GPG error: http://security.ubuntu.com quantal-security Release: The following signatures were invalid: BADSIG 40976EAF437D05B5 Ubuntu Archive Automatic Signing Key <email address hidden>
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
apt (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
When running "apt-get update", I see these warnings:
Reading package lists... Error!
W: GPG error: http://
W: GPG error: http://
Following the advice on http://
I deleted the lists and updated again but the error persists.
I also tried to add the key:
> apt-key adv --keyserver keyserver.
Executing: gpg --ignore-
gpg: requesting key 437D05B5 from hkp server keyserver.
gpg: key 437D05B5: "Ubuntu Archive Automatic Signing Key <email address hidden>" not changed
gpg: Total number processed: 1
gpg: unchanged: 1
So the key seems to be installed already and it seems to be correct.
What should I do next?
PS: I flagged this as security vulnerability since it prevents me from installing security updates.
information type: | Private Security → Public Security |
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find.