From: Ralf Mardorf <ralf.mardorf@alice-dsl.net>
To: Daniel Wagner <wagi@monom.org>,
linux-rt-users <linux-rt-users@vger.kernel.org>
Subject: Re: [ANNOUNCE] 4.19.233-rt105
Date: Fri, 18 Mar 2022 18:42:49 +0100 [thread overview]
Message-ID: <20220318184249.39b17ee0@archlinux> (raw)
In-Reply-To: <20220318180057.7a223148@archlinux>
On Fri, 18 Mar 2022 18:00:57 +0100, Ralf Mardorf wrote:
>On Fri, 18 Mar 2022 10:45:35 +0100, Daniel Wagner wrote:
>>$ gpg pgpkeys/keys/587C5ECA5D0A306C.asc
>that's the wrong key:
>
>
>[rocketmouse@archlinux linux-rt]$ gzip -cd
>patch-4.19.233-rt105.patch.gz | gpg2 --verify
>patch-4.19.233-rt105.patch.sign - gpg: Signature made Fri 11 Mar 2022
>09:10:11 CET gpg: using EDDSA key
>1B45744BE36280CA7D6BD460E072D068B1F5703E
> ^^^^^^^^^^^^^^^^
> 587C5ECA5D0A306C.asc
>
>
>Importing your key from a keyserver (e.g. from
>hkp://keyserver.ubuntu.com) isn't an issue at all.
>
>The rt-patch was either signed with another key (E072D068B1F5703E
>instead of 587C5ECA5D0A306C) or the uploaded patch is malicious.
>
>The patch was downloaded from
>https://www.kernel.org/pub/linux/kernel/projects/rt/ :
>
>
>[rocketmouse@archlinux ~]$ head -24 /usr/src/linux-rt-rm/PKGBUILD
>[snip]
>_pkgver=4.19.233
>_rtpatchver=105
>pkgver="${_pkgver}_rt${_rtpatchver}"
>[snip]
>source=(
> "https://www.kernel.org/pub/linux/kernel/v${_pkgver%%.*}.x/linux-${_pkgver}.tar.gz"
> "https://www.kernel.org/pub/linux/kernel/v${_pkgver%%.*}.x/linux-${_pkgver}.tar.sign"
> "https://www.kernel.org/pub/linux/kernel/projects/rt/${_pkgver%.*}/older/patch-${_pkgver}-rt${_rtpatchver}.patch.gz"
> "https://www.kernel.org/pub/linux/kernel/projects/rt/${_pkgver%.*}/older/patch-${_pkgver}-rt${_rtpatchver}.patch.sign"
PS: [de]/[en]
[de]
Ich habe das Patch weder über git bekommen, noch habe ich die xz Dateien
heruntergeladen. Ich habe die gz Dateien heruntergeladen.
Die gz Patch-Datei wurde mit einem anderen Schlüssel signiert. Dieser
Schlüssel scheint nicht verfügbar zu sein.
[en]
I didn't get the patch from git, neither did I download the xz
related files. I downloaded the gz related files.
The gz patch file is signed with another key. This key seems to be
unavailable.
next prev parent reply other threads:[~2022-03-18 17:43 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-03-11 8:19 [ANNOUNCE] 4.19.233-rt105 Daniel Wagner
2022-03-18 5:01 ` Ralf Mardorf
2022-03-18 8:48 ` Daniel Wagner
[not found] ` <20220318102051.483333f2@archlinux>
2022-03-18 9:27 ` Ralf Mardorf
2022-03-18 9:45 ` Daniel Wagner
2022-03-18 17:00 ` Ralf Mardorf
2022-03-18 17:42 ` Ralf Mardorf [this message]
2022-03-21 8:36 ` Daniel Wagner
2022-03-21 10:13 ` Ralf Mardorf
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220318184249.39b17ee0@archlinux \
--to=ralf.mardorf@alice-dsl.net \
--cc=linux-rt-users@vger.kernel.org \
--cc=wagi@monom.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.