427514 – app-crypt/gnupg-2.0.19: 12 out of 15 gpgsm certificates are expired

Bug 427514 - app-crypt/gnupg-2.0.19: 12 out of 15 gpgsm certificates are expired

Summary: app-crypt/gnupg-2.0.19: 12 out of 15 gpgsm certificates are expired

Status:	RESOLVED UPSTREAM

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Current packages (show other bugs)
Hardware:	All Linux

Importance:	Normal normal (vote)
Assignee:	Crypto team [DISABLED]

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2012-07-21 16:38 UTC by Maxim Kammerer
Modified:	2013-01-12 21:11 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Maxim Kammerer 2012-07-21 16:38:13 UTC

When gpgsm is executed, if it doesn't find pubring.kbx, it will initialize one with certificates in /usr/share/gnupg/com-certs.pem. Most users using GNU Privacy Assistant (app-crypt/gpa) will see this, since GPA lists both gpg and gpgsm keys / certificates.

Currently, /usr/share/gnupg/com-certs.pem contains 15 certificates, 12 of which are expired.

Relevant links:
http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=history;f=doc/com-certs.pem
http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=history;f=doc/qualified.txt

Comment 1 Alon Bar-Lev (RETIRED) gentoo-dev

2013-01-12 21:11:31 UTC

Hello,
We install whatever gnupg package provides.
Please take this upstream so next package will be updated with valid certificates.
Thanks,