Hi Colin,
On Mar 18, 2016, at 09:19 PM, Colin Watson wrote:
>This change has caused quite a bit of fallout, both in Debian and Ubuntu
>(and quite probably elsewhere). On the whole I approve of the direction
>of the changes so haven't been lobbying to have them reversed, although
>the timing is a little inconvenient! The main thing Ubuntu developers
>may have noticed is that Launchpad is currently failing to import source
>packages from Debian, so you can't yet use syncpackage for packages
>processed after the changes in the mail quoted above. I've been working
>hard on that in the latter half of this week.
Thanks for working so hard on re-enabling syncpackage. I'm building up a
stack of syncs for once this is working again. Do you have a rough ETA for
when all the fixes will land and how long it will take to clear the backlog?
> * Having upgraded debmirror, we now find that it's doing slightly
> stricter signature checking, so it fails because our
> debian-archive-keyring package is old enough that it only has one of
> the keys used to sign current Debian suites. I've requested a
> backport, which Canonical staff can track in
> https://portal.admin.canonical.com/89843.
From the ticket, ETA for this is "1-2 weeks".
> * The program that actually does the import will also break due to the
> removal of gzip and the removal of weaker checksums. I've proposed a
> branch to fix this
> (https://code.launchpad.net/~cjwatson/launchpad/gina-stronger-checksums/+merge/289505),
> and we should be able to deploy something like this early next week.
Merged.
>People running xenial may also have noticed that apt is now complaining
>on update about weak signatures on PPAs (and perhaps other archives too,
>but we have no control over those). There's a fix for this pending
>deployment
>(https://code.launchpad.net/~cjwatson/launchpad/digest-algo-sha512/+merge/289052,
>which we might amend with
>https://code.launchpad.net/~cjwatson/launchpad/digest-algo-sha384/+merge/289479)
sha512 branch is merged, sha384 branch is rejected.
>It never rains but it pours; but with any luck this will be enough
>catch-up work for a while once we're finished ...
Can't wait. ;)
Cheers,
-Barry
