Hi All, Ignore below noise. I was doing the verify on the compressed file and in this case it didn't like that. I uncompressed the source file and redid the signature verification and got a good signature but with the note that it has expired. Regards, Adolf. On 14/07/2021 15:00, Adolf Belka wrote: > Hi All, > > I am looking to update the tftpd add-on. The existing version, 0.48, is from 2007. The most up to date version, 5.2, is from 2011. > > When I run gpg to verify the package signature I get the following response:- > > gpg: Signature made Sun 11 Dec 2011 23:14:47 CET > gpg:                using RSA key 88AE647D58F7ABFE > gpg: BAD signature from "H. Peter Anvin (kernel.org file signing key) " [expired] > > I suspect that this is due to the key being from 2011 or earlier. > > It looks like there might be a couple of bug fixes in the changelog but I am not sure how important they might be:- > > Changes in 5.2: >     Fix breakage on newer Linux when a single interface has >     multiple IP addresses. > Changes in 5.1: >     Add -P option to write a PID file.  Patch by Ferenc Wagner. >     Bounce the syslog socket in standalone mode, in case the >     syslog daemon has been restarted.  Patch by Ferenc Wagner. >     Build fixes. >     Fix handling of block number wraparound after a successful >     options negotiation. >     Fix a buffer overflow in option parsing. > Changes in 5.0: >     Try to on platforms with getaddrinfo() without AI_ADDRCONFIG or >     AI_CANONNAME. >     Implement the "rollover" option, for clients which want block >     number to rollover to anything other than zero. >     Correctly disable PMTU in standalone mode.  Patch by Florian >     Lohoff. > Changes in 0.49: >     Add IPv6 support.  Patch by Karsten Keil. >     Support systems with editline instead of readline. >     Support long options in the server. > > Unless someone comes back and suggests something different, I will leave tftpd as it currently is. > > > Regards, > > Adolf >