Debian Package Tracker

general

source: onak (main)
version: 0.5.0-1
maintainer: Jonathan McDowell (DMD)
arch: any
std-ver: 3.9.8.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 0.4.5-2
oldstable: 0.5.0-1
stable: 0.5.0-1
testing: 0.5.0-1
unstable: 0.5.0-1

versioned links

0.4.5-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.5.0-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

onak

action needed

Standards version of the package is outdated. high

The package is severely out of date with respect to the Debian Policy. The package should be updated to follow the last version of Debian Policy (Standards-Version 4.4.0 instead of 3.9.8.0).

Created: 2018-04-16 Last update: 2019-07-08 20:08

1 bug tagged patch in the BTS normal

The BTS contains patches fixing 1 bug, consider including or untagging them.

Created: 2019-04-28 Last update: 2019-09-16 00:03

version in VCS is newer than in repository, is it time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 0.5.0+wip-1, distribution UNRELEASED) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit f3745f1a2bbf08e7e1abed1a980f076ffa4f1dfd
Author: Jonathan McDowell <noodles@earth.li>
Date:   Sun Sep 8 18:05:38 2019 +0100

    Add configuration file comment for check_packet_size option

commit a000448ed7ca6932cf1a7936fa43e56395b16f77
Author: Jonathan McDowell <noodles@earth.li>
Date:   Sat Sep 7 19:56:04 2019 +0000

    Add defines for nettle_get_secp_* for Nettle pre 3.4
    
    Debian 9 (stretch) has Nettle 3.3, so define these fallbacks so we
    can build with crypto support there.

commit c981a80699901eb3d513a4cc9355574a69016037
Author: Jonathan McDowell <noodles@earth.li>
Date:   Sat Sep 7 12:04:14 2019 +0000

    Add support for full signature verification
    
    For a long time it has been known that attacks against the keyserver
    network were easy due to the lack of cryptographic verification on
    signatures, as well as the lack of other checks and balances. Add the
    ability to actually verify signatures, allowing those are that are not
    valid (or that come from non-present keys) to be removed.

commit 6565bed3065d1751abf469da1a85884d9ddde759
Author: Jonathan McDowell <noodles@earth.li>
Date:   Fri Sep 6 18:56:51 2019 +0100

    Error out if there's any problem setting up the keyd socket
    
    Rather than ending up in an accept() loop that goes nowhere, print
    the error we saw and exit.

commit da8b732cf8223bbd4f5bc45a7db1d430fb531bf2
Author: Jonathan McDowell <noodles@earth.li>
Date:   Thu Sep 5 16:17:42 2019 +0100

    Add dependency on pkg-config
    
    The move to cmake requires pkg-config in order to find nettle-dev
    correctly.

commit 39a6e85be51e4bfb04d08d07b8b84a753e6b9765
Author: Jonathan McDowell <noodles@earth.li>
Date:   Thu Sep 5 14:18:33 2019 +0100

    Add MD5_DIGEST_SIZE to our local MD5 implementation header
    
    This is present in libnettle and has been made use of recently to
    avoid a hard coded digest length value.

commit 52f5de3b2bfc272187772b03b3bcb8e069626b51
Author: Jonathan McDowell <noodles@earth.li>
Date:   Thu Sep 5 14:06:44 2019 +0100

    Remove v5 keyid support when libnettle not present
    
    v5 key fingerprints are SHA256 based. We have fallbacks for MD5 + SHA1
    when libnettle is not present, but there's no intent to provide a SHA256
    fallback, and we're close to the point where support for building
    without libnettle will be removed entirely.

commit 8ee9a59daf7a1ab1bf4ad8f4d2bcb88282db58a8
Author: Jonathan McDowell <noodles@earth.li>
Date:   Wed Aug 28 08:20:03 2019 +0100

    Pass a keydb context into cleankeys in preparation for signature checks
    
    In order to validate signatures cleankeys() will need to do key lookups
    of the signing keys. Plumb in the database context in preparation for
    this.

commit 51c1a7dd950efef6a4d00df1878341777f8064ff
Author: Jonathan McDowell <noodles@earth.li>
Date:   Tue Aug 27 18:56:46 2019 +0100

    Move key database backends into their own directory
    
    These logically sit together and are separate from the core code, so
    move them off to a separate directory. There are various bits of support
    that should be hived off the core libonak and move in here too, but that
    can wait until later.

commit dfab9e96ee1fa4a10acf9c1cf644d7a4366a5af6
Author: Jonathan McDowell <noodles@earth.li>
Date:   Thu Aug 22 08:17:49 2019 +0100

    Cleanup postinst to avoid recursive chown of database
    
    The recursive chown of /var/lib/onak has the potential to be abused
    during installation, so just chown the top level directory and then run
    the onak that's initialising the DB as the onak user, rather than root.

commit 70842462a490e56a607a48b2d27807816c4d8a80
Author: Jonathan McDowell <noodles@earth.li>
Date:   Thu Aug 22 08:07:46 2019 +0100

    Set Rules-Requires-Root to no
    
    We can build as a normal user.

commit c3fe49f62ac8d87e4e0ac836891792e9c10035a2
Author: Jonathan McDowell <noodles@earth.li>
Date:   Thu Aug 22 07:19:36 2019 +0100

    Bump debhelper compat level to 10
    
    Also remove now unnecessary build-depend on dh-systemd.

commit 917ee39cc46d3d215b8cb9594c6223fbb19f4681
Author: Jonathan McDowell <noodles@earth.li>
Date:   Thu Aug 22 07:14:38 2019 +0100

    Remove git clone depth for Travis-CI
    
    The default of 50 wasn't enough to be able to "git describe" our current
    revision for the build process.

commit b9ea568af87d8b9c4d9afb0819ac20f8e2c3f885
Author: Jonathan McDowell <noodles@earth.li>
Date:   Wed Aug 21 20:07:09 2019 +0100

    Add test for blacklisting functionality

commit 9ce8c6ced68d45b462abb4c6531b6476f4d1e681
Author: Jonathan McDowell <noodles@earth.li>
Date:   Wed Aug 21 18:56:57 2019 +0100

    Add option to only accept updates for existing keys
    
    It's plausible in a curated keyring scenario where a keyserver should
    accept updates to existing keys (new signatures, updated expiries, new
    subkeys) but no entirely new keys. Add a configuration file option which
    enforces this behaviour.

commit 3886942162fd8193d8a804a685a3f96a65b9712c
Author: Jonathan McDowell <noodles@earth.li>
Date:   Wed Aug 21 18:55:32 2019 +0100

    Add blank line before armoured PGP data
    
    When removing the Version: header it's still necessary to have a blank
    line before the actual armoured data.

commit 7a255dd9b5307228b6706904d3def738c3628e45
Author: Jonathan McDowell <noodles@earth.li>
Date:   Tue Aug 20 08:12:52 2019 +0100

    Clean up signature hash calculation code
    
    Use the defined digest lengths for MD5/SHA1/SHA1X rather than magic
    numbers, clear the hash type at the start and then only set it if we
    know it.

commit be5ba2d0e5abe871511b60918ace010acddb1f5e
Author: Jonathan McDowell <noodles@earth.li>
Date:   Mon Aug 19 08:29:40 2019 +0100

    Update Travis CI to use Ubuntu 18.04 instead of 16.04

commit 86936a047acc793ea7abc80b665ee3e4e538143a
Author: Jonathan McDowell <noodles@earth.li>
Date:   Mon Aug 19 08:25:15 2019 +0100

    Clean up GCC warnings
    
    GCC -Wall found a valid issue with a & instead of a && in the keyring DB
    backend, a buffer assignment missing a cast and some unused variables in
    the DB4 backend.

commit da1f0ee80a15a9fb6a7d15e81f39ad9dc34db406
Author: Jonathan McDowell <noodles@earth.li>
Date:   Mon Aug 19 07:28:16 2019 +0100

    Clean up use of shifts beyond composite types
    
    GCC with the -fsanitize=undefined flag issues complaints like:
    
    runtime error: left shift of 232 by 24 places cannot be represented in
    type 'int'
    
    due to the fact we shift the byte values into a 64 bit value. Rather
    than adding lots of casts split out the formation into a set of steps
    that doesn't end up shifting the byte value, just the final 64 bit
    value.

commit a94e29c9a3763f96b1c773f0818b97e4fd0777b0
Author: Jonathan McDowell <noodles@earth.li>
Date:   Sun Aug 18 21:55:45 2019 +0100

