| Summary: | net-vpn/tor-0.4.6.10 fails to unpack: Unsigned distfiles found | ||
|---|---|---|---|
| Product: | Gentoo Linux | Reporter: | Jaak Ristioja <jaak> |
| Component: | Current packages | Assignee: | Anthony Basile <blueness> |
| Status: | RESOLVED FIXED | ||
| Severity: | normal | CC: | matthew, mgorny, sam |
| Priority: | Normal | Keywords: | PullRequest |
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| See Also: | https://github.com/gentoo/gentoo/pull/24180 | ||
| Whiteboard: | |||
| Package list: | Runtime testing required: | --- | |
|
Description
Jaak Ristioja
2022-02-14 07:18:47 UTC
Needs an eclass change due to a change in how the sigs are done, I think. blueness was looking at it but I think mgorny is too (instead?): https://github.com/gentoo/gentoo/pull/24180. Also: [00:10] <sam_> mgorny: blueness: see https://forum.torproject.net/t/release-0-4-5-12-and-0-4-6-10/2024/4 for discussion on PGP key [00:10] <sam_> I did see some dsicussion of someone new doing release about a month ago too For the record, I think it looks extremely unprofessional of us to do a bump with failing signature verification. It basically tells our users "they didn't verify it" (even if that's not true). The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=70c0ad68b27a716ca291f63604a56b227d87ade0 commit 70c0ad68b27a716ca291f63604a56b227d87ade0 Author: Michał Górny <mgorny@gentoo.org> AuthorDate: 2022-02-13 15:22:19 +0000 Commit: Anthony G. Basile <blueness@gentoo.org> CommitDate: 2022-02-16 19:19:31 +0000 net-vpn/tor: Fix checksum + signature verification Closes: https://bugs.gentoo.org/833303 Signed-off-by: Michał Górny <mgorny@gentoo.org> Signed-off-by: Anthony G. Basile <blueness@gentoo.org> net-vpn/tor/Manifest | 4 ++-- net-vpn/tor/tor-0.4.6.10.ebuild | 14 +++++++++++++- 2 files changed, 15 insertions(+), 3 deletions(-) |
