Broken signatures on packages.sury.org

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Broken signatures on packages.sury.org

Matthew Pounsett
Beginning today, I'm seeing the following errors on systems that use
the ISC Debian packages:

Err:5 https://packages.sury.org/bind buster InRelease
  The following signatures were invalid: EXPKEYSIG B188E2B695BD4743
DEB.SURY.ORG Automatic Signing Key <[hidden email]>

I haven't seen any official word from ISC that there are new keys to
grab, so wanted to check that someone isn't messing about with your
repository.
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users
Reply | Threaded
Open this post in threaded view
|

Re: Broken signatures on packages.sury.org

Mark Andrews
I’ve pinged Ondrej but he is likely asleep as he is based in Europe.

> On 18 Mar 2021, at 10:15, Matthew Pounsett <[hidden email]> wrote:
>
> Beginning today, I'm seeing the following errors on systems that use
> the ISC Debian packages:
>
> Err:5 https://packages.sury.org/bind buster InRelease
>  The following signatures were invalid: EXPKEYSIG B188E2B695BD4743
> DEB.SURY.ORG Automatic Signing Key <[hidden email]>
>
> I haven't seen any official word from ISC that there are new keys to
> grab, so wanted to check that someone isn't messing about with your
> repository.
> __________________________________

--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742              INTERNET: [hidden email]

_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users
Reply | Threaded
Open this post in threaded view
|

Re: Broken signatures on packages.sury.org

Hugo Salgado
I found just today the same expiration of Ondrej key with some Debian php packages.

Was solved downloading the new one:
https://www.patreon.com/posts/dpa-new-signing-25451165

Hugo


On March 17, 2021 8:20:13 PM GMT-03:00, Mark Andrews <[hidden email]> wrote:
I’ve pinged Ondrej but he is likely asleep as he is based in Europe.

On 18 Mar 2021, at 10:15, Matthew Pounsett <[hidden email]> wrote:

Beginning today, I'm seeing the following errors on systems that use
the ISC Debian packages:

Err:5 https://packages.sury.org/bind buster InRelease
The following signatures were invalid: EXPKEYSIG B188E2B695BD4743
DEB.SURY.ORG Automatic Signing Key <[hidden email]>

I haven't seen any official word from ISC that there are new keys to
grab, so wanted to check that someone isn't messing about with your
repository.

--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: [hidden email]
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users

_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users