Mageia forum

[neXt]

Code: Select all

The following packages have bad signatures:
/var/cache/urpmi/rpms/filezilla-3.69.1-1.mga10.x86_64.rpm: Invalid signature (NOT OK (key not trusted):
Verifying a signature using certificate 00EDB89585B012A8916F0DF8B742FA8B80420F66 (Mageia Packages <packages@mageia.org>): 
1. Certificate B742FA8B80420F66 invalid: policy violation     
because: No binding signature at time 2025-04-24T22:35:48Z     
because: Policy rejected non-revocation signature (PositiveCertification) requiring second pre-image resistance     
because: SHA1 is not considered secure 
2. Certificate B742FA8B80420F66 invalid: policy violation     
because: No binding signature at time 2025-04-25T00:09:16Z     
because: Policy rejected non-revocation signature (PositiveCertification) requiring second pre-image resistance     
because: SHA1 is not considered secure)

[Germ]

Only thing I can think of is remove your media sources and then re-add them. That may fix it.

[Germ]

I just found the same problem on one of my cauldron machines. The others are OK.

So I removed the repos and started from scratch. Re-added the repos and all is good.

[doktor5000]

FWIW, there's also a thread on the dev ML about this: https://ml.mageia.org/l/arc/dev/2025-04/msg00108.html
OP may also need to install/update crypto-policies-scripts

[Germ]

From the mailing list:

Code: Select all

# rpm -i --nosignature crypto-policies-scripts-20250402-1.mga10.noarch.rpm python3-toml-0.10.2-8.mga10.noarch.rpm

Apparently that fixes it without having to remove/re-add sources.

[neXt]

Thank you everyone, re-adding media sources didn't help, but the necessary packages were in the urpmi cache, so a simple

Code: Select all

rpm -i --nosignature /var/cache/urpmi/rpms/python3-toml-0.10.2-8.mga10.noarch.rpm /var/cache/urpmi/rpms/crypto-policies-scripts-20250402-2.mga10.noarch.rpm /var/cache/urpmi/rpms/crypto-policies-20250402-2.mga10.noarch.rpm --force

did the trick!

[Germ]

Good deal!

Can you mark your topic as [SOLVED]? Thanks.