Bug 3770

Summary: rpm-3.0.1-12.5.2.i386.rpm signed by unknown key.
Product: [Retired] Red Hat Linux Reporter: Aleksey Nogin <aleksey>
Component: rpmAssignee: Jeff Johnson <jbj>
Status: CLOSED CURRENTRELEASE QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 5.2Keywords: Security
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2000-02-03 02:21:26 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Description Aleksey Nogin 1999-06-28 06:32:29 UTC
The package rpm-3.0.1-12.5.2.i386.rpm from ftp.rpm.org is
signed using PGP key 0x73B83325, but it is not clear where
to get the public key for the verification - public
keyservers do not have it and I could not find it on
ftp.rpm.org

Comment 1 Jay Turner 1999-06-28 12:29:59 UTC
This issue has been forwarded to a developer for further action.

Comment 2 Aleksey Nogin 2000-02-03 02:21:59 UTC
The rom-3.0.1-12.5.2.i386.rpm is now signed by _two_ keys that do not exist on
keyservers: 0x73B83325 and 0x1759C6EC

However, there are several newer packages that are properly signed, so I am
closing this report.