Differences

This shows you the differences between two versions of the page.

--- start [2025-02-09 00:27] – rpm-sequoia baggins
+++ start [2026-01-02 10:34] (current) – baggins
@@ Line 5: / Line 5: @@
 ===== News =====
+==== 2nd January 2026: Changes to yearly snapshot policy (deletion of 2012-2022 snapshots) ====
+When we decided to keep yearly snapshots, the goal was to let users install a system that won't drastically change all of a sudden. The goal was never to use a 10 year old system full of outdated software full of security holes.
+We are also facing a constant resource strain on the ftp server and those outdated snapshots do take space.
+Having said that, from now on we are going to keep only the snapshots from the last 3 years. Anything older than 2023 will be removed soon (2012 - 2022). If you really need a very old binary, it's your last chance to grab it, otherwise (a better alternative) build the package from source.
+==== 2nd January 2026: PLD Th 2025 snapshot released ====
+Today we released 2025 snapshot of PLD/Linux Th. It is available on [[ftp://ftp.pld-linux.org/dists/th/2025/PLD/|ftp://ftp.pld-linux.org/dists/th/2025/PLD/]] and as poldek sources th-2025.
+The main highlights of this release are:
+  * [[packages/kernel|kernels]] 6.18.2, 6.12.63, 6.6.119, 6.1.159, 5.15.197, 5.10.247
+  * [[packages/rpm|RPM]] 4.20.1
+  * GCC 15.2.0
+  * LLVM 20.1.8
+  * glibc 2.42
+  * GNOME 48
+  * KDE6 6.21 / 25.12.0
 ==== 9th February 2025: Sequoia OpenPGP enabled in rpm 4.20 ====
-rpm 4.20 dropped the venerable rpmpgp custom library in favor of rpm-sequoia (https://sequoia-pgp.org/). The side effect is that sequoia is much stricter in validating signatures and fail if the format is non-conformat to the standard. What it means is that packages built with rpm5 cannot be installed and ones already installed will cause errors and must be reinstalled.
+rpm 4.20 dropped the venerable rpmpgp custom library in favor of rpm-sequoia (https://sequoia-pgp.org/). The side effect is that sequoia is much stricter in validating signatures and fail if the format is non-conformat to the standard.
+If you see errors like the below when doing any rpm operations please read the [[packages/rpm|RPM]] package page.
+  error: rpmdbNextIterator: skipping h#    1292
+  Header DSA signature: BAD (header tag 267: invalid OpenPGP signature: Parsing an OpenPGP packet:
+    Failed to parse Signature Packet
+          because: Signature appears to be created by a non-conformant OpenPGP implementation, see <https://github.com/rpm-software-management/rpm/issues/2351>.
+                because: Malformed MPI: leading bit is not set: expected bit 8 to be set in   100011 (23))
+                Header SHA1 digest: OK
-You can find all details on the [[packages/rpm|RPM]] package page.
+  error: Verifying a signature, but no certificate was provided:
+    Signature fcf4 created at Thu Aug 16 07:33:10 2018 invalid: signature is not alive
+          because: Expired on 2018-09-15T07:33:10Z
+  error: rpmdbNextIterator: skipping h#     881
+  Header V4 DSA/SHA1 Signature, key ID 61ac3fd4: BAD
+  Header SHA1 digest: OK
 ==== 3rd February 2025: PLD Th 2024 snapshot released ====