Package: extrepo Version: 0.11 Severity: normal Dear Maintainer,
The signing key for the ProtonVPN apt repository appears to be outdated (at least in Bookworm and Sid). The current key that extrepo tries to use is: pub rsa3072 2024-03-20 [SC] [expired: 2025-03-20] 9E72DFDF2AF019F0CCFC68F38DD48989F43719CA uid Proton Technologies AG <[email protected]> sub rsa3072 2024-03-20 [E] [expired: 2025-03-20] Which Proton seems to have replaced with and now provides to users: pub rsa3072 2025-03-03 [SC] [expires: 2027-03-03] 84B0D3492C76C9C6F5873C18EDA3E22630349F1C uid Proton Technologies AG <[email protected]> sub rsa3072 2025-03-03 [E] [expires: 2027-03-03] Which causes $ sudo apt update Hit:1 http://deb.debian.org/debian bookworm InRelease [...] Err:9 https://repo.protonvpn.com/debian stable InRelease The following signatures couldn't be verified because the public key is not available: NO_PUBKEY EDA3E22630349F1C [...] Reading package lists... Done Building dependency tree... Done Reading state information... Done All packages are up to date. W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: https://repo.protonvpn.com/debian stable InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY EDA3E22630349F1C W: Failed to fetch https://repo.protonvpn.com/debian/dists/stable/InRelease The following signatures couldn't be verified because the public key is not available: NO_PUBKEY EDA3E22630349F1C W: Some index files failed to download. They have been ignored, or old ones used instead. I worked around the issue by replacing the old key with the new one. Best regards, Frank T. ( •ᴗ•) b -- System Information: Debian Release: 12.11 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 6.1.0-35-amd64 (SMP w/12 CPU threads; PREEMPT) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages extrepo depends on: ii gpgv 2.2.40-1.1 ii libcryptx-perl 0.077-1+b1 ii libdpkg-perl 1.21.22 ii libwww-perl 6.68-1 ii libyaml-libyaml-perl 0.86+ds-1 ii perl 5.36.0-7+deb12u2 Versions of packages extrepo recommends: ii apt [apt-transport-https] 2.6.1 ii extrepo-offline-data 1.0.3+deb12u1 extrepo suggests no packages. -- Configuration Files: /etc/extrepo/config.yaml changed: --- url: https://extrepo-team.pages.debian.net/extrepo-data dist: debian version: bookworm enabled_policies: - main - contrib - non-free -- no debconf information
