Package: apt Version: 0.6.43.3 Severity: minor When I run apt-get update, and some sources have been updated since the last time I apt-get updated, a signature error often occurs. For example:
$ sudo apt-get update Password: Get:1 http://gnu.buildtolearn.net ./ Release.gpg [189B] Get:2 http://gnu.buildtolearn.net ./ Release [712B] Ign http://www.kiberpipa.org ./ Release.gpg Ign http://gnu.buildtolearn.net ./ Packages Get:3 http://mirrors.kernel.org experimental Release.gpg [189B] Ign http://gnu.buildtolearn.net ./ Sources Ign http://www.kiberpipa.org ./ Release Get:4 http://mirrors.kernel.org unstable Release.gpg [189B] Hit http://gnu.buildtolearn.net ./ Packages Get:5 http://mirrors.kernel.org etch Release.gpg [189B] Ign http://www.kiberpipa.org ./ Packages Hit http://gnu.buildtolearn.net ./ Sources Hit http://www.kiberpipa.org ./ Packages Get:6 http://mirrors.kernel.org experimental Release [26.7kB] Ign http://mirrors.kernel.org experimental Release Get:7 http://mirrors.kernel.org unstable Release [38.3kB] Ign http://mirrors.kernel.org unstable Release Get:8 http://mirrors.kernel.org etch Release [35.4kB] Ign http://mirrors.kernel.org etch Release Ign http://mirrors.kernel.org experimental/main Packages Ign http://mirrors.kernel.org experimental/main Sources Get:9 http://mirrors.kernel.org unstable/main Packages [3077kB] Ign http://twinsen.warpedgames.com ./ Release.gpg Get:10 http://secure-testing.debian.net etch/security-updates Release.gpg [189B] Ign http://twinsen.warpedgames.com ./ Release Get:11 http://secure-testing.debian.net etch/security-updates Release [26.8kB] Ign http://twinsen.warpedgames.com ./ Packages Ign http://secure-testing.debian.net etch/security-updates Release Hit http://twinsen.warpedgames.com ./ Packages Hit http://secure-testing.debian.net etch/security-updates/main Packages Hit http://secure-testing.debian.net etch/security-updates/contrib Packages Hit http://secure-testing.debian.net etch/security-updates/non-free Packages Hit http://secure-testing.debian.net etch/security-updates/main Sources Hit http://secure-testing.debian.net etch/security-updates/contrib Sources Hit http://secure-testing.debian.net etch/security-updates/non-free Sources Get:12 ftp://ftp.nerim.net sid Release.gpg [191B] Get:13 ftp://ftp.nerim.net sid Release [2864B] Get:14 ftp://ftp.nerim.net sid/main Packages [27.2kB] Get:15 http://mirrors.kernel.org unstable/contrib Packages [47.5kB] Get:16 http://mirrors.kernel.org unstable/non-free Packages [62.8kB] Get:17 ftp://ftp.nerim.net sid/main Sources [10.6kB] Get:18 http://mirrors.kernel.org unstable/main Sources [1152kB] Ign http://mentors.debian.net unstable Release.gpg Ign http://mentors.debian.net unstable Release Get:19 http://mentors.debian.net unstable/main Sources [209kB] Get:20 http://mentors.debian.net unstable/contrib Sources [209kB] Hit http://mirrors.kernel.org unstable/contrib Sources Get:21 http://mirrors.kernel.org unstable/non-free Sources [25.9kB] Get:22 http://mirrors.kernel.org etch/main Packages [2897kB] Get:23 http://mentors.debian.net unstable/non-free Sources [209kB] Get:24 http://mirrors.kernel.org etch/contrib Packages [40.1kB] Get:25 http://mirrors.kernel.org etch/non-free Packages [55.5kB] Get:26 http://mirrors.kernel.org experimental/main Packages [154kB] Get:27 http://mirrors.kernel.org experimental/main Sources [47.1kB] Fetched 8354kB in 59s (140kB/s) Reading package lists... Done W: GPG error: http://mirrors.kernel.org experimental Release: The following signatures were invalid: BADSIG 010908312D230C5F Debian Archive Automatic Signing Key (2006) <[EMAIL PROTECTED]> W: GPG error: http://mirrors.kernel.org unstable Release: The following signatures were invalid: BADSIG 010908312D230C5F Debian Archive Automatic Signing Key (2006) <[EMAIL PROTECTED]> W: GPG error: http://mirrors.kernel.org etch Release: The following signatures were invalid: BADSIG 010908312D230C5F Debian Archive Automatic Signing Key (2006) <[EMAIL PROTECTED]> W: GPG error: http://secure-testing.debian.net etch/security-updates Release: The following signatures were invalid: BADSIG 946AA6E18722E71E secure-testing Archive Key 2005-7 <[EMAIL PROTECTED]> W: You may want to run apt-get update to correct these problems Re-running apt-get update, however, corrects this: $ sudo apt-get update Get:1 http://gnu.buildtolearn.net ./ Release.gpg [189B] Get:2 http://mirrors.kernel.org experimental Release.gpg [189B] Get:3 http://secure-testing.debian.net etch/security-updates Release.gpg [189B] Get:4 http://mirrors.kernel.org unstable Release.gpg [189B] Get:5 http://mirrors.kernel.org etch Release.gpg [189B] Ign http://mentors.debian.net unstable Release.gpg Ign http://twinsen.warpedgames.com ./ Release.gpg Get:6 http://gnu.buildtolearn.net ./ Release [712B] Ign http://www.kiberpipa.org ./ Release.gpg Hit http://mirrors.kernel.org experimental Release Hit http://secure-testing.debian.net