Bug#610712: [devscripts] Allow to check cryptographic signatures

Franz Schrober franzschrober at yahoo.de
Wed Sep 26 09:10:33 UTC 2012

Previous message: Bug#688843: licensecheck: detect BDS-3-clause as BSD-2-clause
Next message: devscripts 2.12.4 MIGRATED to testing
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

http://www.phpmyadmin.net/home_page/security/PMASA-2012-5.php clearly shows the problematic situation of not having cryptographic signatures or tools to check it offline. This could easily break the trust chain and therefore introduce backdoors in Debian even when upstream and Debian packagers didn't do anything wrong.

Previous message: Bug#688843: licensecheck: detect BDS-3-clause as BSD-2-clause
Next message: devscripts 2.12.4 MIGRATED to testing
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the devscripts-devel mailing list