diff options
| author | Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org> | 2021-11-21 04:43:11 +0100 |
|---|---|---|
| committer | Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org> | 2021-11-21 04:53:17 +0100 |
| commit | 02c4384f1077233b0f07bbf69417603e30676b43 (patch) | |
| tree | c35ae0fa8fb1c07c45affbf18b65609a652bd575 | |
| parent | 48992f9bd4b321688ee3dd99cd2c29776a63f41e (diff) | |
libre: pacman-mirrorlist: bump package revision to workaround expired key
Without that fix, we have the following error while
installing or upgrading mkinitcpio:
error: pacman-mirrorlist: signature from "bill-auger <bill-auger@peers.community>" is unknown trust
:: File /var/cache/pacman/pkg/pacman-mirrorlist-20210803-1.parabola1-any.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
This is because the corresponding gpg key is expired.
Key expirations often happen when because there are
conflicting best security practices with key expiration
dates: for long term software releases, it's better if
the key don't have too short expiration dates, especially if
users can't easily update the key, but short key expirations
help a lot for security and for uses cases like mail, if you
loose your key, having a short expiration date will ensure
that people will (shortly) stop sending you mail that you
can't decrypt.
In addition keeping a key always up to date can in some case
be very complex.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
| -rw-r--r-- | libre/pacman-mirrorlist/PKGBUILD | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/libre/pacman-mirrorlist/PKGBUILD b/libre/pacman-mirrorlist/PKGBUILD index ce1e99215..21ea9d951 100644 --- a/libre/pacman-mirrorlist/PKGBUILD +++ b/libre/pacman-mirrorlist/PKGBUILD @@ -14,7 +14,7 @@ pkgname=pacman-mirrorlist -pkgver=20210803 +pkgver=20211121 pkgrel=1.parabola1 pkgdesc="Parabola GNU/Linux-libre mirror list for use by pacman" arch=('any') |