    Add support for a key fingerprint blacklist
    
    There are various keys in the wild, such as Evil32 (https://evil32.com/)
    which a keyserver is unlikely to want to carry in the general case.
    Introduce the capability to have a blacklist of fingerprints which will
    not be accepted into the keyserver.

commit eb94eab34a0893fb5b8f78652f338df85f492a9b
Author: Jonathan McDowell <noodles@earth.li>
Date:   Sun Aug 18 20:46:39 2019 +0100

    Deprecate the .conf configuration file format
    
    The old .conf config file was intended to be compatible with the ancient
    PKS keyserver. All new features are only supported with the .ini format
    and this is going to make the automated tests supporting both more
    awkward. So deprecate the old style and stop testing it.

commit f869498b2b159bd3d363fb2f9d803b99c44de8bc
Author: Jonathan McDowell <noodles@earth.li>
Date:   Sun Aug 18 19:30:06 2019 +0100

    Fix memory leak when updating keys
    
    If the first new key had no new components we'd remove it from the list
    but not actually free it. Fix things up so we free it properly. Found
    with gcc's -fsanitize=leak option.

commit a8c0920cce727a12697154a85896f2a3ba47eb75
Author: Jonathan McDowell <noodles@earth.li>
Date:   Sun Aug 18 19:03:44 2019 +0100

    Fix up memory leaks in fs keydb backend deletion
    
    We need to clean up the wordlist we created, as well as the copy of the
    actual key we retrieved.

commit 2b28bb7cc65dc9594092dff860fd89bd14dd8b27
Author: Jonathan McDowell <noodles@earth.li>
Date:   Sun Aug 18 18:49:47 2019 +0100

    Fix memory leak in makewordlistfromkey()
    
    We were building a linked list of words in each UID, but then not
    cleaning up this linked list when we were done with it. Found with gcc
    -fsanitize=leak

commit d623a1b8e656cc5f45b360b402dfc974c711c8d3
Author: Jonathan McDowell <noodles@earth.li>
Date:   Sun Aug 18 14:55:09 2019 +0100

    Properly free database context when cleaning up fs backend

commit 5e2c81ee4acb5bf3eb4afdbc766646ba06f96dd9
Author: Jonathan McDowell <noodles@earth.li>
Date:   Sun Aug 18 11:03:47 2019 +0100

    Fix memory leak when merging key signatures
    
    This is a long-standing memory leak when merging signed packet lists. It
    hasn't been observed in the wild because the key merging is normally
    done in a transient process. Found using GCC with -fsanitize=leak

commit d7d1077c759ec370ef776eba1d855837b3d6c597
Author: Jonathan McDowell <noodles@earth.li>
Date:   Mon Aug 12 19:03:05 2019 +0100

    Cleanup DB4 deletion code from pre-fingerprint period
    
    Some remanents from the key ID based deletion function that are no
    longer needed.

commit 35be219c978ea1869cd6dae4649478e2d503a7b6
Author: Jonathan McDowell <noodles@earth.li>
Date:   Mon Aug 12 18:59:54 2019 +0100

    Fix up key deletion by key ID with onak tool
    
    The call to db_delete_key() was claiming we were in a transaction, which
    isn't true and causes failures with deletion with DB4.

commit 372df79a3c51d8de54440aba9b05f0af28b005a7
Author: Jonathan McDowell <noodles@earth.li>
Date:   Mon Aug 5 19:27:06 2019 +0100

    Expose more of calculating the packet signature hash
    
    As preparation for full signature verification move to calculating the
    signature hash and exposing it, and then doing the verification in the
    cleaning routine.

commit 2708d5a06ad2ef872ea89aca822328f98a86e7cb
Author: Jonathan McDowell <noodles@earth.li>
Date:   Sun Aug 4 19:19:31 2019 +0100

    Drop v3 keys by default when cleaning keys
    
    v3 keys have long been considered insecure. While we want to retain
    support for them there's no reason most keyservers should actually store
    them these days. So drop them by default when running cleankeys()

commit f063495a9a479e094216875001e3e006344eebcd
Author: Jonathan McDowell <noodles@earth.li>
Date:   Sat Aug 3 11:10:09 2019 +0100

    Fix header size for v5 packet sig checks
    
    The keyheader for a v5 signature has a 4 byte length instead of a 2 byte
    length, but the structure hadn't been increased in size.

commit 3877403043acfbfa57497d3ba51a5ec2db1c77dc
Author: Jonathan McDowell <noodles@earth.li>
Date:   Sat Aug 3 09:35:23 2019 +0100

    Move CGI sources to their own subdirectory
    
    Cleanup the code structure a bit by pulling those files only used for
    the HKP interface into their own directory.

commit 42977c5361ef21c99bc157e9c7edbba49243014f
Author: Jonathan McDowell <noodles@earth.li>
Date:   Sat Aug 3 09:09:41 2019 +0100

    Remove unused worddb_cmp() from DB4 backend
    
    This function was no longer used, so remove it.

commit c063c72b0e63842f5466e0983183c98d4e05c54e
Author: Jonathan McDowell <noodles@earth.li>
Date:   Thu Aug 1 22:32:51 2019 +0100

    Remove getfullkeyid functionality
    
    This expanded a 32 bit key ID into a 64 bit key ID. It's mostly
    redundant, so encode 64 bit key IDs where necessary and rely on the
    fetch fallback to 32 bit elsewhere.

commit 5cb163e87c7f0717aa94ca281a56e572c2a6c8f3
Author: Jonathan McDowell <noodles@earth.li>
Date:   Thu Aug 1 22:18:24 2019 +0100

    Change delete_key to use a full fingerprint
    
    delete_key was deleting a key based on the keyid, which is
    insufficiently precise. Move over to the full fingerprint (even though
    with some backends this is an effective no-op for now).

commit fd9ca85878543771a7f09afd821a5a5511e71aea
Author: Jonathan McDowell <noodles@earth.li>
Date:   Thu Aug 1 19:19:30 2019 +0100

    Improve handling of colliding 64-bit key IDs
    
    Originally key retrieval was all performed on the 64 bit key ID but back
    in 2013 support was added for fetching by fingerprint. However not all
    the pieces to deal with colliding 64 bit IDs were added at this time.
    This commit improves things by:
    
     * Using the fingerprint to retrieve the key to update in update_keys()
     * Returning all keys that share a 64 bit key ID from the DB4 backend,
       rather than just the first found.
     * Adding a test to ensure multiple keys are returned for a colliding
       key lookup.
    
    It also removes the old compatibility code for the DB4 backend with key
    lookups by 64 bit key ID.
    
    Note this isn't yet common in the wild; unlike Evil32 it is not possible
    to create collisions for arbitrary key IDs.

commit d1b4ba940d6bed575b40ac1026514c0b97d5128b
Author: Jonathan McDowell <noodles@earth.li>
Date:   Wed Jul 31 20:49:30 2019 +0100

    Fix potential memory leak in wotsap tool
    
    In failure paths we can leak the memory allocated to hold the directory
    path. This isn't really a problem, as we'll exit shortly afterwards, but
    scan-build complains and we should really fix for completeness.

commit a26c8e732ad4044b86c84924afce0c36bbc9f59a
Author: Jonathan McDowell <noodles@earth.li>
Date:   Wed Jul 31 19:17:44 2019 +0100

    Enable sighash checking for v5 keys
    
    v5 signatures are calculated slightly differently than v4 signatures, so
    allow for this when checking the 2 leading bytes of the signature hash.

commit 1a9c2d7545a4bafd7a601a8983192c4861d89c68
Author: Jonathan McDowell <noodles@earth.li>
Date:   Wed Jul 31 19:08:37 2019 +0100

    Exit on failure to initialise a dynamic DB backend
    
    The dynamic DB backend does a lot of checks to ensure it can load the
    requested backend successfully, but didn't actually check that it
    initialised correctly. Bomb out with a graceful error message if this
    happens rather than leading the caller to think everything is ok.

commit 4baef3532b82bcaaa1aecc376b7e63e8a20d8bf7
Author: Jonathan McDowell <noodles@earth.li>
Date:   Tue Jul 30 19:40:17 2019 +0100

    Add an OpenPGP keyring backed database backend
    
    Allow the use of an OpenPGP keyring (like keyring.gpg from GnuPG v1) as
    a read-only database backend. This is just a collection of keys
    concatenated together. The file is mmaped on load and parsed for keys,
    then simple linear searches are done for keyids/fingerprints.
    Performance with large numbers of keys will not be good.

