Package: dpkg Version: 1.21.9 Severity: normal X-Debbugs-Cc: tmcconnell...@gmail.com
Dear Maintainer, What led up to the situation? Normal upgrading of system What exactly did you do (or not do) that was effective (or ineffective)? Unsure these messages started appearing. What was the outcome of this action? I now receive multiple lines of: gpgv: Signature made Fri 24 Oct 2014 06:23:17 PM CDT gpgv: using RSA key F664D256B4691A7D gpgv: Can't check signature: No public key dpkg-source: warning: cannot verify signature /var/cache/apt/sources/libtrio_1.16+dfsg1-3.dsc gpgv: Signature made Tue 03 May 2022 09:04:38 PM CDT gpgv: using RSA key A1489FE2AB99A21A gpgv: Note: signatures using the SHA1 algorithm are rejected gpgv: Can't check signature: Bad public key dpkg-source: warning: cannot verify signature /var/cache/apt/sources/r-cran- quantreg_5.93-1.dsc gpgv: Signature made Wed 20 Jul 2022 05:25:03 AM CDT gpgv: using RSA key A1489FE2AB99A21A gpgv: Note: signatures using the SHA1 algorithm are rejected gpgv: Can't check signature: Bad public key dpkg-source: warning: cannot verify signature /var/cache/apt/sources/r-cran- quantreg_5.94-1.dsc apt-listdifferences: removing old src:r-cran-quantreg 5.93-1 gpgv: Signature made Fri 27 May 2022 04:42:52 AM CDT gpgv: using RSA key 5F2A9FB82FA6C1E1077007072D191C8843B13F4D gpgv: Note: signatures using the SHA1 algorithm are rejected gpgv: Can't check signature: Bad public key dpkg-source: warning: cannot verify signature /var/cache/apt/sources/kconfig_5.94.0-3.dsc gpgv: Signature made Sat 23 Jul 2022 05:20:34 AM CDT gpgv: using RSA key 5F2A9FB82FA6C1E1077007072D191C8843B13F4D gpgv: Note: signatures using the SHA1 algorithm are rejected gpgv: Can't check signature: Bad public key dpkg-source: warning: cannot verify signature /var/cache/apt/sources/kconfig_5.94.0-4.dsc When running this command `apt-get dist-upgrade -y -m` What outcome did you expect instead? To be sure I'm getting packages from an uncompromised repo. -- Package-specific info: This system uses merged-usr-via-aliased-dirs, going behind dpkg's back, breaking its core assumptions. This can cause silent file overwrites and disappearances, and its general tools misbehavior. See <https://wiki.debian.org/Teams/Dpkg/FAQ#broken-usrmerge>. -- System Information: Debian Release: bookworm/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.18.0-2-amd64 (SMP w/1 CPU thread; PREEMPT) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages dpkg depends on: ii libbz2-1.0 1.0.8-5 ii libc6 2.33-8 ii liblzma5 5.2.5-2.1 ii libselinux1 3.4-1+b1 ii tar 1.34+dfsg-1 ii zlib1g 1:1.2.11.dfsg-4 dpkg recommends no packages. Versions of packages dpkg suggests: ii apt 2.5.1 ii debsig-verify 0.25+b1 -- no debconf information