Hi, I spent this weekend understanding why when update my vm to F38 branched I got a lot of [1] the key ID d651ff2e is "our" key RPM-GPG- KEY-rpmfusion-free-fedora-2020
For an introduction to this topic I recommend this 2 articles [2] . In resume rpm sign with SHA1 aren't installed in F38 unless we change the defaul crypto police (update-crypto-policies --set LEGACY) , I wrote in https://discussion.fedoraproject.org/t/header-v3-rsa-sha1-signature-key-id-d651ff2e-bad/42350/4 one solution . And I have checked all rpmfusion packages with fc36 have SHA1 when now we need to have SHA256 , ATM I found these 5 packages [3] , which I will rebuild it to be signed again or have you other suggestions ? Best regards, [3] rfpkg-minimal-0.4.2-1.fc36.noarch.rpm rpmfusion-free-obsolete-packages-35-1.fc36.noarch.rpm wormsofprey-data-20051221-15.fc36.noarch.rpm lpf-cleartype-fonts-1.0-3.fc36.noarch.rpm lpf-mscore-tahoma-fonts-1.0-3.fc36.noarch.rpm [1] Running transaction check error: rpmdbNextIterator: skipping h# 1777 Header V3 RSA/SHA1 Signature, key ID d651ff2e: BAD Header SHA256 digest: OK Header SHA1 digest: OK [2] https://www.scrye.com/wordpress/nirik/2023/01/31/error-rpmdbnextiterator-skipping-in-fedora-38/ https://ask.fedoraproject.org/t/popular-third-party-rpms-fail-to-install-update-remove-due-to-security-policies-verification/31594 -- Sérgio M. B. _______________________________________________ rpmfusion-users mailing list -- rpmfusion-users@lists.rpmfusion.org To unsubscribe send an email to rpmfusion-users-le...@lists.rpmfusion.org
