Hi there!
We noticed many people have recurring (minor) issues these days while trying to upgrade their servers, for reasons external to the Yunohost project. Unfortunately, it’s not easy from our side to provide an automatic mecanism that magically solves this, and you may need to run these commands to fix the situation.
1. Downgrading libssl packages
For some reason, some libssl packages need to be downgraded (maybe related to some stories with sury).
During upgrade attempts, you will see messages such as:
The following packages will be DOWNGRADED:
libssl-doc
[...]
E: Packages were downgraded and -y was used without --allow-downgrades.
You can solve this with:
sudo apt install libssl-doc --allow-downgrades
Depending on your setup and apps installed, you may need to do the same action for packages libssl-dev and/or libssl1.1
2. Updating Sury’s expired key
Sury is an external package repository that provides recent PHP versions. Sury’s signing key recently expired and during updates attempts you may see messages containing:
W: Failed to fetch https://packages.sury.org/php/dists/buster/InRelease The following signatures were invalid: EXPKEYSIG B188E2B695BD4743 DEB.SURY.ORG Automatic Signing Key
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: https://packages.sury.org/php buster InRelease: The following signatures were invalid: EXPKEYSIG B188E2B695BD4743 DEB.SURY.ORG Automatic Signing Key
W: Some index files failed to download. They have been ignored, or old ones used instead.
You can solve this with:
sudo apt-key del 95BD4743;
wget -nv -O - https://packages.sury.org/php/apt.gpg | sudo apt-key add -
