| 1 |
Just tonight I tried to update my portage snapshot |
| 2 |
by emerge-webrsync command and found out that |
| 3 |
the portage snapshot signing key expired again |
| 4 |
without being properly updated by app-crypt/gentoo-keys |
| 5 |
update before its expiration as described here: |
| 6 |
https://wiki.gentoo.org/wiki/Handbook:AMD64/Working/Features#Validated_Portage_tree_snapshots |
| 7 |
|
| 8 |
On the other side, app-crypt/gkeys is marked by ~ |
| 9 |
in my architecture (amd64). So, it is impossible |
| 10 |
to update the portage snapshot signing key without |
| 11 |
using non-recommended package. |
| 12 |
|
| 13 |
The same situation happened just half a year ago. |
| 14 |
|
| 15 |
Is it only me who thinks that Gentoo must care more about security? |
Archives