[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: GPG error in squeeze


* Olivier Bonvalet <debian.list@daevel.fr> [2011-02-08 10:36:29 CET]:
> I don't know to which person send that error, so I try here.

 Right - but there is a thread about this already on this very list.
Please scim at least through the last messages wether you would report a
duplicate. :)

> Then if I do an "aptitude update", I obtain :
> W: GPG error: http://backports.debian.org squeeze-backports Release: The  
> following signatures were invalid: BADSIG 9AA38DCD55BE302B Debian  
> Archive Automatic Signing Key (5.0/lenny) <ftpmaster@debian.org>

 Right, this is currently under inspection. From my investigation this
only affects people that directly fetch from backports.debian.org, it
does not seem to affect the mirrors, the broken signature doesn't seem
to have been pushed outside (yet).

> I can't find any "debian-backports-keyring" package, like in Lenny.

 There isn't expected to be one because the Release files now get signed
with the regular key that is part of the debian-archive-keyring package
for the main pool already.

> Do you know what is the problem ?

 Not exactly yet, it's still under inspection. Please use a mirror for
now if you are in a rush and need for updated packages. Also please
notice that there are no packages in squeeze-backports yet because the
first flow of packages from unstable to testing (wheezy) just happened
two days ago so people doing the backports should test them before
uploads anyway. No need to rush here. :)

"What are the differences between Mark Zuckerberg and me? I give private
 information on corporations to you for free, and I'm a villain.
 Zuckerberg gives your private information to corporations for money and
 he's Man of the Year."         -- Julian Assange

Reply to: