[cups] CUPS 2.2.8 Now Available
Michael Sweet
msweet at apple.com
Wed Jun 6 05:17:24 PDT 2018
This is now done...
> On Jun 6, 2018, at 7:24 AM, Michael Sweet <msweet at apple.com> wrote:
>
> Johannes,
>
> It looks like the release was signed by my personal PGP key and not the Apple one. Will fix and re-post...
>
> Sent from my iPad
>
>> On Jun. 6, 2018, at 3:52 a.m., Johannes Meixner <jsmeix at suse.de> wrote:
>>
>>
>> Hello Michael
>>
>> On Jun 5 12:29 Michael Sweet wrote (excerpt):
>>> CUPS 2.2.8 ...
>>> https://github.com/apple/cups/releases/tag/v2.2.8
>>
>> There is an issue with the signature.
>>
>> When I download cups-2.2.8-source.tar.gz plus cups-2.2.8-source.tar.gz.sig
>> from the above URL I get
>> -----------------------------------------------------------------------------
>> gpg --verify cups-2.2.8-source.tar.gz.sig cups-2.2.8-source.tar.gz
>> gpg: Signature made Tue Jun 5 18:07:23 2018 CEST using RSA key ID 27815955
>> gpg: Can't check signature: No public key
>> -----------------------------------------------------------------------------
>>
>> In contrast that works with cups-2.2.7-source.tar.gz
>> plus cups-2.2.7-source.tar.gz.sig from
>> https://github.com/apple/cups/releases/tag/v2.2.7
>> -----------------------------------------------------------------------------
>> gpg --verify cups-2.2.7-source.tar.gz.sig cups-2.2.7-source.tar.gz
>> gpg: Signature made Tue Mar 27 18:02:16 2018 CEST using RSA key ID 35DA97EB
>> gpg: Good signature from "CUPS.org <security at cups.org>" [unknown]
>> gpg: WARNING: This key is not certified with a trusted signature!
>> gpg: There is no indication that the signature belongs to the owner.
>> Primary key fingerprint: 45D0 8394 6E30 3528 2B3C CA9A F434 1042 35DA 97EB
>> -----------------------------------------------------------------------------
>>
>> I have the "Current CUPS.org PGP Key" from https://www.cups.org/pgp.html
>> -----------------------------------------------------------------------------
>> gpg --list-keys
>> ...
>> pub 4096R/35DA97EB 2017-12-19 [expires: 2021-12-19]
>> uid [ unknown] CUPS.org <security at cups.org>
>> sub 4096R/4FBD127B 2017-12-19 [expires: 2021-12-19]
>> -----------------------------------------------------------------------------
>>
>> It seems the signature made for cups-2.2.8-source.tar.gz
>> with key ID 27815955 was the wrong key because it should
>> have been made with key ID 35DA97EB.
>>
>>
>> Kind Regards
>> Johannes Meixner
>> --
>> SUSE LINUX GmbH - GF: Felix Imendoerffer, Jane Smithard,
>> Graham Norton - HRB 21284 (AG Nuernberg)
>>
> _______________________________________________
> cups mailing list
> cups at cups.org
> https://lists.cups.org/mailman/listinfo/cups
_________________________________________________________
Michael Sweet, Senior Printing System Engineer
More information about the cups
mailing list