[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug #25791] grep-2.5.4 source tarball signed with wrong/inaccessible pu
[bug #25791] grep-2.5.4 source tarball signed with wrong/inaccessible public key
Sun, 08 Mar 2009 11:26:45 +0000
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9a4pre) Gecko/20080310 SeaMonkey/1.5a
Summary: grep-2.5.4 source tarball signed with
wrong/inaccessible public key
Submitted by: brendaarkle
Submitted on: Sun 08 Mar 2009 11:26:42 AM GMT
Severity: 3 - Normal
Item Group: None
Assigned to: None
Discussion Lock: Any
I've just downloaded grep-2.5.4.tar.bz2 and its accompanying
gpg --verify *.sig produced...
gpg: Signature made Tue 10 Feb 2009 04:42:18 GMT using DSA key ID 9F759EEC
gpg: Can't check signature: public key not found
My "fetch" script (running from the MIT server) said the
key wasn't found.
Searching on the web for 9F759EEC produced a link to
which no longer has a trace of this key Moreover, it helpfully
tells me that I can import the keyring into gpg after
downloading it, but not where I can find it in the first place.
Clearly, this is a key which used to exist but has now been
withdrawn... but still, what is going on?
Reply to this item at:
Message sent via/by Savannah
|[Prev in Thread]
||[Next in Thread]|
- [bug #25791] grep-2.5.4 source tarball signed with wrong/inaccessible public key,
Bernard Leak <=