commit b3c67e7383ef6ece55dcf6fbfa9587f5d0a14546
Author: Jonathan McDowell <noodles@earth.li>
Date:   Tue Jul 30 15:32:34 2019 -0300

    Add more generic OID parsing to decodekey
    
    Rather than only parsing the encoded OID to calculate the key size make
    a helper function in decodekey and use that. This will be useful when
    trying to parse key material for signature checks.

commit 2039724ebd70536ad567630725f6b75b7868e486
Author: Jonathan McDowell <noodles@earth.li>
Date:   Tue Jul 30 15:26:58 2019 -0300

    Export fingerprint_cmp from keyarray.c
    
    Comparing fingerprints is generally useful outside of the routines in
    keyarray.c, so export the function prototype in the header file.

commit 4b6032dbfb20e041043cfa0b6b84145f49a98a11
Author: Jonathan McDowell <noodles@earth.li>
Date:   Mon Jul 8 12:06:31 2019 +0100

    Remove Version: header from armored output
    
    There is no benefit to this header and it leaks information about the
    implementation of OpenPGP in use, which may open up other attacks. Drop
    it.

commit 4b4592942fc58994cae56118173ad77d55c6f157
Author: Jonathan McDowell <noodles@earth.li>
Date:   Tue Apr 16 09:14:03 2019 +0100

    Remove auto* related files from .gitignore

commit 41b7047c909cb5d8243901080db4931ebf165acf
Author: Jonathan McDowell <noodles@earth.li>
Date:   Tue Apr 16 21:09:29 2019 +0100

    Stop using 32-bit key IDs
    
    The time for 32-bit key IDs is long past (and even 64-bits are risky),
    so switch to 64-bit IDs everywhere we display a key ID.

commit 37801dca09e004c214604ae66323a628e100258d
Author: Jonathan McDowell <noodles@earth.li>
Date:   Tue Apr 16 07:48:24 2019 +0100

    Assume if we have Nettle it has all the hashes we need
    
    Older versions of Nettle didn't support the SHA2 functions fully so we
    checked for their existence. Switch to assuming they're present if we
    have Nettle at all.

commit 5804040a89edac8446d71c5a3f369e5997b20806
Author: Jonathan McDowell <noodles@earth.li>
Date:   Mon Apr 15 19:48:58 2019 +0100

    Move Travis to do CMake configure + build
    
    Once more, with feeling, for the move from autoconf to cmake.

commit 7a83d0b243dd26c8d2cfb4b28aad1b0c10ae19f2
Author: Jonathan McDowell <noodles@earth.li>
Date:   Mon Apr 15 19:39:24 2019 +0100

    Add CMake dependency for Travis CI

commit 3512fa56e404e5dc2e3a6a3ca6fa23eb25760493
Author: Jonathan McDowell <noodles@earth.li>
Date:   Mon Apr 15 19:34:47 2019 +0100

    Drop "autoreconf -i" for Travis CI now we're using CMake

commit add20f8102d4e5a43957b62e59174378a23f4bc2
Author: Jonathan McDowell <noodles@earth.li>
Date:   Mon Apr 15 19:23:20 2019 +0100

    Don't require a database connection for a key index
    
    We need an active keydb backend if we want to be able to lookup
    UIDs for signatures, but if we don't have one we can still index the
    key. Only use keyid2uid when we have a non-NULL dbctx.

commit 85187675424f3854869f1607afd8a1e84e536946
Author: Jonathan McDowell <noodles@earth.li>
Date:   Mon Apr 15 19:19:22 2019 +0100

    Add support for v5 keys
    
    v5 is being specified in RFC4880bis. It uses a slightly different packet
    format for public key packets and uses SHA2-256 for fingerprints. Add
    basic support for parsing and storing these days, and some new unit
    tests using the v5 test key.

commit f8407f2ed06cdc0cca8c2421023255886c12ea6d
Author: Jonathan McDowell <noodles@earth.li>
Date:   Mon Apr 15 10:22:12 2019 +0100

    Add support for issuer fingerprint subpackets
    
    A new subpacket containing the entire fingerprint of the signature
    issuer has been added in RFC4880bis. This improves the old issuer keyid
    subpacket type.

commit a799cc2909f47d918d1ec7171a9edba28a9f5136
Author: Jonathan McDowell <noodles@earth.li>
Date:   Sun Apr 14 17:51:11 2019 +0100

