-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Go Packaging Team <team+pkg...@tracker.debian.org>
Changed-By: Simon Josefsson <si...@josefsson.org>
Description:
golang-github-sassoftware-relic-dev - packaging digital signature tools
(library)
Closes: 1060815
Changes:
relic (7.6.1-1) unstable; urgency=medium
.
* Initial release (Closes: #1060815)
Checksums-Sha1:
21e03c491cf0187536c220b008ce00cb16e60529 1684 relic_7.6.1-1.dsc
9e864c5eabb4197c55929d545efb0ee6992baa4f 900051 relic_7.6.1.orig.tar.gz
08db4e67ef6d7c7fecfc8ffbe5a81ee004a7f2ac 2192 relic_7.6.1-1.debian.tar.xz
a74f487a843acec0580a3ee6fed314e9cdb83ffc 212212
golang-github-sassoftware-relic-dev_7.6.1-1_all.deb
379e62dba3ade43c8a2c375fac72166afa529aac 7280 relic_7.6.1-1_amd64.buildinfo
Checksums-Sha256:
44b6bb189c65bb9aab19f88f15cd95b13a70ac3b490dea14419a686641a43eb6 1684
relic_7.6.1-1.dsc
71c0e7982c970211a130e8414ab685fb6c9b0bb161049661fc6ffafd52694a2c 900051
relic_7.6.1.orig.tar.gz
dc2a79a2edb471ce316c5e845aec2b52948910d29a194d80af6d262cd097a812 2192
relic_7.6.1-1.debian.tar.xz
225b3304e21d17b86549ee8e74eda403288750499d78b75122d870553218939a 212212
golang-github-sassoftware-relic-dev_7.6.1-1_all.deb
a1b1b2e5b31dee839bb6193f12fd44879ebb9fd78c48d40d06f9516e9a4aacee 7280
relic_7.6.1-1_amd64.buildinfo
Files:
8d53b2b1f3757985821e0430aab2a901 1684 golang optional relic_7.6.1-1.dsc
c09464c0a2cc8d585ce439c5f14a4062 900051 golang optional relic_7.6.1.orig.tar.gz
c68f03ff4b17cf6f14309f22fd373532 2192 golang optional
relic_7.6.1-1.debian.tar.xz
6afd60e88e4e44ea570c27e310376e56 212212 golang optional
golang-github-sassoftware-relic-dev_7.6.1-1_all.deb
4d642c132bfb7cc1fc9e2a46dabfcf49 7280 golang optional
relic_7.6.1-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iIoEARYIADIWIQSjzJyHC50xCrrUzy9RcisI/kdFogUCZac1/BQcc2ltb25Aam9z
ZWZzc29uLm9yZwAKCRBRcisI/kdFoscZAQDA8DWnWlMWCfyDN78/JmsZhtIHEjMC
1JADFHJsllNrmwD/c+jwSjqQtyb3tVJJp/F3gKxYWJMGDCGU+IduIjogSgU=
=Kyzd
-----END PGP SIGNATURE-----
--- End Message ---
