id,summary,reporter,owner,description,type,status,priority,milestone,component,version,severity,resolution,keywords,cc 1167,Windows installer signatured with wrong private key?,mosesofmason,Samuli Seppänen,"The WINDOWS INSTALLER file [0] looks like signed by an unknown key instead of being signed with the ""Security mailing list GPG key"" as stated in the ""GnuPG Public Key"" page [2]. The current key signed the file is using RSA key 82175D35AA8D0E8BDE5F4F9E5DC351805ACFEAC6 which does not match the ""Security mailing list GPG key"". Please check if this is a mistake or a security exploit. [0] https://swupdate.openvpn.org/community/releases/openvpn-install-2.4.7-I603.exe [1] https://openvpn.net/community-resources/sig/",Bug / Defect,closed,critical,,Packaging,,"Not set (select this one, unless your'e a OpenVPN developer)",fixed,,