[Bug 1920640] [NEW] EXPKEYSIG C8CAB6595FDFF622 Ubuntu Debug Symbol Archive Automatic Signing Key (2016) <ubuntu-archive at lists.ubuntu.com>

[Felipe Reyes]

Public bug reported:

The public key used by the debugging symbols repository
/usr/share/keyrings/ubuntu-dbgsym-keyring.gpg from the package ubuntu-
dbgsym-keyring expired.

$ apt policy ubuntu-dbgsym-keyring
ubuntu-dbgsym-keyring:
  Installed: 2020.02.11.2
  Candidate: 2020.02.11.2
  Version table:
 *** 2020.02.11.2 500
        500 http://archive.ubuntu.com/ubuntu focal/main amd64 Packages
        500 http://archive.ubuntu.com/ubuntu focal/main i386 Packages
        100 /var/lib/dpkg/status
$ gpg --no-default-keyring --keyring /usr/share/keyrings/ubuntu-dbgsym-keyring.gpg --list-keys
/usr/share/keyrings/ubuntu-dbgsym-keyring.gpg
---------------------------------------------
pub   rsa4096 2016-03-21 [SC] [expired: 2021-03-20]
      F2EDC64DC5AEE1F6B9C621F0C8CAB6595FDFF622
uid           [ expired] Ubuntu Debug Symbol Archive Automatic Signing Key (2016) <ubuntu-archive at lists.ubuntu.com>


Error message on "apt update":

E: The repository 'http://ddebs.ubuntu.com bionic-updates Release' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
W: GPG error: http://ddebs.ubuntu.com bionic Release: The following signatures were invalid: EXPKEYSIG C8CAB6595FDFF622 Ubuntu Debug Symbol Archive Automatic Signing Key (2016) <ubuntu-archive at lists.ubuntu.com>
E: The repository 'http://ddebs.ubuntu.com bionic Release' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
W: GPG error: http://ddebs.ubuntu.com bionic-proposed Release: The following signatures were invalid: EXPKEYSIG C8CAB6595FDFF622 Ubuntu Debug Symbol Archive Automatic Signing Key (2016) <ubuntu-archive at lists.ubuntu.com>
E: The repository 'http://ddebs.ubuntu.com bionic-proposed Release' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.

** Affects: ubuntu-keyring (Ubuntu)
     Importance: Undecided
         Status: New


** Tags: sts

** Summary changed:

- W: GPG error: http://ddebs.ubuntu.com bionic Release: The following signatures were invalid: EXPKEYSIG C8CAB6595FDFF622 Ubuntu Debug Symbol Archive Automatic Signing Key (2016) <ubuntu-archive at lists.ubuntu.com>
+ EXPKEYSIG C8CAB6595FDFF622 Ubuntu Debug Symbol Archive Automatic Signing Key (2016) <ubuntu-archive at lists.ubuntu.com>

** Description changed:

  The public key used by the debugging symbols repository
  /usr/share/keyrings/ubuntu-dbgsym-keyring.gpg from the package ubuntu-
  dbgsym-keyring expired.
  
