<feed xmlns='http://www.w3.org/2005/Atom'>
<title>apt/test/integration/test-method-gpgv, branch main</title>
<subtitle>Debians commandline package manager</subtitle>
<id>https://git.kalnischkies.de/apt/atom?h=main</id>
<link rel='self' href='https://git.kalnischkies.de/apt/atom?h=main'/>
<link rel='alternate' type='text/html' href='https://git.kalnischkies.de/apt/'/>
<updated>2024-12-19T22:41:01Z</updated>
<entry>
<title>Use sq in the test suite, remove apt-key</title>
<updated>2024-12-19T22:41:01Z</updated>
<author>
<name>Julian Andres Klode</name>
<email>julian.klode@canonical.com</email>
</author>
<published>2024-12-19T21:11:04Z</published>
<link rel='alternate' type='text/html' href='https://git.kalnischkies.de/apt/commit/?id=a00fbbdb28cc31e78882301c2efe7218583ab4cb'/>
<id>urn:sha1:a00fbbdb28cc31e78882301c2efe7218583ab4cb</id>
<content type='text'>
Remove the test case for MD5 and expired signatures, as we can't
create them (can't set signing digest, and can't set signature
expiry).

Tests for them have been added to test-method-gpgv instead.

We override sq in a function with cert-store and key-store
set to none.

This supports both sq 0.40 and sq 1.0.
</content>
</entry>
<entry>
<title>Directly call gpgv instead of apt-key</title>
<updated>2024-11-28T18:01:36Z</updated>
<author>
<name>Julian Andres Klode</name>
<email>jak@debian.org</email>
</author>
<published>2024-11-23T18:59:24Z</published>
<link rel='alternate' type='text/html' href='https://git.kalnischkies.de/apt/commit/?id=325b0c89358dae042ebfe0ba6dcbcc43253927a6'/>
<id>urn:sha1:325b0c89358dae042ebfe0ba6dcbcc43253927a6</id>
<content type='text'>
</content>
</entry>
<entry>
<title>Only revoke weak RSA keys for now, add 'next' and 'future' levels</title>
<updated>2024-07-15T17:17:55Z</updated>
<author>
<name>Julian Andres Klode</name>
<email>julian.klode@canonical.com</email>
</author>
<published>2024-07-15T17:13:58Z</published>
<link rel='alternate' type='text/html' href='https://git.kalnischkies.de/apt/commit/?id=47deb766c0a11c54d122197531279677545459af'/>
<id>urn:sha1:47deb766c0a11c54d122197531279677545459af</id>
<content type='text'>
Algorithms not in the next level give a warning, algorithms
in not in the future level introduce an audit message for
the --audit flag.

next: &gt;=rsa2048,ed25519,ed448,nistp256,nistp384,nistp512
future: &gt;=rsa3072,ed25519,ed448

LP: #2073126
</content>
</entry>
<entry>
<title>Revert "Temporarily downgrade key assertions to "soon worthless""</title>
<updated>2024-04-09T17:59:52Z</updated>
<author>
<name>Julian Andres Klode</name>
<email>julian.klode@canonical.com</email>
</author>
<published>2024-04-09T17:56:26Z</published>
<link rel='alternate' type='text/html' href='https://git.kalnischkies.de/apt/commit/?id=81c65f7e86b8f16eaaa91d9c205a594b0ebde159'/>
<id>urn:sha1:81c65f7e86b8f16eaaa91d9c205a594b0ebde159</id>
<content type='text'>
We temporarily downgraded the errors to warnings to give the
launchpad PPAs time to be fixed, but warnings are not safe:
Untrusted keys could be hiding on your system, but just not
used at the moment. Hence revert this so we get the errors we
want.

This reverts commit 66998ed3d299bede651ad40368bdb270f5f5b0f9.

