[BUG REPORT] openSUSE zypper failure with all gpg versions > 2.2.6

James Bottomley James.Bottomley at HansenPartnership.com
Thu Mar 19 00:22:31 CET 2020

openSUSE zypper uses gpg via gpgme to check signatures on the
repository archives against a list of accepted keys.  It uses gpgme in
libzypp to do this.  For all versions of gpg > 2.2.6 a signature check
failure is observed with strace confirming that gpgme_op_verify is
returning GPG_ERR_GENERAL.

After bisecting, the problem patch turns out to be:

commit e2bd152a928d79ddfb95fd2f7911c80a1a8d5a21 (refs/bisect/bad)
Author: Werner Koch <wk at gnupg.org>
Date:   Thu Apr 12 11:49:36 2018 +0200

    gpg: Relax printing of STATUS_FAILURE.

And reverting this patch on the openSUSE version of gnupg-2.2.19 allows
zypper to function again.

It's entirely unclear to me why this is the problem, and I so far
haven't succeeded in producing a simplified test case.


More information about the Gnupg-devel mailing list