There is an upcoming issue with the key used to sign the
apt.postgresql.org repository:
The key shipped with pgdg-keyring 2012.1 will expire later this week,
namely on 2013-10-13. The key provided on the postgresql.org website,
and used by the installation instructions [1,2] was already extended to
last until 2016 earlier this year.
[1] http://www.postgresql.org/download/linux/debian/
[2] http://wiki.postgresql.org/wiki/Apt
The new pgdg-keyring package version 2013.1 will update the key in
apt's "trusted keys" database to this new expiration date.
Users should upgrade the pgdg-keyring package before the end of this
week in order to avoid later apt warnings. This is harmless to do even
on production systems as it merely replaces a file in /etc/apt/.
To check whether you are affected, do:
# sudo apt-key list
/etc/apt/trusted.gpg
--------------------
pub 4096R/ACCC4CF8 2011-10-13 [expires: 2016-02-24]
uid PostgreSQL Debian Repository
/etc/apt/trusted.gpg.d/apt.postgresql.org.gpg
---------------------------------------------
pub 4096R/ACCC4CF8 2011-10-13 [expires: 2013-10-13]
uid PostgreSQL Debian Repository
If the 2013-10-13 key is listed, you should upgrade the pgdg-keyring
package. Unfortunately, apt will use the second copy of the key here,
even if there is a newer one.
If it is already past that date, and you get apt warnings about
expired signatures, delete that file:
# sudo rm /etc/apt/trusted.gpg.d/apt.postgresql.org.gpg
and run "apt-get update" again.
Christoph
--
cb@df7cb.de | http://www.df7cb.de/