From: Ralf Mardorf <ralf.mardorf@alice-dsl.net>
To: Daniel Wagner <wagi@monom.org>,
linux-rt-users <linux-rt-users@vger.kernel.org>
Subject: Re: [ANNOUNCE] 4.19.233-rt105
Date: Fri, 18 Mar 2022 18:42:49 +0100 [thread overview]
Message-ID: <20220318184249.39b17ee0@archlinux> (raw)
In-Reply-To: <20220318180057.7a223148@archlinux>
On Fri, 18 Mar 2022 18:00:57 +0100, Ralf Mardorf wrote:
>On Fri, 18 Mar 2022 10:45:35 +0100, Daniel Wagner wrote:
>>$ gpg pgpkeys/keys/587C5ECA5D0A306C.asc
>that's the wrong key:
>
>
>[rocketmouse@archlinux linux-rt]$ gzip -cd
>patch-4.19.233-rt105.patch.gz | gpg2 --verify
>patch-4.19.233-rt105.patch.sign - gpg: Signature made Fri 11 Mar 2022
>09:10:11 CET gpg: using EDDSA key
>1B45744BE36280CA7D6BD460E072D068B1F5703E
> ^^^^^^^^^^^^^^^^
> 587C5ECA5D0A306C.asc
>
>
>Importing your key from a keyserver (e.g. from
>hkp://keyserver.ubuntu.com) isn't an issue at all.
>
>The rt-patch was either signed with another key (E072D068B1F5703E
>instead of 587C5ECA5D0A306C) or the uploaded patch is malicious.
>
>The patch was downloaded from
>https://www.kernel.org/pub/linux/kernel/projects/rt/ :
>
>
>[rocketmouse@archlinux ~]$ head -24 /usr/src/linux-rt-rm/PKGBUILD
>[snip]
>_pkgver=4.19.233
>_rtpatchver=105
>pkgver="${_pkgver}_rt${_rtpatchver}"
>[snip]
>source=(
> "https://www.kernel.org/pub/linux/kernel/v${_pkgver%%.*}.x/linux-${_pkgver}.tar.gz"
> "https://www.kernel.org/pub/linux/kernel/v${_pkgver%%.*}.x/linux-${_pkgver}.tar.sign"
> "https://www.kernel.org/pub/linux/kernel/projects/rt/${_pkgver%.*}/older/patch-${_pkgver}-rt${_rtpatchver}.patch.gz"
> "https://www.kernel.org/pub/linux/kernel/projects/rt/${_pkgver%.*}/older/patch-${_pkgver}-rt${_rtpatchver}.patch.sign"
PS: [de]/[en]
[de]
Ich habe das Patch weder über git bekommen, noch habe ich die xz Dateien
heruntergeladen. Ich habe die gz Dateien heruntergeladen.
Die gz Patch-Datei wurde mit einem anderen Schlüssel signiert. Dieser
Schlüssel scheint nicht verfügbar zu sein.
[en]
I didn't get the patch from git, neither did I download the xz
related files. I downloaded the gz related files.
The gz patch file is signed with another key. This key seems to be
unavailable.
next prev parent reply other threads:[~2022-03-18 17:43 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-03-11 8:19 [ANNOUNCE] 4.19.233-rt105 Daniel Wagner
2022-03-18 5:01 ` Ralf Mardorf
2022-03-18 8:48 ` Daniel Wagner
[not found] ` <20220318102051.483333f2@archlinux>
2022-03-18 9:27 ` Ralf Mardorf
2022-03-18 9:45 ` Daniel Wagner
2022-03-18 17:00 ` Ralf Mardorf
2022-03-18 17:42 ` Ralf Mardorf [this message]
2022-03-21 8:36 ` Daniel Wagner
2022-03-21 10:13 ` Ralf Mardorf
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220318184249.39b17ee0@archlinux \
--to=ralf.mardorf@alice-dsl.net \
--cc=linux-rt-users@vger.kernel.org \
--cc=wagi@monom.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox