Package: hplip Version: 3.26.4+dfsg0-2 Severity: important Followup-For: Bug #1137654
I can confirm that this is still reproducible with hplip 3.26.4+dfsg0-2, but the failure mode is clearer now. The plugin metadata currently points to: http://www.openprinting.org/download/printdriver/auxfiles/HP/plugins/hplip-3.26.4-plugin.run The downloaded file has the checksum listed in plugin.conf: 199f78f8af7f36894d7180e9090963ce2550a75ec701f8a4ba37665a9746fdf0 So the file is not corrupted. The verification failure happens because the current plugin is signed with HP's newer RSA key: primary fingerprint: 82FF A7C6 AA74 11D9 34BD E173 AC69 536A 2CF3 A243 signing subkey: 1E3D 9B4E 4447 5F51 EC08 45AB 5E4E 4D24 A34E CD57 The hplip package still ships/imports the older HPLIP DSA key: 4ABA 2F66 DBD5 A958 9491 0E06 73D7 70CD A590 47B9 After importing the newer HP public key into HPLIP's GPG homedir, verification succeeds: gpg: Good signature from "HPLIP (HP Linux Imaging and Printing) <[email protected]>" In my case I had to import the key into both: /home/michele/.hplip/.gnupg /root/.hplip/.gnupg because running hp-plugin with sudo uses root's HPLIP keyring. The plugin then installed successfully. The final state is: [plugin] installed = 1 eula = 1 version = 3.26.4 Installed package versions: hplip 3.26.4+dfsg0-2 hplip-data 3.26.4+dfsg0-2 hplip-gui 3.26.4+dfsg0-2 printer-driver-hpcups 3.26.4+dfsg0-2 There is a second issue with the fallback URL used by hplip: https://developers.hp.com/sites/default/files/hplip-3.26.4-plugin.run That URL returns 403 Forbidden here. The current HP-hosted path appears to use the 2026-05 directory, as noted in the previous follow-up. So I think the Debian-side fix is at least to update the HPLIP public signing key shipped/imported by the package. It may also be worth checking whether the fallback URL construction needs to handle HP's dated plugin paths. -- System Information: Debian Release: forky/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 7.0.10+deb14-amd64 (SMP w/8 CPU threads; PREEMPT) Locale: LANG=en_US.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to C.UTF-8), LANGUAGE=en_US:en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled
