[pkg-gnupg-maint] Bug#1042391: gpgv: add --min-rsa-length
Julian Andres Klode
jak at debian.org
Thu Jul 27 11:25:31 BST 2023
Control: notfound -1 2.2.40-1.1ubuntu1
Control: found 2.2.40-1.1
sorry about that, too quick to send :(
On Thu, Jul 27, 2023 at 12:16:54PM +0200, Julian Andres Klode wrote:
> Package: gpgv
> Version: 2.2.40-1.1ubuntu1
> Severity: normal
> X-Debbugs-Cc: jak at debian.org
>
> I believe this allows APT to request a safe minimum RSA length from gpgv for
> verification purposes, and then we could even run gpgv a 2nd time
> without the flag and print a diagnostic for an orderly transition to
> at least 2048R.
>
>
> -- System Information:
> Debian Release: trixie/sid
> APT prefers mantic
> APT policy: (500, 'mantic')
> Architecture: amd64 (x86_64)
> Foreign Architectures: i386
>
> Kernel: Linux 6.3.0-7-generic (SMP w/16 CPU threads; PREEMPT)
> Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_WARN, TAINT_OOT_MODULE
> Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to C.UTF-8), LANGUAGE not set
> Shell: /bin/sh linked to /usr/bin/dash
> Init: systemd (via /run/systemd/system)
> LSM: AppArmor: enabled
>
> Versions of packages gpgv depends on:
> ii libbz2-1.0 1.0.8-5build1
> ii libc6 2.37-0ubuntu2
> ii libgcrypt20 1.10.2-2ubuntu1
> ii libgpg-error0 1.46-1
> ii zlib1g 1:1.2.13.dfsg-1ubuntu4
>
> gpgv recommends no packages.
>
> Versions of packages gpgv suggests:
> ii gnupg 2.2.40-1.1ubuntu1
>
> -- no debconf information
>
> --
> debian developer - deb.li/jak | jak-linux.org - free software dev
> ubuntu core developer i speak de, en
--
debian developer - deb.li/jak | jak-linux.org - free software dev
ubuntu core developer i speak de, en
More information about the pkg-gnupg-maint
mailing list