[Bug 1995247] Re: Leftover /tmp/apt-key.* files after updates with embedded gpg keys in deb822 sources
Chris Halse Rogers
1995247 at bugs.launchpad.net
Wed Apr 19 02:31:13 UTC 2023
Ok. My understanding of this bug is that it's unlikely to make anyone's
system unusable, and lunar is very nearly released, so there's (very
nearly) an upgrade path that preserves the fix. Marking the kinetic task
as Wont Fix, and releasing to jammy.
** Changed in: apt (Ubuntu Kinetic)
Status: Fix Committed => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1995247
Title:
Leftover /tmp/apt-key.* files after updates with embedded gpg keys in
deb822 sources
Status in apt package in Ubuntu:
Fix Released
Status in apt source package in Jammy:
Fix Released
Status in apt source package in Kinetic:
Won't Fix
Status in apt source package in Lunar:
Fix Released
Bug description:
[Impact]
When keys are embedded into deb822 sources files as Signed-By, apt writes them to a temporary file, but the code to delete them accidentally had an if (0) in front of the deletion, so they don't get deleted and accumulate with each `apt update` run.
[Test plan]
Including a test case for this in our comprehensive integration test suite which runs as autopkgtest, so passing autopkgtest = good.
[Where problems could occur]
Files could end up being removed too soon if the code is otherwise wrong?
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1995247/+subscriptions
More information about the foundations-bugs
mailing list