Arch Linux

Please read this before reporting a bug:
https://wiki.archlinux.org/index.php/Reporting_Bug_Guidelines

Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!
Tasklist

FS#46332 - [pidgin] PGP Key got revoked

Attached to Project: Arch Linux
Opened by Lex Black (TrialnError) - Thursday, 17 September 2015, 22:11 GMT
Last edited by Evangelos Foutras (foutrelis) - Thursday, 17 September 2015, 23:04 GMT
Task Type General Gripe
Category Packages: Extra
Status Closed
Assigned To No-one
Architecture All
Severity Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

Description:

The key listed in validpgpkeys isn't valid anymore.
While trying to build the package produces the following error for me:

==> Verifying source file signatures with gpg...
pidgin-2.10.11.tar.bz2 ... FAILED (public key 4E8D870E4C292FCC has been revoked)
==> ERROR: One or more PGP signatures could not be verified!


But I didn't found a news with more information about this
This task depends upon

Closed by  Evangelos Foutras (foutrelis)
Thursday, 17 September 2015, 23:04 GMT
Reason for closing:  Fixed
Comment by Evangelos Foutras (foutrelis) - Thursday, 17 September 2015, 23:04 GMT
I think Mark simply migrated to a newer more secure key and revoked the old one. [1]

I've removed the signature check in /trunk; the change should appear in ABS within a day.

[1] http://pgp.mit.edu/pks/lookup?search=Mark+Doliner&op=index

Loading...