Bruno Wolff III wrote:
> I noticed when doing a yum update that the elfutils update is signed
> with key 30c9ecf8 instead of the normal one for updates.
> [root@bruno f7u]# rpm --checksig elfutils*
> elfutils-0.129-1.fc7.i386.rpm: (SHA1) DSA sha1 md5 (GPG) NOT OK (MISSING KEYS: GPG#30c9ecf8)
> elfutils-devel-0.129-1.fc7.i386.rpm: (SHA1) DSA sha1 md5 (GPG) NOT OK (MISSING KEYS: GPG#30c9ecf8)
> elfutils-devel-static-0.129-1.fc7.i386.rpm: (SHA1) DSA sha1 md5 (GPG) NOT OK (MISSING KEYS: GPG#30c9ecf8)
> elfutils-libelf-0.129-1.fc7.i386.rpm: (SHA1) DSA sha1 md5 (GPG) NOT OK (MISSING KEYS: GPG#30c9ecf8)
> elfutils-libelf-devel-0.129-1.fc7.i386.rpm: (SHA1) DSA sha1 md5 (GPG) NOT OK (MISSING KEYS: GPG#30c9ecf8)
> elfutils-libelf-devel-static-0.129-1.fc7.i386.rpm: (SHA1) DSA sha1 md5 (GPG) NOT OK (MISSING KEYS: GPG#30c9ecf8)
> elfutils-libs-0.129-1.fc7.i386.rpm: (SHA1) DSA sha1 md5 (GPG) NOT OK (MISSING KEYS: GPG#30c9ecf8)
Every so often a package seems to slip in that's signed with the
updates-testing key. I checked the updates tree and in addition to
elfutils*, perl-PDF-API2-0.62-2.fc7.noarch.rpm is also signed with the
testing key. I dropped a note to rel-eng about this (though I forget
if it should be reported there or to the infrastructure ticket
system).
Hopefully it'll get sorted out fairly soon. But F8 test 2 is being
prepared now, which might slow down the few folks with the ability to
fix this.
--
Todd OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The worst thing about history is that every time it repeats itself,
the price goes up.
-- Pillar
Attachment:
pgpTZNLu3glhX.pgp
Description: PGP signature
