diff options
author | Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org> | 2020-11-14 22:26:00 +0100 |
---|---|---|
committer | Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org> | 2020-11-15 00:30:52 +0100 |
commit | 118d591080849f23a5c60a81c85d4cc3bfe7da04 (patch) | |
tree | 160b310fc9b2837b210bf685d72dd9ffc64912b1 /libre/sdl/SDL-1.2.15-CVE-2019-7577-Fix-a-buffer-overread-in-MS_ADPCM_deco.patch | |
parent | 0ff6d9c9e5b521cbc5a5ba0ef75ee3f45f9e1396 (diff) | |
download | abslibre-118d591080849f23a5c60a81c85d4cc3bfe7da04.tar.gz abslibre-118d591080849f23a5c60a81c85d4cc3bfe7da04.tar.bz2 abslibre-118d591080849f23a5c60a81c85d4cc3bfe7da04.zip |
libre: rebuild linux-libre-api-headers
Some key packages are signed by bill-auger, however for some reasons,
creating a chroot with librechroot results in an error related to
Bill's key. For instance if we create a new chroot with the following
commands:
$ sudo rm -rf /var/lib/archbuild/parabola-x86_64/
$ sudo librechroot -n parabola-x86_64 -A x86_64 make
We end up with:
(116/116) checking package integrity [...] 100%
error: linux-libre-api-headers: signature from "bill-auger
<bill-auger@peers.community>" is unknown trust
:: File
/var/cache/pacman/pkg/linux-libre-api-headers-5.8.13_gnu-1-x86_64.pkg.tar.xz
is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]
To make sure it wasn't an issue only affecting my builder, I made
the host recreate the /etc/pacman.d/gnupg directory from scratch
after deleting this directory and killing all gpg, dirmngr and
gpg-agent instances. I then refreshed the keys, during that,
Bill's key was not updated:
gpg: key 25DB7D9B5A8D4B40: "bill-auger <bill-auger@peers.community>"
not changed
After that this problem persisted.
It also affects the reinstallation of some key packages on the host
as well:
# pacman -S linux-libre-api-headers
warning: linux-libre-api-headers-5.8.13_gnu-1 is up to date -- reinstalling
[...]
(1/1) checking package integrity [...]
error: linux-libre-api-headers: signature from
"bill-auger <bill-auger@peers.community>" is unknown trust
:: File
/var/cache/pacman/pkg/linux-libre-api-headers-5.8.13_gnu-1-x86_64.pkg.tar.xz
is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n] n
error: failed to commit transaction (invalid or corrupted package
(PGP signature))
Errors occurred, no packages were upgraded.
So in order to be able to enable Parabola hackers to still build
packages, and not end up in a chicken and egg issue, I'll try to
rebuild it from the librechroot(s) that I have left.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
Diffstat (limited to 'libre/sdl/SDL-1.2.15-CVE-2019-7577-Fix-a-buffer-overread-in-MS_ADPCM_deco.patch')
0 files changed, 0 insertions, 0 deletions