Package Details: firefox-nightly 71.0a1.20190904-1

Git Clone URL: https://aur.archlinux.org/firefox-nightly.git (read-only)
Package Base: firefox-nightly
Description: Standalone Web Browser from Mozilla — Nightly build (en-US)
Upstream URL: https://www.mozilla.org/en-US/firefox/nightly
Keywords: browser gecko web
Licenses: GPL, MPL, LGPL
Submitter: None
Maintainer: ArchangeGabriel
Last Packager: ArchangeGabriel
Votes: 559
Popularity: 1.895811
First Submitted: 2008-09-10 14:23
Last Updated: 2019-09-04 19:29

Required by (1)

Sources (8)

Pinned Comments

ArchangeGabriel commented on 2017-06-15 12:42

If you face this:

==> Verifying source file signatures with gpg... yyyymmdd-firefox-xx.0a1.en-US.linux-${CARCH}.tar.bz2 ... FAILED (unknown public key BBBEBDBB24C6F355)

Please read this.

Short answer:

gpg --recv-key 0x61B7B526D98F0353

If you face this:

==> Verifying source file signatures with gpg... yyyymmdd-firefox-xx.0a1.en-US.linux-${CARCH}.tar.bz2 ... FAILED (bad signature from public key BBBEBDBB24C6F355)

Then just retry later (~1h), this is a CDN caching issue.

Latest Comments

« First ‹ Previous ... 3 4 5 6 7 8 9 10 11 12 13 ... Next › Last »

ArchangeGabriel commented on 2017-08-13 17:37

@ChoromPotro What are you trying to say with this OOD flag?

NdranC commented on 2017-08-09 13:40

I managed to install the key manually. I don't know why I'm not able to fetch any public key remotely as far as I can tell. Searching for this issue the last couple hours seems to have been futile. Thanks for your help.

ArchangeGabriel commented on 2017-08-09 08:53

Are you able to retrieve any other key? If not, take a look at fixing your gnupg setup.

NdranC commented on 2017-08-09 02:09

I have tried every single command linked in the last 10 comments and none of them worked for me. The error I get with every single one of them is:

gpg: keyserver receive failed: Server indicated a failure

Any ideas on why it works for some people and it doesn't for others? I can't even update my firefox-beta either because of a similar "integrity checking" issue.

EDIT: Don't know if it matters but the exact error I get when I try to install firefox-nightly doesn't mention exfalso. Here it is:

==> Verifying source file signatures with gpg...
20170808-firefox-57.0a1.en-US.linux-x86_64.tar.bz2 ... FAILED (unknown public key BBBEBDBB24C6F355)
==> ERROR: One or more PGP signatures could not be verified!
:: failed to verify firefox-nightly integrity

repo commented on 2017-08-08 16:09

gpg --delete-key 0x61B7B526D98F0353
gpg --recv-key 0x61B7B526D98F0353

Worked for me.

ArchangeGabriel commented on 2017-08-08 10:01

Once again, they didn’t change their key, only a sub key, so refreshing you’re existing one should work.

The master key you’re looking for is 0x61B7B526D98F0353: https://pgp.mit.edu/pks/lookup?op=vindex&search=0x61B7B526D98F0353

You can see the former subkey that expired (1C69C4E55E9905DB) and the new one that is now used (BBBEBDBB24C6F355).

Can you try `gpg --recv-keys --keyserver hkp://pgp.mit.edu 0xBBBEBDBB24C6F355` or `gpg --recv-keys --keyserver hkp://pgp.mit.edu 0x61B7B526D98F0353`?

And please be more specific with “does not work”, they are a lot of possibles issues.

t-ask commented on 2017-08-08 09:44

This works ==> "gpg --recv-key --keyserver hkp://gpg.mozilla.org 0xBBBEBDBB24C6F355" (don't forget the leading "0x")

Their key seems to be stored on their gpg server https://gpg.mozilla.org/pks/lookup?op=get&search=0xBBBEBDBB24C6F355 while I wonder where I can read an official statement that they changed their key. Searching for that key gave me no results. Any ideas?

Tromzy commented on 2017-08-08 08:58

Neither does "gpg --recv-keys --keyserver hkp://pgp.mit.edu BBBEBDBB24C6F355".

Tromzy commented on 2017-08-08 08:57

"gpg --recv-key 0x1C69C4E55E9905DB " does not work.

ArchangeGabriel commented on 2017-08-07 20:14

@Fingel: No, it was added a while ago. However, Mozilla rotated their keys recently. Strictly speaking, you should be fine with a `gpg --refresh-keys` if you had the key before.