Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
FS#47921 - archlinux-keyring should be upgraded before other packages to prevent inadvertent PGP errors
Attached to Project:
Arch Linux
Opened by Max Pray (synthead) - Thursday, 28 January 2016, 04:03 GMT
Last edited by Doug Newgard (Scimmia) - Thursday, 28 January 2016, 04:24 GMT
Opened by Max Pray (synthead) - Thursday, 28 January 2016, 04:03 GMT
Last edited by Doug Newgard (Scimmia) - Thursday, 28 January 2016, 04:24 GMT
|
DetailsDescription: archlinux-keyring should be upgraded before other packages (much like pacman). Attempting to install new packages signed by new trusted users before upgrading archlinux-keyring will throw a PGP error that claims that the package is corrupt.
An example of this is "confuse", version 2.8-2, signed by Thorsten Töpper. Before installing "archlinux-keyring" version 20160123-1, this message is displayed: error: confuse: signature from "Thorsten Töpper <atsutane@freethoughts.de>" is unknown trust :: File /var/cache/pacman/pkg/confuse-2.8-2-x86_64.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)). Do you want to delete it? [Y/n] As a workaround, archlinux-keyring can be specifically upgraded and affected packages should upgrade without an issue. |
This task depends upon
Closed by Doug Newgard (Scimmia)
Thursday, 28 January 2016, 04:24 GMT
Reason for closing: Duplicate
Additional comments about closing: FS#47892
Thursday, 28 January 2016, 04:24 GMT
Reason for closing: Duplicate
Additional comments about closing: