Re: GNU autoconf-2.66 released [stable]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



----- "Olly Betts" <olly@xxxxxxxxxx> wrote:
> >   gpg --keyserver keys.gnupg.net --recv-keys 2527436A
> 
> Hi Eric,
> 
> While your announcement was signed with a key with that fingerprint,
> the
> tarball I downloaded was signed with a key with fingerprint F4850180:
> 
> http://ftpmirror.gnu.org/autoconf/autoconf-2.66.tar.bz2
> 
> 2527436A and F4850180 seem to be cross-signed, which makes foul play
> an
> unlikely explanation (it looks like F4850180 is an old SHA1 key you
> are
> in the process of replacing),

You are correct - my new key is not yet integrated into the upload
process, so I had to fall back to my old key at the last minute
(after my announcement email had already been composed).  The v2.66
tag in autoconf.git, however, is signed by the new key, and I will
be fixing things so that 2.67 will be correctly signed by the
new key all around (and given the nature of the regressions in
2.66, it looks like 2.67 is due within a month or so).

-- 
Eric Blake   eblake@xxxxxxxxxx    +1-801-349-2682
Libvirt virtualization library http://libvirt.org

_______________________________________________
Autoconf mailing list
Autoconf@xxxxxxx
http://lists.gnu.org/mailman/listinfo/autoconf


[Index of Archives]     [GCC Help]     [Kernel Discussion]     [RPM Discussion]     [Red Hat Development]     [Yosemite News]     [Linux USB]     [Samba]

  Powered by Linux