Bug 132068 - krb5-libs-1.2.7-28.i386.rpm has unknown GPG signature
krb5-libs-1.2.7-28.i386.rpm has unknown GPG signature
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: up2date (Show other bugs)
x86_64 Linux
medium Severity medium
: ---
: ---
Assigned To: Bret McMillan
Red Hat Satellite QA List
Depends On:
  Show dependency treegraph
Reported: 2004-09-08 11:26 EDT by William D. Hamblen
Modified: 2007-11-30 17:07 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2007-10-19 15:19:01 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description William D. Hamblen 2004-09-08 11:26:39 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7)
Gecko/20040626 Firefox/0.9.1

Description of problem:
# rpm -Kv krb5-libs-1.2.7-28.i386.rpm
    Header V3 DSA signature: NOKEY, key ID fb01147f
    Header SHA1 digest: OK (ebf673a20f533caf0c559ed0ca3b353b8d7098ed)
    MD5 digest: OK (4d44ef774ee51de3aad9a90ef2cd9b83)
    V3 DSA signature: NOKEY, key ID fb01147f

Note, this is on an x86_64 platform but up2date apparently wishes to
install a set of i386 libraries.  Interestingly, this package does not
show up on the system's RHN page (actually both my x86_64 systems
behave identically).

Almost certainly unrelated, but maybe not - crash-3.8-3 does show up
as being outdated on RHN (the systems have crash-3.7-5) but it doesn't
come over when I run up2date.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. Install RHEL WS 3.0 X86_64
2. Run up2date to get all updates
3. krb5-libs*.i386 has an invalid GPG sig

Additional info:
Comment 1 Adrian Likins 2004-09-08 19:00:19 EDT
Checking the krb5-libs-1.2.7-28.i386.rpm from the x86_64 rhel3
channel and it looks to be okay.

Are you behind a proxy that might be caching a corrupt
Comment 2 William D. Hamblen 2004-09-09 17:07:52 EDT
Yes, we are behind a proxy.

So, the admin here cleared our proxy and I deleted the contents of
/var/spool/up2date on one of the affected machines.  Then I reran
up2date and got the same error about an invalid GPG sig.

Next I went to the channels page and manually downloaded the
krb5-libs-1.2.7-28.i386.rpm for x86_64 and moved it into
/var/spool/up2date.  Ran up2date and it worked fine.  The "new" rpm's
key looks like this which you can see is different than what I had

# rpm -Kv krb5-libs-1.2.7-28.i386.rpm
    Header V3 DSA signature: OK, key ID db42a60e
    Header SHA1 digest: OK (543c1ebde3e8e0a806b4dfeb4d140f94e1799206)
    MD5 digest: OK (fc2b636ee9a926547fd3e5d2227cfcf3)
    V3 DSA signature: OK, key ID db42a60e

Is it possible that there is a bad version of the krb5 stuff floating
around on one of the servers there?  I've heard secondhand that
someone else had an invalid sig problem with krb5-devel (also from our

I still have one machine that is unpatched if there is something you
want me to try.

Comment 3 RHEL Product and Program Management 2007-10-19 15:19:01 EDT
This bug is filed against RHEL 3, which is in maintenance phase.
During the maintenance phase, only security errata and select mission
critical bug fixes will be released for enterprise products. Since
this bug does not meet that criteria, it is now being closed.
For more information of the RHEL errata support policy, please visit:
If you feel this bug is indeed mission critical, please contact your
support representative. You may be asked to provide detailed
information on how this bug is affecting you.

Note You need to log in before you can comment on or make changes to this bug.