Обсуждение: Heads up: RPM GPG keys are changing on 3 Jan 2024 ( RHEL and Fedora )
Hi, As a part of having new x86_64 build instances, I updated all of the RPM signing keys to meet FIPS requirements (except RHEL7, where updated GPG keys will appear but not meet FIPS requirement) for RHEL 9, 8 and 7 (and their derivatives), and Fedora 39 & 38. Existing keys are weak and throwing warnings to many users. As a part of this process, I'll also update aarch64 and ppc64le signing keys as well. I will publish new repo RPMs, the new keys and RPMs re-signed with the new keys on 3 January 2024. If you want to receive updates from the PostgreSQL RPM repo after 3 January 2024, you'll need to update the repository RPM and install new keys. I'll publish detailed information and howto in https://yum.postgresql.org and my blog before new year. There will be no change in the SLES 15 and SLES 12 RPMS, at least for now. Please let me know if you have any questions / comments. Regards, -- Devrim Gündüz Open Source Solution Architect, PostgreSQL Major Contributor Twitter: @DevrimGunduz , @DevrimGunduzTR
Вложения
Hi, On Wed, 2023-12-20 at 21:11 +0000, Devrim Gündüz wrote: > > I will publish new repo RPMs, the new keys and RPMs re-signed with the > new keys on 3 January 2024. Done. Please find all the details in here: https://yum.postgresql.org/news/pgdg-rpm-repo-gpg-key-update/ Let me know if you see any issues. Regards, -- Devrim Gündüz Open Source Solution Architect, PostgreSQL Major Contributor Twitter: @DevrimGunduz , @DevrimGunduzTR
Hi Devrim,
One can run into an issue if they have a modified pgdg repo. Yum/dnf update will create new repo as .rpmnew
warning: /etc/yum.repos.d/pgdg-redhat-all.repo created as /etc/yum.repos.d/pgdg-redhat-all.repo.rpmnew
Adding a step to their apply changes to .rpmnew and rename it to .repo rename would help others.
Thanks
Yogesh
On 1/3/24 06:52, Devrim Gündüz wrote:
Hi, On Wed, 2023-12-20 at 21:11 +0000, Devrim Gündüz wrote:I will publish new repo RPMs, the new keys and RPMs re-signed with the new keys on 3 January 2024.Done. Please find all the details in here: https://yum.postgresql.org/news/pgdg-rpm-repo-gpg-key-update/ Let me know if you see any issues. Regards,
-- Kind Regards, Yogesh Sharma PostgreSQL, Linux, and Networking Expert Open Source Enthusiast and Advocate PostgreSQL Contributors Team @ RDS Open Source Databases Amazon Web Services: https://aws.amazon.com
Please ignore my email, this was already covered.
Thanks
Yogesh
On 1/3/24 22:25, Yogesh Sharma wrote:
Hi Devrim,One can run into an issue if they have a modified pgdg repo. Yum/dnf update will create new repo as .rpmnewwarning: /etc/yum.repos.d/pgdg-redhat-all.repo created as /etc/yum.repos.d/pgdg-redhat-all.repo.rpmnewAdding a step to their apply changes to .rpmnew and rename it to .repo rename would help others.ThanksYogeshOn 1/3/24 06:52, Devrim Gündüz wrote:Hi, On Wed, 2023-12-20 at 21:11 +0000, Devrim Gündüz wrote:I will publish new repo RPMs, the new keys and RPMs re-signed with the new keys on 3 January 2024.Done. Please find all the details in here: https://yum.postgresql.org/news/pgdg-rpm-repo-gpg-key-update/ Let me know if you see any issues. Regards,
-- Kind Regards, Yogesh Sharma PostgreSQL, Linux, and Networking Expert Open Source Enthusiast and Advocate PostgreSQL Contributors Team @ RDS Open Source Databases Amazon Web Services: https://aws.amazon.com
-- Kind Regards, Yogesh Sharma PostgreSQL, Linux, and Networking Expert Open Source Enthusiast and Advocate PostgreSQL Contributors Team @ RDS Open Source Databases Amazon Web Services: https://aws.amazon.com