Uploaded image for project: 'MariaDB MaxScale'
  1. MariaDB MaxScale
  2. MXS-1394

Use new hash algorithm to sign Ubuntu/Debian repositories

    XMLWordPrintable

    Details

    • Type: Task
    • Status: Closed (View Workflow)
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 2.1.10, 2.2.1
    • Component/s: build
    • Labels:
      None
    • Sprint:
      2017-44, 2017-45

      Description

      Ubuntu xenial and Debian stretch expect a stronger signing key for apt repositories:

      W: GPG error: http://downloads.mariadb.com/MaxScale/2.1/debian stretch Release: The following signatures were invalid: 13CFDE6DD9EE9784F41AF0F670E4618A8167EE24
      W: The repository 'http://downloads.mariadb.com/MaxScale/2.1/debian stretch Release' is not signed.
      N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
      N: See apt-secure(8) manpage for repository creation and user configuration details.

      See https://juliank.wordpress.com/2016/03/14/dropping-sha-1-support-in-apt/ for more information.

      This should be taken care of ASAP, for the next minor release(s) of MaxScale; please don't wait for the next major release.

        Attachments

          Activity

            People

            Assignee:
            tturenko Timofey Turenko
            Reporter:
            kolbe Kolbe Kegel (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: