Fedora converts package keys
After discovering that some Fedora servers have been illegally accessed, the Fedora Project is, as of today, converting the signing keys for Linux distribution packages.
The Red Hat sponsored Linux distribution became aware of the intrusion at the end of August. One of the servers compromised was a server used for signing Fedora packages and as a result, the project has decided to change the key. Project leader Paul Frields writes: "While there is no definitive evidence that the Fedora key has been compromised, because Fedora packages are distributed via multiple
third-party mirrors and repositories, we have decided to convert to new Fedora signing keys."
The project developers will use the so called Phase 1 to initiate updates for Fedora 8 and 9, which will begin the conversion. From today the new packages are available on the mirror servers. Among others, the packages 'fedora-release', 'package-kit' and 'gnome-package kit' are being re-vamped.
The user will have to verify and import the updates with the new GPG key. The software guides the user through the download process but instructions are also available at Fedora-Wiki. After that, the package management receives updates as newly signed packages from a new repository.
In Phase 2, Fedora developers will not only update, but will assign new keys to all Fedora 8 and 9 releases.
Issue 266/2023
Buy this issue as a PDF
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Find SysAdmin Jobs
News
-
Linux Mint 21.1 Enters Beta Status
With a new version of the Cinnamon Desktop, Linux Mint 21.1 has plenty to offer.
-
4MLinux 41.0 Now Stable and Ready for Use
The developers behind 4MLinux have changed the status of 41.0 to STABLE, which means it's ready for prime time.
-
Xfce 4.18 Coming Soon and Offers Subtle Improvements
The Xfce team has announced the release date of the next iteration of the desktop, which includes a good number of features to polish the fan-favorite Linux UI.
-
Orange Pi Board Has Arch-Based Linux Distribution in the Works
The developers of the Orange Pi board are planning to release an Arch-based Linux distribution available for its hardware as an alternative to Orange Pi OS.
-
Alpine Linux 3.17 Now Available to the General Public
The developers of Alpine Linux have officially announced the release of the latest version of the security-focused Linux distribution.
-
The New StarFighter Linux Laptop Now Available for Preorder
A new, completely customizable Linux laptop is now available to preorder from Star Labs.
-
Critical Escalation Vulnerability Found in the Linux Kernel
A new local privilege escalation vulnerability has been discovered in the Linux kernel and users are encouraged to upgrade/patch immediately.
-
AlmaLinux 8.7 Now Available
The developers of AlmaLinux have released the latest version of the OS, named Stone Smilodon, to the general public.
-
New Arch-Based Linux Distribution Aims to be Beginner-Friendly
CachyOS has been created to serve as a Linux distribution for everyone, even while being based on the more complex Arch Linux.
-
elementary OS 7 Getting Closer to Release
The team behind elementary OS has announced they are now focused on putting the finishing touches on the next major release of the Linux distribution.