Custom binary uploads are not tracked leading to invalid re-signing on series opening

Bug #1882668 reported by Andy Whitcroft
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Launchpad itself
New
Undecided
Unassigned

Bug Description

Custom binary uploads are not tracked as first class objects and so are not correctly removed when the owning source publication is removed. This is particularly obvious when we open a new series. As we have no tracking for these we publish all custom uploads which were in the previous series into the new series. For signing/efi custom uploads this is significant as the act of publication triggers the signing process. This leads us to sign all existing signing/efi objects again into the new series and therefore with the contemporaneous keys in that series. Where the package was completely deleted in the preceeding series or the preceeding series was signed with a different key set this leads us to sign stale binaries with these keys. This is a significant risk for these keys.

If we cannot fix this before the next opening we need to ensure any such signed binaries are removed from the archive before it becomes public.

Andy Whitcroft (apw)
description: updated
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.