New pgdg-keyring version 2013.1

From: Christoph Berg <christoph(dot)berg(at)credativ(dot)de>
To: PostgreSQL in Debian <pgsql-pkg-debian(at)postgresql(dot)org>
Subject: New pgdg-keyring version 2013.1
Date: 2013-10-10 08:31:15
Views: Raw Message | Whole Thread | Download mbox | Resend email
Lists: pgsql-pkg-debian

There is an upcoming issue with the key used to sign the repository:

The key shipped with pgdg-keyring 2012.1 will expire later this week,
namely on 2013-10-13. The key provided on the website,
and used by the installation instructions [1,2] was already extended to
last until 2016 earlier this year.


The new pgdg-keyring package version 2013.1 will update the key in
apt's "trusted keys" database to this new expiration date.

Users should upgrade the pgdg-keyring package before the end of this
week in order to avoid later apt warnings. This is harmless to do even
on production systems as it merely replaces a file in /etc/apt/.

To check whether you are affected, do:
# sudo apt-key list
pub 4096R/ACCC4CF8 2011-10-13 [expires: 2016-02-24]
uid PostgreSQL Debian Repository

pub 4096R/ACCC4CF8 2011-10-13 [expires: 2013-10-13]
uid PostgreSQL Debian Repository

If the 2013-10-13 key is listed, you should upgrade the pgdg-keyring
package. Unfortunately, apt will use the second copy of the key here,
even if there is a newer one.

If it is already past that date, and you get apt warnings about
expired signatures, delete that file:
# sudo rm /etc/apt/trusted.gpg.d/
and run "apt-get update" again.

cb(at)df7cb(dot)de |

In response to

Browse pgsql-pkg-debian by date

  From Date Subject
Next Message repository 2013-10-10 12:05:37 pgdg-keyring updated to version 2013.2
Previous Message 刘智勇 2013-10-10 08:15:39 Re: pgdg-keyring updated to version 2013.1