Uploaded image for project: 'XWiki Infrastructure'
  1. XWiki Infrastructure
  2. XINFRA-433

Debian repository GPG key needs to be updated

    XMLWordPrintable

Details

    • Task
    • Resolution: Fixed
    • Major
    • Debian
    • None
    • Unknown

    Description

      Using apt update on Debian 13 leads to following warning and information:

      Warning: http://maven.xwiki.org/lts-latest/Release.gpg: Policy will reject signature within a year, see --audit for details
Audit: http://maven.xwiki.org/lts-latest/Release.gpg: Sub-process /usr/bin/sqv returned an error code (1), error message is:
   Signing key on E5A298A7AF53948CC6CFD633F716794B93CC9C13 is not bound:
              No binding signature at time 2025-09-01T22:27:42Z
     because: Policy rejected non-revocation signature (PositiveCertification) requiring second pre-image resistance
     because: SHA1 is not considered secure since 2026-02-01T00:00:00Z

      Attachments

        Activity

          People

            tmortagne Thomas Mortagne
            surli Simon Urli
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: