search

Icinga / icinga2

The core of our monitoring platform with a powerful configuration language and REST API.
https://icinga.com/docs/icinga2/latest
GNU General Public License v2.0
2k stars 574 forks source link

Ubuntu APT repository signing requirements (weak dsa1024 algorithm) #10099

Closed Hecke29 closed 2 months ago

Hecke29 commented 2 months ago

Ubuntu 24.04 (noble) starts to enforce a certain complexity on GPG-Sign-Keys for released Packages in APT repositories ( see: https://discourse.ubuntu.com/t/new-requirements-for-apt-repository-signing-in-24-04/42854 )

The current Release-Key of icinga does not fulfill this requirement thus leading to WARN messages when interacting with apt sources (e.g. on each apt update).

W: https://packages.icinga.com/ubuntu/dists/icinga-noble/InRelease: Signature by key F51A91A5EE001AA5D77D53C4C6E319C334410682 uses weak algorithm (dsa1024)
# wget -O - https://packages.icinga.com/icinga.key | gpg
pub   dsa1024 2013-11-16 [SC]
      F51A91A5EE001AA5D77D53C4C6E319C334410682
uid           Icinga Open Source Monitoring (Build server) <info@icinga.org>

Please roll over to a new key fulfilling the requirements:

oxzi commented 2 months ago

Thanks for reporting this issue. This should be a duplicate of https://github.com/Icinga/icinga-packaging/issues/302 and https://github.com/Icinga/icinga-packaging/issues/91.