[Bug 1078697] Re: Ubuntu archive is missing SHA-1/SHA-256 hashes for some packages

Brian Murray brian at ubuntu.com
Thu Apr 18 23:23:57 UTC 2013 

Hello Paul, or anyone else affected,

Accepted apt into precise-proposed. The package will build now and be
available at
http://launchpad.net/ubuntu/+source/apt/0.8.16~exp12ubuntu10.11 in a few
hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to
enable and use -proposed.  Your feedback will aid us getting this update
out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, and change the tag
from verification-needed to verification-done. If it does not fix the
bug for you, please add a comment stating that, and change the tag to
verification-failed.  In either case, details of your testing will help
us make a better decision.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance!

** Changed in: apt (Ubuntu Precise)
       Status: In Progress => Fix Committed

** Tags added: verification-needed

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1078697

Title:
  Ubuntu archive is missing SHA-1/SHA-256 hashes for some packages

Status in Launchpad itself:
  Triaged
Status in “apt” package in Ubuntu:
  Fix Released
Status in “apt” source package in Precise:
  Fix Committed
Status in “apt” source package in Raring:
  Fix Released

Bug description:
  As part of the Debian derivatives census, we are doing some checks on
  all derivatives. We noticed that a number of source packages are missing
  SHA-1/SHA-256 hashes. You may have inherited this issue from Debian, we
  had the same issue until recently. Here are some sample messages from
  the report below, which is generated daily.

  WARNING: source cvstrac 2.0.1-3: SHA-256 hashes but no hash for the dsc file
  WARNING: source cvstrac 2.0.1-3: SHA-1 hashes but no hash for the dsc file
  WARNING: source diveintopython 5.4-2ubuntu2: no SHA-256 hash
  WARNING: source diveintopython 5.4-2ubuntu2: no SHA-1 hash

  http://dex.alioth.debian.org/census/Ubuntu/check-package-list

  Please ignore the warnings about GPG and InRelease stuff, they are due
  to python-apt not supporting some things in Debian squeeze.

   affects launchpad
   subscribe ubuntu-archive

  --
  bye,
  pabs

  http://wiki.debian.org/PaulWise

  SRU for Precise:

  [Impact]
  `apt-ftparchive sources .` on a directory with a .dsc not containing checksums will produce output also without checksums.  By making this patch available on Precise, we will backport the Precise version to lucid-cat for fixing on Launchpad.

  [Test Case]
  Grab the source package for beef-0.0.6-2 the dsc of which has no checksums, put this in /tmp then cd to /tmp.  Run `apt-ftparchive sources .` and observe that no checksums are output.  Upgrade to the fixed version and re-run the command and observe that checksums are now output correctly.

  [Regression Potential]
  None known.

To manage notifications about this bug go to:
https://bugs.launchpad.net/launchpad/+bug/1078697/+subscriptions

More information about the foundations-bugs mailing list