399142 – gpg signature can't be verified

Bug 399142 - gpg signature can't be verified

Summary: gpg signature can't be verified

Status:	RESOLVED FIXED

Alias:	None

Product:	krita
Classification:	Applications
Component:	General (show other bugs)
Version:	4.1.3
Platform:	Other Linux

Importance:	NOR normal
Target Milestone:	---
Assignee:	Krita Bugs

URL:
Keywords:

Depends on:
Blocks:

Reported:	2018-09-27 13:01 UTC by Antonio Rojas
Modified:	2018-09-30 11:44 UTC (History)
CC List:	1 user (show)

See Also:
Latest Commit:
Version Fixed In:
Sentry Crash Report:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description Antonio Rojas 2018-09-27 13:01:24 UTC

The 4.1.3 tarball is signed with a different key than older releases (999C5EF86C5A70E5). The public key is not available in the public servers and I can't find it on krita.org either, so there is no way to verify the signature.

Comment 1 Halla Rempt 2018-09-27 13:50:40 UTC

Oh dash it... You are right. My desktop computer broke, and I had forgotten that that was the computer I used to sign the releases.

Comment 2 Halla Rempt 2018-09-30 11:44:13 UTC

I got the key from my old desktop and made new .sig files, but they aren't on the mirrors yet, of course. But at least they were made as foundation@krita.org, not boud@valdyas.org