Ubuntu CD Images

Mismatched SHA256SUM and SHA256SUM.gpg for old-releases xenial and bionic

Bug #1933948 reported by James Simpson
12
This bug affects 2 people
Affects Status Importance Assigned to Milestone
Ubuntu CD Images
Confirmed
Undecided
Unassigned

Bug Description

Bionic and Xenial old-releases (https://old-releases.ubuntu.com/releases/bionic/, https://old-releases.ubuntu.com/releases/xenial/) fail to provide good output from a gpg --keyid-format long --verify SHA256SUMS.gpg SHA256SUMS:

gpg: BAD signature from "Ubuntu CD Image Automatic Signing Key <email address hidden>" [unknown]
gpg: BAD signature from "Ubuntu CD Image Automatic Signing Key (2012) <email address hidden>" [unknown]
./bionic

gpg: BAD signature from "Ubuntu CD Image Automatic Signing Key <email address hidden>" [unknown]
gpg: BAD signature from "Ubuntu CD Image Automatic Signing Key (2012) <email address hidden>" [unknown]
./xenial

From looking at the last modified dates of SHA256SUM vs SHA256SUM.gpg it looks like this could be down to a mismatched SHA256SUM & SHA256SUM.gpg

Haw Loeung (hloeung)
Changed in ubuntu-cdimage:
status: New → Confirmed
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.