Giters

greenbone / openvas-scanner

This repository contains the scanner component for Greenbone Community Edition.

Home Page:https://greenbone.github.io/docs/

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Verifying signature via GPG fails

rbreejen opened this issue · comments

commented

Looks like the same issue as #359 and #666. I am not able to verify Openvas v20.8.0.

Tried upgrading to v20.8.1 as an alternative, but that version is incompatible with Ubuntu 20.04 (libgnutls 3.6.13 < required libgnutls 3.6.4).

gpg --recv-keys 9823FAA60ED1E580
gpg: key 9823FAA60ED1E580: "Greenbone Community Feed integrity key" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1

curl -s -L https://github.com/greenbone/openvas-scanner/archive/refs/tags/v20.8.0.tar.gz -o source.tar.gz
curl -s -L https://github.com/greenbone/openvas-scanner/releases/download/v20.8.0/openvas-20.8.0.tar.gz.sig -o source.tar.gz.sig
gpg --verify source.tar.gz.sig source.tar.gz
---
gpg: Signature made di 11 aug 15:01:32 2020 CEST
gpg:                using RSA key 9823FAA60ED1E580
gpg: BAD signature from "Greenbone Community Feed integrity key" [unknown]
commented

Hi @rbreejen
Old signatures were replaced. Thanks for reporting.