I was able to verify the trust path entirely by hand, starting with the
http://pl.archive.ubuntu.com/ubuntu/dists/precise/Release and
http://pl.archive.ubuntu.com/ubuntu/dists/precise/Release.gpg files,
downloading the precise amd64 lame package, and verifying that the
sha256 for the downloaded package is
378656d3725af0541bf9ecc6439d43172b9f5fc8eb7b66ec5bf37b3211cfc842 as
listed in the http://pl.archive.ubuntu.com/ubuntu/dists/precise/universe
/binary-amd64/Packages.bz2 file.
Do you have the correct ubuntu-keyring package installed for your
release?
Thanks
** Information type changed from Private Security to Public Security
** Changed in: lame (Ubuntu)
Status: New => Incomplete
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1397462
Title:
Latest "lame" package is unsigned (security risk)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lame/+bug/1397462/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
