PGDG16 repository error - repomd.xml.asc is empty

Mon, 04 Aug 2025 08:01:37 -0700 

Hello,
I've found that PGDG16 repository access is failing (while last Thursday it
worked):

Example - pgdg 17 works, pgdg16 doesn't work:

$ yum repolist pgdg16 pgdg17
repo id          repo name
                                        status
pgdg16         PostgreSQL 16 for RHEL / Rocky / AlmaLinux 9 - x86_64
        enabled
pgdg17         PostgreSQL 17 for RHEL / Rocky / AlmaLinux 9 - x86_64
        enabled

$ yum -y --disablerepo=* --enablerepo=pgdg17 info postgresql17
Last metadata expiration check: 0:00:10 ago on Mon 04 Aug 2025 02:25:55 PM
UTC.
Available Packages
Name         : postgresql17
Version      : 17.5
Release      : 3PGDG.rhel9
Architecture : x86_64
Size         : 1.9 M
Source       : postgresql17-17.5-3PGDG.rhel9.src.rpm
Repository   : pgdg17
Summary      : PostgreSQL client programs and libraries
URL          : https://www.postgresql.org/
License      : PostgreSQL
Description  : PostgreSQL is an advanced Object-Relational database
management system (DBMS).
             : The base postgresql package contains the client programs
that you'll need to
             : access a PostgreSQL DBMS server. These client programs can
be located on the
             : same machine as the PostgreSQL server, or on a remote
machine that accesses a
             : PostgreSQL server over a network connection. The PostgreSQL
server can be found
             : in the postgresql17-server sub-package.
             :
             : If you want to manipulate a PostgreSQL database on a local
or remote PostgreSQL
             : server, you need this package. You also need to install this
package
             : if you're installing the postgresql17-server package.

$ yum -y --disablerepo=* --enablerepo=pgdg16 info postgresql16
PostgreSQL 16 for RHEL / Rocky / AlmaLinux 9 - x86_64


                                                          0.0  B/s |   0  B
    00:00
Error: Failed to download metadata for repo 'pgdg16': repomd.xml GPG
signature verification error: gpgme_op_verify() error: No data


The PGP signature for PGDG16 repo is empty:

$ curl -I
https://download.postgresql.org/pub/repos/yum/16/redhat/rhel-9-x86_64/repodata/repomd.xml.asc
HTTP/2 200
server: nginx
content-type: application/octet-stream
last-modified: Sun, 03 Aug 2025 15:33:48 GMT
etag: "688f815c-0"
strict-transport-security: max-age=31536000
accept-ranges: bytes
date: Mon, 04 Aug 2025 14:17:10 GMT
via: 1.1 varnish
age: 14378
x-served-by: cache-fra-etou8220082-FRA
x-cache: HIT
x-cache-hits: 64
x-timer: S1754317030.249893,VS0,VE0
content-length: 0

The only workaround I've found is to set repo_gpgcheck = 0
in /etc/yum.repos.d/pgdg-redhat-all.repo for pgdg16.

Thanks for fixing or providing advice on how to securely handle this issue.

Kind regards Ales Zeleny

Reply via email to