Invalid signature for Releases packages

To: debian-security@lists.debian.org, ftpmaster@debian.org
Subject: Invalid signature for Releases packages
From: Gaëtan Duchaussois <duchaussois@arise.iiens.net>
Date: Wed, 15 Feb 2006 15:50:04 +0100
Message-id: <[🔎] 1140015004.6037.23.camel@aspire>

Hi,
I use apt-check-sigs to check the signature of Release packages before
making an apt-get install/upgrade.
Since January the 1st, apt-check-sigs complains about bad sigs for
Source: deb-src ftp://ftp.fr.debian.org/debian/ sarge main contrib
non-free on all mirrors.
Release packages are signed with the 2005 key, which has expired,
whereas the Security releases are signed with 2006 key. Could you sign
all releases packages with the 2006 key?

Thanks In advance,

Gaëtan Duchaussois

Reply to:

Prev by Date: Re: Bug#350964: CVE-2006-0225, scponly shell command possible
Next by Date: tartini (one of the security mirrors) unreliable
Previous by thread: Re: Bug#350964: CVE-2006-0225, scponly shell command possible
Next by thread: tartini (one of the security mirrors) unreliable
Index(es):
- Date
- Thread