[Bug 1995247] Re: Leftover /tmp/apt-key.* files after updates with embedded gpg keys in deb822 sources
Julian Andres Klode
1995247 at bugs.launchpad.net
Fri Jan 27 12:55:55 UTC 2023
Marking as verified per test instructions, as the autopkgtests have all
passed (and the reported regression also has been fixed in a retry
apparently, hooray).
** Tags removed: verification-needed-jammy verification-needed-kinetic
** Tags added: verification-done-jammy verification-done-kinetic
** Tags removed: verification-needed
** Tags added: verification-done
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1995247
Title:
Leftover /tmp/apt-key.* files after updates with embedded gpg keys in
deb822 sources
Status in apt package in Ubuntu:
Fix Released
Status in apt source package in Jammy:
Fix Committed
Status in apt source package in Kinetic:
Fix Committed
Status in apt source package in Lunar:
Fix Released
Bug description:
[Impact]
When keys are embedded into deb822 sources files as Signed-By, apt writes them to a temporary file, but the code to delete them accidentally had an if (0) in front of the deletion, so they don't get deleted and accumulate with each `apt update` run.
[Test plan]
Including a test case for this in our comprehensive integration test suite which runs as autopkgtest, so passing autopkgtest = good.
[Where problems could occur]
Files could end up being removed too soon if the code is otherwise wrong?
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1995247/+subscriptions
More information about the foundations-bugs
mailing list