9883 – Some tainted packages signed with unknown key

Bug 9883 - Some tainted packages signed with unknown key

Summary: Some tainted packages signed with unknown key

Status:	RESOLVED INVALID

Alias:	None

Product:	Infrastructure
Classification:	Unclassified
Component:	BuildSystem (show other bugs)
Version:	unspecified
Hardware:	x86_64 Linux

Priority:	release_blocker Severity: normal
Target Milestone:	---
Assignee:	Sysadmin Team
QA Contact:

URL:
Whiteboard:
Keywords:	NEEDINFO

Depends on:
Blocks:	8016
	Show dependency tree / graph

Reported:	2013-04-27 02:11 CEST by Dave Hodgins
Modified:	2014-05-08 18:04 CEST (History)
CC List:	2 users (show)

See Also:
Source RPM:	faad2-2.7-6.mga3.tainted.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Dave Hodgins 2013-04-27 02:11:54 CEST

The following packages have bad signatures:                                              
/var/cache/urpmi/rpms/lib64faad2-2.7-6.mga3.tainted.x86_64.rpm: Medium without key (OK (RSA/SHA1, Fri 11 Jan 2013 03:40:43 PM EST, Key ID b742fa8b80420f66))
/var/cache/urpmi/rpms/lib64lame0-3.99.5-3.mga3.tainted.x86_64.rpm: Medium without key (OK (RSA/SHA1, Sat 12 Jan 2013 06:38:52 AM EST, Key ID b742fa8b80420f66))
/var/cache/urpmi/rpms/lib64yaml0_2-0.1.4-6.mga3.nonfree.x86_64.rpm: Medium without key (OK (RSA/SHA1, Thu 17 Jan 2013 08:45:51 PM EST, Key ID b742fa8b80420f66))


Reproducible: 

Steps to Reproduce:

Dave Hodgins 2013-04-27 02:12:29 CEST

Priority: Normal => release_blocker
Blocks: (none) => 8016

Comment 1 Dave Hodgins 2013-04-27 02:14:28 CEST

Also showing up for all of the other tainted packages being installed.

Comment 2 Manuel Hiebel 2013-04-27 12:45:59 CEST

from where does they come ?

CC: (none) => pterjan

Comment 3 Pascal Terjan 2013-04-27 12:58:45 CEST

The signature is correct, the problem is "Medium without key" which I understand to mean that there is no key configured for this media in your urpmi config.

Comment 4 Nicolas Vigier 2013-04-27 17:13:18 CEST

"urpmi.update --force-key 'media name'" should add the key in urpmi config.

CC: (none) => boklm

Manuel Hiebel 2013-05-10 22:43:07 CEST

Keywords: (none) => NEEDINFO

Comment 5 Dave Hodgins 2013-05-11 00:36:40 CEST

Closing as invalid.  With the patch to have mgaapplet
properly enable Nonfree and tainted, the packages are
installing ok.

Status: NEW => RESOLVED
Resolution: (none) => INVALID

Nicolas Vigier 2014-05-08 18:04:45 CEST

CC: boklm => (none)

Note You need to log in before you can comment on or make changes to this bug.