[Pkg-privacy-commits] [Git][pkg-privacy-team/torbrowser-launcher][debian/stretch-backports-sloppy] 8 commits: Update TBB signing key by removing spammed sigs

Roger Shimizu rosh at debian.org
Thu Sep 10 16:48:40 BST 2020



Roger Shimizu pushed to branch debian/stretch-backports-sloppy at Privacy Maintainers / torbrowser-launcher


Commits:
72b87f50 by Roger Shimizu at 2020-09-08T21:56:44+09:00
Update TBB signing key by removing spammed sigs

And clean the key, and export to text armor by command:
  TEMP=temp_gpg
  mkdir -p $TEMP
  chmod 700 $TEMP
  gpg --homedir $TEMP -v --import new.key
  gpg --homedir $TEMP -a --export-options export-minimal --export '4E2C6E8793298290' > share/torbrowser-launcher/tor-browser-developers.asc
  rm -rf $TEMP

- - - - -
f83349ae by Roger Shimizu at 2020-09-09T01:47:28+09:00
d/patches: Add patch to use /usr/bin/gpg instead of /usr/bin/gpg2

Closes: #969901

- - - - -
68908ebd by Roger Shimizu at 2020-09-09T02:04:29+09:00
d/control: Add gnupg as depends

- - - - -
92bf2ef1 by Roger Shimizu at 2020-09-09T02:04:53+09:00
Prepare to release 0.3.2-13

- - - - -
be1fb42f by Roger Shimizu at 2020-09-09T22:20:37+09:00
Merge tag 'debian/0.3.2-13' into debian/buster-backports

- - - - -
7ed9fca0 by Roger Shimizu at 2020-09-09T22:20:51+09:00
Rebuild as 0.3.2-13~bpo10+1 for buster-backports

- - - - -
baa521a8 by Roger Shimizu at 2020-09-11T00:26:39+09:00
Merge branch 'debian/buster-backports' into debian/stretch-backports-sloppy

- - - - -
bc136fcb by Roger Shimizu at 2020-09-11T00:27:14+09:00
Rebuild as 0.3.2-13~bpo9+1 for stretch-backports-sloppy

- - - - -


5 changed files:

- debian/changelog
- debian/control
- debian/patches/0028-Update-Tor-Browser-Developers-public-key-481.patch
- + debian/patches/0030-Use-gpg-instead-of-gpg2.patch
- debian/patches/series


Changes:

=====================================
debian/changelog
=====================================
@@ -1,3 +1,26 @@
+torbrowser-launcher (0.3.2-13~bpo9+1) stretch-backports-sloppy; urgency=medium
+
+  * Rebuild for stretch-backports-sloppy.
+
+ -- Roger Shimizu <rosh at debian.org>  Fri, 11 Sep 2020 00:27:13 +0900
+
+torbrowser-launcher (0.3.2-13~bpo10+1) buster-backports; urgency=medium
+
+  * Rebuild for buster-backports.
+
+ -- Roger Shimizu <rosh at debian.org>  Wed, 09 Sep 2020 22:20:51 +0900
+
+torbrowser-launcher (0.3.2-13) unstable; urgency=medium
+
+  * debian/patches:
+    - Update patch to update TBB signing key by removing spammed sigs.
+    - Add patch to use /usr/bin/gpg instead of /usr/bin/gpg2
+      (Closes: #969901).
+  * debian/control:
+    - Add gnupg as depends.
+
+ -- Roger Shimizu <rosh at debian.org>  Wed, 09 Sep 2020 02:04:53 +0900
+
 torbrowser-launcher (0.3.2-12~bpo9+1) stretch-backports-sloppy; urgency=medium
 
   * Rebuild for stretch-backports-sloppy.


=====================================
debian/control
=====================================
@@ -26,6 +26,7 @@ Depends:
  ${misc:Depends},
  ${python3:Depends},
  ca-certificates,
+ gnupg,
  libdbus-glib-1-2,
  python3-gpg,
  python3-pyqt5,


=====================================
debian/patches/0028-Update-Tor-Browser-Developers-public-key-481.patch
=====================================
The diff for this file was not included because it is too large.

=====================================
debian/patches/0030-Use-gpg-instead-of-gpg2.patch
=====================================
@@ -0,0 +1,22 @@
+From: Roger Shimizu <rosh at debian.org>
+Date: Wed, 9 Sep 2020 01:46:15 +0900
+Subject: Use /usr/bin/gpg instead of /usr/bin/gpg2
+
+Closes: #969901
+---
+ torbrowser_launcher/common.py | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/torbrowser_launcher/common.py b/torbrowser_launcher/common.py
+index 9cff5dc..f3cd13a 100644
+--- a/torbrowser_launcher/common.py
++++ b/torbrowser_launcher/common.py
+@@ -203,7 +203,7 @@ class Common(object):
+         else:
+             print('Refreshing local keyring...')
+ 
+-        p = subprocess.Popen(['/usr/bin/gpg2', '--status-fd', '2',
++        p = subprocess.Popen(['/usr/bin/gpg', '--status-fd', '2',
+                               '--homedir', self.paths['gnupg_homedir'],
+                               '--keyserver', 'hkps://keys.openpgp.org',
+                               '--refresh-keys'], stderr=subprocess.PIPE)


=====================================
debian/patches/series
=====================================
@@ -27,3 +27,4 @@
 0027-AppArmor-Support-pluggable-transports-especially-mee.patch
 0028-Update-Tor-Browser-Developers-public-key-481.patch
 0029-AppArmor-silence-sys_admin-capability.patch
+0030-Use-gpg-instead-of-gpg2.patch



View it on GitLab: https://salsa.debian.org/pkg-privacy-team/torbrowser-launcher/-/compare/872a3541cf63ba378bf4544270fa7e4e29afa739...bc136fcbdaec79aeb10b141c6ed3c8d5bdb94334

-- 
View it on GitLab: https://salsa.debian.org/pkg-privacy-team/torbrowser-launcher/-/compare/872a3541cf63ba378bf4544270fa7e4e29afa739...bc136fcbdaec79aeb10b141c6ed3c8d5bdb94334
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-privacy-commits/attachments/20200910/48d70ce4/attachment-0001.html>


More information about the Pkg-privacy-commits mailing list