  $ apt policy ubuntu-dbgsym-keyring
  ubuntu-dbgsym-keyring:
-   Installed: 2020.02.11.2
-   Candidate: 2020.02.11.2
-   Version table:
-  *** 2020.02.11.2 500
-         500 http://archive.ubuntu.com/ubuntu focal/main amd64 Packages
-         500 http://archive.ubuntu.com/ubuntu focal/main i386 Packages
-         100 /var/lib/dpkg/status
- $ gpg --no-default-keyring --keyring /usr/share/keyrings/ubuntu-dbgsym-keyring.gpg --list-keys 
+   Installed: 2020.02.11.2
+   Candidate: 2020.02.11.2
+   Version table:
+  *** 2020.02.11.2 500
+         500 http://archive.ubuntu.com/ubuntu focal/main amd64 Packages
+         500 http://archive.ubuntu.com/ubuntu focal/main i386 Packages
+         100 /var/lib/dpkg/status
+ $ gpg --no-default-keyring --keyring /usr/share/keyrings/ubuntu-dbgsym-keyring.gpg --list-keys
  /usr/share/keyrings/ubuntu-dbgsym-keyring.gpg
  ---------------------------------------------
  pub   rsa4096 2016-03-21 [SC] [expired: 2021-03-20]
-       F2EDC64DC5AEE1F6B9C621F0C8CAB6595FDFF622
+       F2EDC64DC5AEE1F6B9C621F0C8CAB6595FDFF622
  uid           [ expired] Ubuntu Debug Symbol Archive Automatic Signing Key (2016) <ubuntu-archive at lists.ubuntu.com>
+ 
+ 
+ Error message on "apt update":
+ 
+ E: The repository 'http://ddebs.ubuntu.com bionic-updates Release' is not signed.
+ N: Updating from such a repository can't be done securely, and is therefore disabled by default.
+ N: See apt-secure(8) manpage for repository creation and user configuration details.
+ W: GPG error: http://ddebs.ubuntu.com bionic Release: The following signatures were invalid: EXPKEYSIG C8CAB6595FDFF622 Ubuntu Debug Symbol Archive Automatic Signing Key (2016) <ubuntu-archive at lists.ubuntu.com>
+ E: The repository 'http://ddebs.ubuntu.com bionic Release' is not signed.
+ N: Updating from such a repository can't be done securely, and is therefore disabled by default.
+ N: See apt-secure(8) manpage for repository creation and user configuration details.
+ W: GPG error: http://ddebs.ubuntu.com bionic-proposed Release: The following signatures were invalid: EXPKEYSIG C8CAB6595FDFF622 Ubuntu Debug Symbol Archive Automatic Signing Key (2016) <ubuntu-archive at lists.ubuntu.com>
+ E: The repository 'http://ddebs.ubuntu.com bionic-proposed Release' is not signed.
+ N: Updating from such a repository can't be done securely, and is therefore disabled by default.
+ N: See apt-secure(8) manpage for repository creation and user configuration details.

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to ubuntu-keyring in Ubuntu.
https://bugs.launchpad.net/bugs/1920640

Title:
  EXPKEYSIG C8CAB6595FDFF622 Ubuntu Debug Symbol Archive Automatic
  Signing Key (2016) <ubuntu-archive at lists.ubuntu.com>

Status in ubuntu-keyring package in Ubuntu:
  New

Bug description:
  The public key used by the debugging symbols repository
  /usr/share/keyrings/ubuntu-dbgsym-keyring.gpg from the package ubuntu-
  dbgsym-keyring expired.

  $ apt policy ubuntu-dbgsym-keyring
  ubuntu-dbgsym-keyring:
    Installed: 2020.02.11.2
    Candidate: 2020.02.11.2
    Version table:
   *** 2020.02.11.2 500
          500 http://archive.ubuntu.com/ubuntu focal/main amd64 Packages
          500 http://archive.ubuntu.com/ubuntu focal/main i386 Packages
          100 /var/lib/dpkg/status
  $ gpg --no-default-keyring --keyring /usr/share/keyrings/ubuntu-dbgsym-keyring.gpg --list-keys
  /usr/share/keyrings/ubuntu-dbgsym-keyring.gpg
  ---------------------------------------------
  pub   rsa4096 2016-03-21 [SC] [expired: 2021-03-20]
        F2EDC64DC5AEE1F6B9C621F0C8CAB6595FDFF622
  uid           [ expired] Ubuntu Debug Symbol Archive Automatic Signing Key (2016) <ubuntu-archive at lists.ubuntu.com>

  
  Error message on "apt update":

  E: The repository 'http://ddebs.ubuntu.com bionic-updates Release' is not signed.
  N: Updating from such a repository can't be done securely, and is therefore disabled by default.
  N: See apt-secure(8) manpage for repository creation and user configuration details.
  W: GPG error: http://ddebs.ubuntu.com bionic Release: The following signatures were invalid: EXPKEYSIG C8CAB6595FDFF622 Ubuntu Debug Symbol Archive Automatic Signing Key (2016) <ubuntu-archive at lists.ubuntu.com>
  E: The repository 'http://ddebs.ubuntu.com bionic Release' is not signed.
  N: Updating from such a repository can't be done securely, and is therefore disabled by default.
  N: See apt-secure(8) manpage for repository creation and user configuration details.
  W: GPG error: http://ddebs.ubuntu.com bionic-proposed Release: The following signatures were invalid: EXPKEYSIG C8CAB6595FDFF622 Ubuntu Debug Symbol Archive Automatic Signing Key (2016) <ubuntu-archive at lists.ubuntu.com>
  E: The repository 'http://ddebs.ubuntu.com bionic-proposed Release' is not signed.
  N: Updating from such a repository can't be done securely, and is therefore disabled by default.
  N: See apt-secure(8) manpage for repository creation and user configuration details.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-keyring/+bug/1920640/+subscriptions