LP: #2060721
Gbp-Dch: full
</content>
</entry>
<entry>
<title>Temporarily downgrade key assertions to "soon worthless"</title>
<updated>2024-02-28T17:22:01Z</updated>
<author>
<name>Julian Andres Klode</name>
<email>julian.klode@canonical.com</email>
</author>
<published>2024-02-28T16:04:05Z</published>
<link rel='alternate' type='text/html' href='https://git.kalnischkies.de/apt/commit/?id=66998ed3d299bede651ad40368bdb270f5f5b0f9'/>
<id>urn:sha1:66998ed3d299bede651ad40368bdb270f5f5b0f9</id>
<content type='text'>
This will only issue warnings instead of errors while we continue
cleaning up our repositories.
</content>
</entry>
<entry>
<title>Rename 'weak digest algorithm' to 'weak algorithm'</title>
<updated>2024-02-28T17:22:01Z</updated>
<author>
<name>Julian Andres Klode</name>
<email>julian.klode@canonical.com</email>
</author>
<published>2024-02-28T15:52:33Z</published>
<link rel='alternate' type='text/html' href='https://git.kalnischkies.de/apt/commit/?id=8a14c18c5b487139948dcb22abd37bffdd9cf5f4'/>
<id>urn:sha1:8a14c18c5b487139948dcb22abd37bffdd9cf5f4</id>
<content type='text'>
This allows us to render public key algorithms as weak as well.
</content>
</entry>
<entry>
<title>Implement gpgv --assert-pubkey-algo=&gt;=rsa2048,ed25519,ed448</title>
<updated>2024-02-28T17:22:01Z</updated>
<author>
<name>Julian Andres Klode</name>
<email>julian.klode@canonical.com</email>
</author>
<published>2024-02-28T14:14:43Z</published>
<link rel='alternate' type='text/html' href='https://git.kalnischkies.de/apt/commit/?id=50e3fee26ae843a812b1c9ec8531946931773fd3'/>
<id>urn:sha1:50e3fee26ae843a812b1c9ec8531946931773fd3</id>
<content type='text'>
The assertion can be overriden using apt::key::assert-pubkey-algo,
the default is the most opinionated one.

This will inform the user during apt-cdrom add as we do not
pass --quiet to user, so adjust test case.

Add a simple test case for it to test-method-gpgv.

LP: #2055193
</content>
</entry>
<entry>
<title>gpgv: Add a reason to worthless signers</title>
<updated>2024-02-28T17:21:01Z</updated>
<author>
<name>Julian Andres Klode</name>
<email>julian.klode@canonical.com</email>
</author>
<published>2024-02-28T13:49:48Z</published>
<link rel='alternate' type='text/html' href='https://git.kalnischkies.de/apt/commit/?id=60d653634f889abe09c0f4d88f2559eab9202635'/>
<id>urn:sha1:60d653634f889abe09c0f4d88f2559eab9202635</id>
<content type='text'>
</content>
</entry>
<entry>
<title>Fail on non-signature lines in Release.gpg</title>
<updated>2019-01-23T21:48:16Z</updated>
<author>
<name>David Kalnischkies</name>
<email>david@kalnischkies.de</email>
</author>
<published>2019-01-23T19:50:29Z</published>
<link rel='alternate' type='text/html' href='https://git.kalnischkies.de/apt/commit/?id=e2965b0b6bdd68ffcad0e06d11755412a7e16e50'/>
<id>urn:sha1:e2965b0b6bdd68ffcad0e06d11755412a7e16e50</id>
<content type='text'>
The exploit for CVE-2019-3462 uses the fact that a Release.gpg file can
contain additional content beside the expected detached signature(s).
We were passing the file unchecked to gpgv which ignores these extras
without complains, so we reuse the same line-reading implementation we
use for InRelease splitting to detect if a Release.gpg file contains
unexpected data and fail in this case given that we in the previous
commit we established that we fail in the similar InRelease case now.
</content>
</entry>
<entry>
<title>Communicate back which key(s) were used for signing</title>
<updated>2019-01-22T11:24:22Z</updated>
<author>
<name>David Kalnischkies</name>
<email>david@kalnischkies.de</email>
</author>
<published>2018-09-11T23:44:18Z</published>
<link rel='alternate' type='text/html' href='https://git.kalnischkies.de/apt/commit/?id=7bf533967fb385b9625a1ee4dd7c6542a84b489c'/>
<id>urn:sha1:7bf533967fb385b9625a1ee4dd7c6542a84b489c</id>
<content type='text'>
Telling the acquire system which keys caused the gpgv method to
succeed allows us for now just a casual check if the gpgv method
really executed catching bugs like CVE-2018-0501, but we will make use
of the information for better features in the following commits.
</content>
</entry>
</feed>
