Ubuntu
ubuntu-keyring package

Can't be used to verify current trusty images

Bug #1331057 reported by dann frazier
16
This bug affects 3 people
Affects Status Importance Assigned to Milestone
ubuntu-cloudimage-keyring (Ubuntu)
Invalid
Undecided
Unassigned
ubuntu-keyring (Ubuntu)
Fix Released
Undecided
Unassigned

Bug Description

The description of this package says "This package contains the keys used for files on cloud-images.ubuntu.com." However, the checksum files are signed with keyid 7DB87C81, which I can't find in this package.

ubuntu@server-46af3152-8a83-4995-8dfb-e3b2d07e0841:~$ wget http://cloud-images.ubuntu.com/trusty/current/SHA256SUMS http://cloud-images.ubuntu.com/trusty/current/SHA256SUMS.gpg
ubuntu@server-46af3152-8a83-4995-8dfb-e3b2d07e0841:~$ gpg --verify SHA256SUMS.gpg SHA256SUMS
gpg: Signature made Sat 14 Jun 2014 01:03:39 PM UTC using RSA key ID 7DB87C81
gpg: Can't check signature: public key not found
ubuntu@server-46af3152-8a83-4995-8dfb-e3b2d07e0841:~$ gpg --keyring /usr/share/keyrings/ubuntu-cloudimage-keyring.gpg --list-keys/usr/share/keyrings/ubuntu-cloudimage-keyring.gpg
-------------------------------------------------
pub 4096R/476CF100 2012-10-27
uid Ubuntu Cloud Image Builder (Canonical Internal Cloud Image Builder) <email address hidden>
sub 4096R/9D817405 2012-10-27

ubuntu@server-46af3152-8a83-4995-8dfb-e3b2d07e0841:~$ dpkg -l ubuntu-cloudimage-keyring
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-p end
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Description
+++-==========================-==================-==================-=========================================================
ii ubuntu-cloudimage-keyring 2013.11.11 all GnuPG keys of the Ubuntu Cloud Image builder

Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in ubuntu-cloudimage-keyring (Ubuntu):
status: New → Confirmed
Dimitri John Ledkov (xnox)
Changed in ubuntu-keyring (Ubuntu):
status: New → In Progress
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package ubuntu-keyring - 2018.02.05

---------------
ubuntu-keyring (2018.02.05) bionic; urgency=medium

  * Ship the current ubuntu-cloudimage-keyring in the ubuntu-keyring
    package. LP: #1331057
  * Ship ubuntu-cloud-keyring for Cloud Archive signing keys, as a
    separate keyring in /etc/apt/trusted.gpg.d/, and remove it from the
    trusted.gpg keyring as no longer needed to be there.
  * Ship ubuntu-dgbsym key
  * Specify udeb Package-Type and bump priority to standard.
  * Bump standards version

 -- Dimitri John Ledkov <email address hidden> Wed, 17 Jan 2018 16:01:45 +0000

Changed in ubuntu-keyring (Ubuntu):
status: In Progress → Fix Released
Dimitri John Ledkov (xnox)
Changed in ubuntu-cloudimage-keyring (Ubuntu):
status: Confirmed → Invalid
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.