On Wed, 2008-09-10 at 10:16 -0400, Dave Feustel wrote: > On Wed, Sep 10, 2008 at 08:30:27AM -0500, Aaron Konstam wrote: > > On Tue, 2008-09-09 at 23:34 -0700, Jesse Keating wrote: > > > In a few hours, updates for Fedora 8 and Fedora 9 will start hitting > > > mirrors. These updates are designed to transition users from our old > > > repo locations to new locations that have all our updates re-signed with > > > a new set of keys. > > > > > > Most users will simply need to apply the offered updates, and later > > > apply any further updates, and verify/import the new GPG key. > > > > > > The process to getting new updates is two stage. > > > > > > Stage 1) Users configured to get updates from existing repos will see a > > > small set of updates available in the next few hours/days. These > > > updates include fedora-release, PackageKit, gnome-packagekit, and unique > > > (for Fedora 8, only fedora-release is offered). These updates should be > > > applied as soon as possible. > > > > > > Stage 2) Once the above updates have been applied, your update tools > > > (yum, PackageKit, pirut) will see a new repository and a larger set of > > > updates available. This is your new standard flow of updates, that will > > > continue to see new updates as the lifetime of Fedora 8 and 9 progress. > > > > > > There will be further milestones in the future that involve redirection > > > of release package repos to match that of updates, and removing of old > > > gpg key from rpm trust. > > > > > > For more details and an FAQ, please see > > > https://fedoraproject.org/w/index.php?title=Enabling_new_signing_key > > I can't make this work. No matter what I do there is a missing > > dependency reported for yum-utils of yum >= 3.2.19. My yum is 3.2.17.1. > > How do we fix this? > I'm wondering why the old key is not being directly disabled/removed after installing the new one. <conspiracy mode> Now packages signed with the old key can still be installed and could come from an untrusty source </conspiracy mode> Or do we have to wait for all the packages to be resigned? -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
