Bruno Wolff III wrote: > I noticed when doing a yum update that the elfutils update is signed > with key 30c9ecf8 instead of the normal one for updates. > [root@bruno f7u]# rpm --checksig elfutils* > elfutils-0.129-1.fc7.i386.rpm: (SHA1) DSA sha1 md5 (GPG) NOT OK (MISSING KEYS: GPG#30c9ecf8) > elfutils-devel-0.129-1.fc7.i386.rpm: (SHA1) DSA sha1 md5 (GPG) NOT OK (MISSING KEYS: GPG#30c9ecf8) > elfutils-devel-static-0.129-1.fc7.i386.rpm: (SHA1) DSA sha1 md5 (GPG) NOT OK (MISSING KEYS: GPG#30c9ecf8) > elfutils-libelf-0.129-1.fc7.i386.rpm: (SHA1) DSA sha1 md5 (GPG) NOT OK (MISSING KEYS: GPG#30c9ecf8) > elfutils-libelf-devel-0.129-1.fc7.i386.rpm: (SHA1) DSA sha1 md5 (GPG) NOT OK (MISSING KEYS: GPG#30c9ecf8) > elfutils-libelf-devel-static-0.129-1.fc7.i386.rpm: (SHA1) DSA sha1 md5 (GPG) NOT OK (MISSING KEYS: GPG#30c9ecf8) > elfutils-libs-0.129-1.fc7.i386.rpm: (SHA1) DSA sha1 md5 (GPG) NOT OK (MISSING KEYS: GPG#30c9ecf8) Every so often a package seems to slip in that's signed with the updates-testing key. I checked the updates tree and in addition to elfutils*, perl-PDF-API2-0.62-2.fc7.noarch.rpm is also signed with the testing key. I dropped a note to rel-eng about this (though I forget if it should be reported there or to the infrastructure ticket system). Hopefully it'll get sorted out fairly soon. But F8 test 2 is being prepared now, which might slow down the few folks with the ability to fix this. -- Todd OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ The worst thing about history is that every time it repeats itself, the price goes up. -- Pillar
Attachment:
pgpTZNLu3glhX.pgp
Description: PGP signature