Lintian Reports

I public-upstream-keys-in-multiple-locations

All reports of public-upstream-keys-in-multiple-locations for the archive. The extended description of this tag is:

The source package contains public upstream signing keys (or keyrings) in multiple locations. This situation is potentially confusing for uscan(1) or any other tool hoping to verify the integrity and authenticity of upstream sources.

Please remove all keys (or keyrings) except one at the recommended location debian/upstream/signing-key.asc.

Refer to the uscan(1) manual page for details.

Severity: wishlist, Certainty: certain

Check: upstream-signing-key, Type: source

Emitted (non-overridden): 3, overridden: 0, total: 3

The package names link to the relevant maintainer page and the corresponding report for the source package. The links go to the full maintainer report page, which includes info and experimental tags and overridden tags, rather than the default page that shows only errors and warnings.

equalx 0.7.1-4.1 (source) (Dariusz Dwornikowski <>)

gdb 8.3.1-1 (source) (Héctor Orón Martínez <>)

igtf-policy-bundle 1.102-1 (source) (Dennis van Dok <>)