    Move to CMake over autoconf
    
    The auto* tools are hard to work with, and I'd like to split out various
    bits of onak into a shared library useful to other projects as well as
    various internal helpers (e.g. a backend DB library). To help with that
    move over to CMake as a more modern but still widely available build
    system.

commit 94422621d7c1300ae7001d13590570f9d4ad2a07
Author: Jonathan McDowell <noodles@earth.li>
Date:   Wed Apr 10 19:05:10 2019 +0100

    Cleanup tests to be able to run from a different directory
    
    runtests assumes its run from the directory it lives in, and that this
    is the build directory. Improve it to be able to cope with a build in a
    different directory to the source and work out the correct paths.

commit adc800dbc424a1e246dd4a82a0c2e88eeda25531
Author: Jonathan McDowell <noodles@earth.li>
Date:   Tue Apr 9 20:54:57 2019 +0100

    Add ability to drop overly large packets
    
    As per draft-dkg-openpgp-abuse-resistant-keystore add the ability to
    drop "large" packets. These are defined as UIDs more than 1024 bytes
    long, UATs greater than 64k in size and all other packets larger than
    8383 bytes (the maximum that will fit in a 2 byte new format packet
    length). Disabled by default, enable with "check_packet_size" in the
    verification config section.

commit a0d1c99184eeb07a6a7711e168c3db4b8c0937eb
Author: Jonathan McDowell <noodles@earth.li>
Date:   Tue Apr 9 19:53:54 2019 +0100

    Use a set of policy flags to indicate what key cleaning to perform
    
    To decouple cleankeys.c from the keyserver config, and prepare for an
    extension of the policies available, use a set of flags to indicate what
    key cleaning to perform.

commit 5719b2b50c87d77e4ed1cc054f000845fc9aa8cc
Author: Jonathan McDowell <noodles@earth.li>
Date:   Tue Apr 9 19:30:53 2019 +0100

    Add Vim backup files + GNU Global tags to .gitignore

commit 490c02ce72b7fa7cedecf7acaae46713fff507da
Author: Jonathan McDowell <noodles@earth.li>
Date:   Tue Apr 9 19:22:03 2019 +0100

    Update Travis CI config to use Xenial
    
    The default of Trusty is failing to find libsystemd-dev.

commit 357fbc65bfab230bbf12313e8b458d8325a6174f
Author: Jonathan McDowell <noodles@earth.li>
Date:   Tue Apr 9 15:55:02 2019 +0100

    Move keysigs into its only user, keydb.c
    
    keysigs is only actually used within keydb.c and pulls in stats
    structures unnecessarily to decodekey.c, so pull it inline.

commit 63024252ef5bc13b0b920112b91c1945e0cc6f13
Author: Jonathan McDowell <noodles@earth.li>
Date:   Tue Apr 9 15:42:28 2019 +0100

    Move free_statskey into hash.c
    
    free_statskey() is only used within hash.c, so move it out of mem.c and
    scope it more narrowly.

commit 6df51fef2960f533a741fb7290867387ed3fbba5
Author: Jonathan McDowell <noodles@earth.li>
Date:   Tue Apr 9 14:54:13 2019 +0100

    Update GPL location to URL rather than postal address

commit 0c120d1895d25b59abe338862189be1b87447569
Author: Jonathan McDowell <noodles@earth.li>
Date:   Tue Apr 9 14:38:03 2019 +0100

    Cleanup various includes
    
    Run include-what-you-use and do some cleanups based on its suggestions.
    Pull out some logging dependencies that don't need to be there in the
    process.

commit f98869fbb272a11751a1477e083898b8d41c94c6
Author: Jonathan McDowell <noodles@earth.li>
Date:   Tue Apr 9 13:30:37 2019 +0100

    Clean up a couple of format truncation warnings
    
    Newer GCCs will warn about truncation in strncpy/snprintf etc, so re-jig
    things a bit to try and avoid it.

commit 409ce1e3784064ab8f2786a9600a30809c502a46
Author: Jonathan McDowell <noodles@earth.li>
Date:   Tue Sep 25 11:07:06 2018 +0100

    Use generic fallback in stacked backend for non core routines
    
    The non-core routines that don't directly return or store a key
    structure often fall back to the generic routines under the hood. This
    means we can miss propagating a retrieved key up to the top level of the
    stack. Avoid this by only calling the non-generic version for the top
    layer, then falling back to the generics which will do the appropriate
    store on fallback.

