Bug#579028: pbuilder: installs untrusted packages without asking
Simon Ruderich
simon at ruderich.org
Tue Mar 6 01:59:25 UTC 2012
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On Tue, Mar 06, 2012 at 02:29:25AM +0100, Simon Ruderich wrote:
> I tested it with the official Debian repository, signed and
> unsigned local repositories and it works fine for me. But I'm
> only a "normal" pbuilder user, so I might have missed something.
> Please test the patch.
Just noticed that I overlooked the last few messages. My patch
doesn't fix these usecases, disabling the check works though.
Regards,
Simon
- --
+ privacy is necessary
+ using gnupg http://gnupg.org
+ public key id: 0x92FEFDB7E44C32F9
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iQIcBAEBCAAGBQJPVW99AAoJEJL+/bfkTDL50a0P/1iJ2tjgTCBxgnj7I3F2a0Dy
LkfUalxy+mgC1y3cFFhHofVAZWjzFY8OniAPCcQdv2hRj7OAGwvwTKpk2gcwhDeH
MLti5cmdF8W2+AFRmym/e63mc0HOi4EEhiHlV6zuP+Hr366dosvHuR1ZYWPiOmPe
MTc3hbCv0KBWrJeYe8AsKZP7FHSn0+T3/pvPKIfG+P5NweGQOMt/hmdmptHO88Hw
BlB1bbvKX1C78hyOQnWEOZhZljWLF6bttGvqpZPzyssII8JlyunLOGNixy3otzZj
fMDhv0p0OUNoIfbZL1WybqOk1vuQ5YyeIUC+7KDHTzK5EJmwbRX8UOfMhJ0mZZgI
K5M17d+po3Cbtyw/asJUMfVJ7ontdKzK4FahojoICJh0ybaJ1i5GHscgCQMOnYtb
cPxsyS3SArArI8q2wk1JuBk0+DSk7Rx5UfxGpVxNvCY6IbSMieSc/Yakct1+vbEn
K0o1nRg9G4IZnnppDrchLdIF8gJB5uynS5hERiIQzsmDMUOr5+YpWY3ujpkYD/Vd
gWEVaNz/Tg6T6DLJToU/zy4BpnGiNJWY9D12fA1w1ty/lI4ZrjHp7LMkYO2f0gC1
PyNEw6Xe4XVa8aEdwWo4iSPOypl/eGVvzpvX35KWMAgR2EK/uo84Wv8OpPWF76pm
+YVcWXbHzENONikzyTsl
=atNi
-----END PGP SIGNATURE-----
More information about the Pbuilder-maint
mailing list