On 2019-11-19 03:51, Andrew David Wong wrote: > On 2019-11-18 8:07 AM, Demi M. Obenour wrote: >> On 2019-10-31 12:12, Marek Marczykowski-Górecki wrote: >>> Dear Qubes Community, >>> >>> We have just published Qubes Security Bulletin (QSB) #052: Xen issues >>> affecting PCI passthrough and PV domains >>> (XSA-299, XSA-302). The text of this QSB is reproduced below. This QSB and >>> its accompanying signatures will always be available in the Qubes >>> Security Pack (qubes-secpack). >>> >>> View QSB #052 in the qubes-secpack: >>> >>> https://github.com/QubesOS/qubes-secpack/blob/master/QSBs/qsb-052-2019.txt >>> >>> Learn about the qubes-secpack, including how to obtain, verify, and read >>> it: >>> >>> https://www.qubes-os.org/security/pack/ >>> >>> View all past QSBs: >>> >>> https://www.qubes-os.org/security/bulletins/ >>> >>> View the Xen Security Advisory (XSA) Tracker: >>> >>> https://www.qubes-os.org/security/xsa/ >>> >>> [...] >>> > >> Enigmail reports that this message has a bad signature. Is this >> because I am using an incorrect key to verify it? > >> Sincerely, > >> Demi > > > It verifies correctly for me via Enigmail 2.1.2 on Thunderbird 68.1.1. > As a reminder, you can always verify QSBs via the Qubes Security Pack: > > https://www.qubes-os.org/security/pack/ > > >
Thanks Andrew. The problem was that I had not trusted the specific signing key Marek used. Sincerely, Demi -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/b17d7787-b5fb-f7b5-0af0-68bccd847be5%40gmail.com.
signature.asc
Description: OpenPGP digital signature
