Mageia forum

share the magic
http://forums.mageia.org/en/

[SOLVED] Cauldron can't update SHA1 is not considered secure

http://forums.mageia.org/en/viewtopic.php?f=15&t=15650

Page 1 of 1

[SOLVED] Cauldron can't update SHA1 is not considered secure

PostPosted: Apr 25th, '25, 02:12
by neXt
Code: Select all
The following packages have bad signatures:
/var/cache/urpmi/rpms/filezilla-3.69.1-1.mga10.x86_64.rpm: Invalid signature (NOT OK (key not trusted):
Verifying a signature using certificate 00EDB89585B012A8916F0DF8B742FA8B80420F66 (Mageia Packages <packages@mageia.org>): 
1. Certificate B742FA8B80420F66 invalid: policy violation     
because: No binding signature at time 2025-04-24T22:35:48Z     
because: Policy rejected non-revocation signature (PositiveCertification) requiring second pre-image resistance     
because: SHA1 is not considered secure 
2. Certificate B742FA8B80420F66 invalid: policy violation     
because: No binding signature at time 2025-04-25T00:09:16Z     
because: Policy rejected non-revocation signature (PositiveCertification) requiring second pre-image resistance     
because: SHA1 is not considered secure)

Re: Cauldron can't update - SHA1 is not considered secure

PostPosted: Apr 25th, '25, 02:57
by Germ
Only thing I can think of is remove your media sources and then re-add them. That may fix it.

Re: Cauldron can't update - SHA1 is not considered secure

PostPosted: Apr 25th, '25, 16:21
by Germ
I just found the same problem on one of my cauldron machines. The others are OK.

So I removed the repos and started from scratch. Re-added the repos and all is good.

Re: Cauldron can't update - SHA1 is not considered secure

PostPosted: Apr 25th, '25, 16:24
by doktor5000
FWIW, there's also a thread on the dev ML about this: https://ml.mageia.org/l/arc/dev/2025-04/msg00108.html
OP may also need to install/update crypto-policies-scripts

Re: Cauldron can't update - SHA1 is not considered secure

PostPosted: Apr 25th, '25, 18:26
by Germ
From the mailing list:
Code: Select all
# rpm -i --nosignature crypto-policies-scripts-20250402-1.mga10.noarch.rpm python3-toml-0.10.2-8.mga10.noarch.rpm


Apparently that fixes it without having to remove/re-add sources.

Re: Cauldron can't update - SHA1 is not considered secure

PostPosted: Apr 25th, '25, 23:58
by neXt
Thank you everyone, re-adding media sources didn't help, but the necessary packages were in the urpmi cache, so a simple
Code: Select all
rpm -i --nosignature /var/cache/urpmi/rpms/python3-toml-0.10.2-8.mga10.noarch.rpm /var/cache/urpmi/rpms/crypto-policies-scripts-20250402-2.mga10.noarch.rpm /var/cache/urpmi/rpms/crypto-policies-20250402-2.mga10.noarch.rpm --force
did the trick!

Re: Cauldron can't update - SHA1 is not considered secure

PostPosted: Apr 26th, '25, 00:04
by Germ
Good deal!

Can you mark your topic as [SOLVED]? Thanks.
All times are UTC + 1 hour [ DST ]
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/