Loading...

Linking RHIVOS CVEs to...

Migration: Automation ...

SWIFT: POC Conversion

Sync from "Extern...

XML

Word

Printable

Type: Bug
Resolution: Done-Errata
Priority: Major
Fix Version/s: rhel-10.0
Affects Version/s: rhel-10.0
Component/s: redhat-release
Labels:
None

Fixed in Build:
redhat-release-10.0-20.el10
Regression:
No
Severity:
Low

AssignedTeam:
rhel-emerging

Internal Target Milestone:
10
Story Points:
None
ACKs Check:

QE ack, Dev ack
Blocked:
False
Ready:
False
Blocked Reason:

Hide

None

Show
None
Product Documentation Required:
None
Sprint:
None

Preliminary Testing:
None
Errata Link:
https://errata.engineering.redhat.com/advisory/139305
Test Coverage:
None

Experience:

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Planning:
None

RHEL Containers on Konflux plan to introduce a new signing method in addition to traditional gpg signing for images published to registry.redhat.io and registry.access.redhat.com

A new signing key was generated for this service and passed review in SIGNSERVER-1394

To allow for verification on installed RHEL machines, we need to ship the public key component in redhat-release so that the container stack can include it in its policy.

This is currently scoped only to RHEL 10.0 GA, other releases may or may not introduce cosign validation at a later time.

links to

RHBA-2024:139305 redhat-release bug fix and enhancement update

Assignee:: Brian Stinson

Reporter:: Brian Stinson

Developer:: Troy Dawson

QA Contact:: Release Test Team

Votes:: 0 Vote for this issue

Watchers:: 7 Start watching this issue

Created:: 2024/10/22 12:52 AM

Updated:: 2025/05/13 8:01 AM

Resolved:: 2025/05/13 8:01 AM

Target end:: 2024/10/28

Next Planned Release Date:: 2025/05/13

Release Date:: 2025/05/13

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates

Hide