https://bugzilla.redhat.com/show_bug.cgi?id=1441305 Bug ID: 1441305 Summary: perl-Log-Trivial-0.40-7.fc27 FTBFS: gpg: Can't check signature: No public key Product: Fedora Version: 26 Component: perl-Log-Trivial Assignee: orion@xxxxxxxxxxxxx Reporter: ppisar@xxxxxxxxxx QA Contact: extras-qa@xxxxxxxxxxxxxxxxx CC: orion@xxxxxxxxxxxxx, perl-devel@xxxxxxxxxxxxxxxxxxxxxxx perl-Log-Trivial-0.40-7.fc27 fails to build in F27 because a test fails: + ./Build test gpg: Signature made Fri May 23 14:49:30 2014 CEST gpg: using RSA key 9CDA8911AF0DB8C8 gpg: requesting key 9CDA8911AF0DB8C8 from hkp server pool.sks-keyservers.net gpg: Can't check signature: No public key ==> BAD/TAMPERED signature detected! <== # Failed test 'Valid signature' # at t/00-signature.t line 23. # Looks like you failed 1 test of 1. t/00-signature.t ..... Dubious, test returned 1 (wstat 256, 0x100) Failed 1/1 subtests This is because F27 Test::Signature uses gnugp2 that handles missing keys differently. I recommend to remove the test completely (or disable it with SKIP_SIGNATURE_TEST=1 environment variable) because testing an integrity of a CPAN distribution by executing code of the distribution is a non-sense from security point of view. -- You are receiving this mail because: You are on the CC list for the bug. _______________________________________________ perl-devel mailing list -- perl-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to perl-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
