3770 – rpm-3.0.1-12.5.2.i386.rpm signed by unknown key.

Bug 3770 - rpm-3.0.1-12.5.2.i386.rpm signed by unknown key.

Summary: rpm-3.0.1-12.5.2.i386.rpm signed by unknown key.

Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Red Hat Linux
Classification:	Retired
Component:	rpm
Sub Component:
Version:	5.2
Hardware:	i386
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Jeff Johnson
QA Contact:
Docs Contact:
URL:
Whiteboard:
Keywords:	Security
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	1999-06-28 06:32 UTC by Aleksey Nogin
Modified:	2008-05-01 15:37 UTC (History)
CC List:	0 users
Fixed In Version:
Doc Type:
Doc Text:	(edit)
Clone Of:
Environment:	(edit)
Last Closed:	2000-02-03 02:21:26 UTC

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description Aleksey Nogin 1999-06-28 06:32:29 UTC

The package rpm-3.0.1-12.5.2.i386.rpm from ftp.rpm.org is
signed using PGP key 0x73B83325, but it is not clear where
to get the public key for the verification - public
keyservers do not have it and I could not find it on
ftp.rpm.org

Comment 1 Jay Turner 1999-06-28 12:29:59 UTC

This issue has been forwarded to a developer for further action.

Comment 2 Aleksey Nogin 2000-02-03 02:21:59 UTC

The rom-3.0.1-12.5.2.i386.rpm is now signed by _two_ keys that do not exist on
keyservers: 0x73B83325 and 0x1759C6EC

However, there are several newer packages that are properly signed, so I am
closing this report.

Note You need to log in before you can comment on or make changes to this bug.