Zoom has updated their RPM signing key on November 1, 2022:
In November 2022, Zoom is retiring the current key pair used to sign the Zoom desktop client for Linux, which customers can use to validate the Zoom desktop client. Users must download the new public key before attempting to upgrade to version 5.12.6, otherwise they will be unable to install this update. Prior versions (before 5.12.6) will not be impacted.
For versions 5.12.6 and higher, the Linux and Docker GPG signature thumbprint will change from “Key fingerprint: 3960 60CA DD8A 7522 0BFC B369 B903 BF18 61A7 C71D” to “Key fingerprint: 59C8 6188 E22A BB19 BD55 4047 7B04 A1B8 DD79 B481”.
The new key has a different URL:
| Version | Zoom RPM signing key URL |
|---|---|
| Older | https://zoom.us/linux/download/pubkey |
| v5.12.6+ | https://zoom.us/linux/download/pubkey?version=5-12-6 |
Fingerprint of new key:
$ gpg --show-keys <(curl -s https://zoom.us/linux/download/pubkey?version=5-12-6)
pub rsa4096 2022-08-18 [SC]
59C86188E22ABB19BD5540477B04A1B8DD79B481
uid Zoom Video Communications, Inc. <CryptoOpsCodeSignProd@zoom.us>
sub rsa2048 2022-08-18 [A]
sub rsa2048 2022-08-18 [E]
The last 16 hex chars of the fingerprint match the key id of the zoom-5.12.6.173-1.rpm package.
My dnf update was successful after importing the new key.
sudo rpm --import https://zoom.us/linux/download/pubkey?version=5-12-6
sudo dnf update
Should remove the old key:
rpm -q gpg-pubkey --qf '%{name}-%{version}-%{release} %{summary}\n' | grep -F zoom
sudo rpm --erase gpg-pubkey-61a7c71d-55740c4b
rpm -q gpg-pubkey --qf '%{name}-%{version}-%{release} %{summary}\n' | grep -F zoom