Created: 2019-04-01 Last update: 2019-09-15 21:30

Depends on packages which need a new maintainer normal

The packages that onak depends on which need a new maintainer are:

apache2 (#910917)
- Recommends: apache2

Created: 2018-10-13 Last update: 2019-09-15 21:17

lintian reports 4 warnings normal

Lintian reports 4 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2019-08-26 Last update: 2019-08-26 23:54

Build log checks report 1 warning low

Build log checks report 1 warning

Created: 2014-07-02 Last update: 2014-07-02 18:05

testing migrations

This package will soon be part of the auto-nettle transition. You might want to ensure that your package is ready for it. You can probably find supplementary information in the debian-release archives or in the corresponding release.debian.org bug.

news

[rss feed]

[2016-09-08] onak 0.5.0-1 MIGRATED to testing (Debian testing watch)
[2016-08-28] Accepted onak 0.5.0-1 (source amd64) into unstable (Jonathan McDowell)
[2015-09-11] onak 0.4.6-1 MIGRATED to testing (Britney)
[2015-08-31] Accepted onak 0.4.6-1 (source amd64) into unstable (Jonathan McDowell)
[2014-10-16] onak 0.4.5-2 MIGRATED to testing (Britney)
[2014-10-05] Accepted onak 0.4.5-2 (source amd64) into unstable (Jonathan McDowell)
[2014-10-03] Accepted onak 0.4.5-1 (source amd64) into unstable (Jonathan McDowell)
[2014-09-30] Accepted onak 0.4.4-1 (source amd64) into unstable (Jonathan McDowell)
[2014-09-30] Accepted onak 0.4.3-1 (source amd64) into unstable (Jonathan McDowell)
[2013-10-12] onak 0.4.2-1 MIGRATED to testing (Debian testing watch)
[2013-10-01] Accepted onak 0.4.2-1 (source amd64) (Jonathan McDowell)
[2012-05-05] onak 0.4.1-1 MIGRATED to testing (Debian testing watch)
[2012-04-25] Accepted onak 0.4.1-1 (source amd64) (Jonathan McDowell)
[2011-04-30] onak 0.4.0-1 MIGRATED to testing (Debian testing watch)
[2011-04-20] Accepted onak 0.4.0-1 (source amd64) (Jonathan McDowell)
[2010-01-10] onak 0.3.8-1 MIGRATED to testing (Debian testing watch)
[2009-12-30] Accepted onak 0.3.8-1 (source amd64) (Jonathan McDowell)
[2009-06-27] Accepted onak 0.3.6-2 (source amd64) (Jonathan McDowell)
[2009-06-13] onak 0.3.7-1 MIGRATED to testing (Debian testing watch)
[2009-06-11] Accepted onak 0.3.6-2 (source amd64) (Jonathan McDowell)
[2009-06-02] Accepted onak 0.3.7-1 (source amd64) (Jonathan McDowell)
[2008-06-18] onak 0.3.6-1 MIGRATED to testing (Debian testing watch)
[2008-06-07] Accepted onak 0.3.6-1 (source armel amd64) (Jonathan McDowell)
[2008-01-26] onak 0.3.5-1 MIGRATED to testing (Debian testing watch)
[2008-01-16] Accepted onak 0.3.5-1 (source i386) (Jonathan McDowell)
[2008-01-09] onak 0.3.4-1 MIGRATED to testing (Debian testing watch)
[2007-12-29] Accepted onak 0.3.4-1 (source i386) (Jonathan McDowell)
[2007-07-04] onak REMOVED from testing (Debian testing watch)
[2007-06-20] onak 0.3.3-1 MIGRATED to testing (Debian testing watch)
[2007-03-04] Accepted onak 0.3.3-1 (source i386) (Jonathan McDowell)

bugs [bug history graph]

all: 1
RC: 0
I&N: 1
M&W: 0
F&P: 0
patch: 1

links

homepage
lintian (0, 4)
buildd: logs, checks, clang, reproducibility, cross
popcon
browse source code
edit tags
screenshots

ubuntu

[Information about Ubuntu for Debian Developers]

version: 0.5.0-1
2 bugs