Devuan bug report logs - #40
devuan-project: apt-get source <package> fails to verify signatures on any packages

Package: devuan-project; Maintainer for devuan-project is Devuan Developers <>;

Reported by:

Date: Fri, 24 Mar 2017 16:36:54 UTC

Severity: critical

Done: KatolaZ <>

Full log

Message #10 received at (full text, mbox, reply):

Received: (at 40) by; 14 Apr 2017 10:00:03 +0000
Return-Path: <>
Received: from []
	by fulcanelli with IMAP (fetchmail-6.3.26)
	for <debbugs@localhost> (single-drop); Fri, 14 Apr 2017 12:00:02 +0200 (CEST)
Received: from [] (localhost [])
	(Authenticated sender:
	with ESMTPSA id F0C1C18D0C5
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;; s=mail;
	t=1492163821; bh=v/iEZvA+oVHBTlEz9cfc2R+pxYJWm5UsJDStOors3Y0=;
Date: Fri, 14 Apr 2017 10:57:00 +0100
From: KatolaZ <>
Subject: irrelevant...
Message-ID: <>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.5.23 (2014-03-12)
X-Spam-Status: No, score=-1.0 required=5.0 tests=ALL_TRUSTED
	autolearn=disabled version=3.4.0
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on tupac2
I am gonna close his one. You fail to verify source package signatures
since you don't have the corresponding developer (or distro) key in
your keyring. If you import the key in your trustedkeys.gpg, it
doesn't fail any more.

Send a report that this bug log contains spam.

Devuan BTS -- Powered by Debian bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.

Devuan Bugs Owner <>.
Last modified: Thu Jul 2 19:53:31 2020;