Re: [expert] tetex update RPMs GPG signatures

Vincent Danen Fri, 07 Dec 2001 12:14:30 -0800

On Thu Dec 06, 2001 at 02:46:14PM -0600, David Wollmann wrote:

> I just downloaded several mdk 7.1 update RPMs from:
> 
> ftp://download.sourceforge.net/pub/mirrors/mandrake/updates/7.1
> 
> I ran `rpm --checksig ...' against the downloaded RPMs and noticed that
> two of them do not have valid GPG signatures:
> 
> 
> tetex-1.0.7-6.1mdk.i586.rpm: MD5 GPG NOT OK
> tetex-doc-1.0.7-6.1mdk.i586.rpm: MD5 GPG NOT OK
> 
> 
> I haven't checked these files on other servers.
> 
> Any chance we can get someone to check this out and see what the problem 
> is?


I assume you have the security team gpg keys installed?  (Of course
you do, otherwise they would all fail).  I know the files are fine
because:

(vdanen@logan: /mnt/updates/BIG/updates/7.1/RPMS)$ rpm --checksig tetex*
tetex-1.0.7-6.1mdk.i586.rpm: md5 gpg OK
tetex-afm-1.0.7-6.1mdk.i586.rpm: md5 gpg OK
tetex-doc-1.0.7-6.1mdk.i586.rpm: md5 gpg OK
tetex-dvilj-1.0.7-6.1mdk.i586.rpm: md5 gpg OK
tetex-dvips-1.0.7-6.1mdk.i586.rpm: md5 gpg OK
tetex-latex-1.0.7-6.1mdk.i586.rpm: md5 gpg OK
tetex-xdvi-1.0.7-6.1mdk.i586.rpm: md5 gpg OK
(vdanen@logan: /mnt/updates/BIG/updates/7.1/RPMS)$

Can you do a "rpm --checksig -v" on the two packages and see exactly
what fails?  You may have had a bad download.

-- 
OpenPGP key available on www.keyserver.net
1024D/FE6F2AFD   88D8 0D23 8D4B 3407 5BD7  66F9 2043 D0E5 FE6F 2AFD

Current Linux kernel 2.4.8-34.1mdk uptime: 17 days 21 hours 43 minutes.

msg45734/pgp00000.pgp
Description: PGP signature

Re: [expert] tetex update RPMs GPG signatures

Reply via email to