gpg: aka "Darshit Shah <darnir@gnu.org>" [expired] gpg: Note: This key has expired! Primary key fingerprint: 7845 120B 07CB D8D6 ECE5 FF2B 2A17 43ED A91A 35B6 Subkey fingerprint: 6B98 F637 D879 C523 6E27 7C5C 64FF 90AA E8C7 0AF9 * ERROR: net-misc/wget-1.21.3-r1::gentoo failed (unpack phase): * PGP signature verification failed * * Call stack: ------------------------------------------------------------------- This is an unstable amd64 chroot image at a tinderbox (==build bot) name: 17.1_desktop_plasma_systemd_merged_usr-j5-20230311-164515 ------------------------------------------------------------------- gcc-config -l: [1] x86_64-pc-linux-gnu-12 * clang/llvm (if any): /usr/lib/llvm/15 15.0.7 Python 3.10.10 Available Rust versions: [1] rust-bin-1.67.1 * php cli (if any): HEAD of ::gentoo commit f490623150c29444f28c51148b0cc22a69a44636 Author: Repository mirror & CI <repomirrorci@gentoo.org> Date: Sat Mar 11 16:31:48 2023 +0000 2023-03-11 16:31:48 UTC emerge -qpvO net-misc/wget [ebuild R ] net-misc/wget-1.21.3-r1 USE="ipv6 nls pcre (ssl) verify-sig* zlib -cookie-check -debug -gnutls -idn -metalink -ntlm -static -test -uuid"
Created attachment 857335 [details] emerge-info.txt
Created attachment 857337 [details] emerge-history.txt
Created attachment 857339 [details] environment
Created attachment 857341 [details] etc.portage.tar.bz2
Created attachment 857343 [details] logs.tar.bz2
Created attachment 857345 [details] net-misc:wget-1.21.3-r1:20230311-200820.log
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6efa842ac4114bb18af18474883260cba12722ad commit 6efa842ac4114bb18af18474883260cba12722ad Author: Sam James <sam@gentoo.org> AuthorDate: 2023-03-13 20:48:04 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-03-13 20:48:04 +0000 net-misc/wget: update openpgp-keys version Closes: https://bugs.gentoo.org/900895 Signed-off-by: Sam James <sam@gentoo.org> net-misc/wget/wget-1.21.3-r1.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=659cab9931ee5424de3e993d656d9d3b9cb6dca3 commit 659cab9931ee5424de3e993d656d9d3b9cb6dca3 Author: Sam James <sam@gentoo.org> AuthorDate: 2023-03-13 20:47:30 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-03-13 20:47:30 +0000 sec-keys/openpgp-keys-wget: add 20230313 Closes: https://bugs.gentoo.org/900895 Signed-off-by: Sam James <sam@gentoo.org> sec-keys/openpgp-keys-wget/Manifest | 1 + .../openpgp-keys-wget-20230313.ebuild | 19 +++++++++++++++++++ 2 files changed, 20 insertions(+)
Still fails for me (key expired) with sec-keys/openpgp-keys-wget-20230313 installed.
(In reply to gentoo from comment #8) > Still fails for me (key expired) with sec-keys/openpgp-keys-wget-20230313 > installed. You're right - sorry, I thought I'd checked. I've pinged upstream.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=fd848cc2696798c83e34a941068420aa56b43460 commit fd848cc2696798c83e34a941068420aa56b43460 Author: Sam James <sam@gentoo.org> AuthorDate: 2023-03-15 05:12:31 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-03-15 05:44:59 +0000 profiles/base: mask ~net-misc/wget-1.21.3[verify-sig] Signing key is expired on Savannah. The same key is renewed elsewhere and the signature is valid, but it's easier to disable verify-sig here for now as it's not a new release. Recent Gemato got stricter with this which is how it appears now. Bug: https://bugs.gentoo.org/900895 Signed-off-by: Sam James <sam@gentoo.org> profiles/base/package.use.mask | 7 +++++++ 1 file changed, 7 insertions(+)