etch/security-updates Release Hit http://mirrors.kernel.org unstable Release Ign http://twinsen.warpedgames.com ./ Release Ign http://mentors.debian.net unstable Release Hit http://secure-testing.debian.net etch/security-updates/main Packages Hit http://mirrors.kernel.org etch Release Hit http://secure-testing.debian.net etch/security-updates/contrib Packages Ign http://gnu.buildtolearn.net ./ Packages Hit http://mentors.debian.net unstable/main Sources Ign http://twinsen.warpedgames.com ./ Packages Hit http://secure-testing.debian.net etch/security-updates/non-free Packages Hit http://secure-testing.debian.net etch/security-updates/main Sources Hit http://secure-testing.debian.net etch/security-updates/contrib Sources Hit http://mentors.debian.net unstable/contrib Sources Ign http://www.kiberpipa.org ./ Release Ign http://gnu.buildtolearn.net ./ Sources Ign http://mirrors.kernel.org experimental/main Packages Hit http://secure-testing.debian.net etch/security-updates/non-free Sources Hit http://mentors.debian.net unstable/non-free Sources Hit http://gnu.buildtolearn.net ./ Packages Ign http://mirrors.kernel.org experimental/main Sources Hit http://gnu.buildtolearn.net ./ Sources Ign http://www.kiberpipa.org ./ Packages Hit http://mirrors.kernel.org unstable/main Packages Hit http://mirrors.kernel.org unstable/contrib Packages Hit http://mirrors.kernel.org unstable/non-free Packages Hit http://mirrors.kernel.org unstable/main Sources Hit http://mirrors.kernel.org unstable/contrib Sources Hit http://mirrors.kernel.org unstable/non-free Sources Hit http://www.kiberpipa.org ./ Packages Hit http://mirrors.kernel.org etch/main Packages Hit http://mirrors.kernel.org etch/contrib Packages Hit http://mirrors.kernel.org etch/non-free Packages Hit http://mirrors.kernel.org experimental/main Packages Hit http://twinsen.warpedgames.com ./ Packages Hit http://mirrors.kernel.org experimental/main Sources Hit ftp://ftp.nerim.net sid Release.gpg Get:7 ftp://ftp.nerim.net sid Release [2864B] Hit ftp://ftp.nerim.net sid/main Packages Hit ftp://ftp.nerim.net sid/main Sources Fetched 4333B in 5s (838B/s) Reading package lists... Done I suspect this may be because APT fetches the signature and release file before the package lists; if it checks the signature at that point it would find a spurious signature failure. -- Package-specific info: -- apt-config dump -- APT ""; APT::Architecture "i386"; APT::Build-Essential ""; APT::Build-Essential:: "build-essential"; Dir "/"; Dir::State "var/lib/apt/"; Dir::State::lists "lists/"; Dir::State::cdroms "cdroms.list"; Dir::State::userstatus "status.user"; Dir::State::status "/var/lib/dpkg/status"; Dir::Cache "var/cache/apt/"; Dir::Cache::archives "archives/"; Dir::Cache::srcpkgcache "srcpkgcache.bin"; Dir::Cache::pkgcache "pkgcache.bin"; Dir::Etc "etc/apt/"; Dir::Etc::sourcelist "sources.list"; Dir::Etc::sourceparts "sources.list.d"; Dir::Etc::vendorlist "vendors.list"; Dir::Etc::vendorparts "vendors.list.d"; Dir::Etc::main "apt.conf"; Dir::Etc::parts "apt.conf.d"; Dir::Etc::preferences "preferences"; Dir::Bin ""; Dir::Bin::methods "/usr/lib/apt/methods"; Dir::Bin::dpkg "/usr/bin/dpkg"; DPkg ""; DPkg::Pre-Install-Pkgs ""; DPkg::Pre-Install-Pkgs:: "/usr/sbin/dpkg-preconfigure --apt || true"; DPkg::Post-Invoke ""; DPkg::Post-Invoke:: "if [ -x /usr/bin/debsums ]; then /usr/bin/debsums --generate=nocheck -sp /var/cache/apt/archives; fi"; -- (no /etc/apt/preferences present) -- -- /etc/apt/sources.list -- deb ftp://ftp.nerim.net/debian-marillat/ sid main deb http://mirrors.kernel.org/debian experimental main deb http://mirrors.kernel.org/debian unstable main contrib non-free deb http://mirrors.kernel.org/debian etch main contrib non-free deb-src ftp://ftp.nerim.net/debian-marillat/ sid main deb-src http://mirrors.kernel.org/debian experimental main deb-src http://mirrors.kernel.org/debian unstable main contrib non-free deb http://twinsen.warpedgames.com/~bdonlan/apt ./ deb-src http://mentors.debian.net/debian unstable main contrib non-free deb http://www.kiberpipa.org/~minmax/cinelerra/builds/athlonxp/ ./ deb http://secure-testing.debian.net/debian-secure-testing etch/security-updates main contrib non-free deb-src http://secure-testing.debian.net/debian-secure-testing etch/security-updates main contrib non-free deb http://gnu.buildtolearn.net/linux/packages/psi-jingle/unstable ./ deb-src http://gnu.buildtolearn.net/linux/packages/psi-jingle/unstable ./ -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.16-1-k7 Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Versions of packages apt depends on: ii libc6 2.3.6-4 GNU C Library: Shared libraries an ii libgcc1 1:4.1.0-1 GCC support library ii libstdc++6 4.1.0-1 The GNU Standard C++ Library v3 Versions of packages apt recommends: ii debian-archive-keyring 2006.01.18 GnuPG archive keys of the Debian a -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
