[Bug 256245] Re: Adept does not warn if packages are unsigned
Lee Garrett
lee-in-berlin at web.de
Wed Jan 14 23:11:50 UTC 2009
Sounds like an idea. The point I'm trying to make is that the average
user should be able to expect that the default packages that ship are in
a way safe. And cache poisoning has become a lot more common than maybe
10 years ago, as new techniques are found (think of the DNS flaw mid
2008 by Dan Kaminsky).
If upstream doesn't care about this bug, it's their decision, but it's
also Ubuntu's responsibility to decide what is safe and what is not for
Ubuntu. And if I had the voting power, I'd say this *is* a showstopper
for jaunty, and should be addressed in intrepid, too.
--
Adept does not warn if packages are unsigned
https://bugs.launchpad.net/bugs/256245
You received this bug notification because you are a member of Kubuntu
Bugs, which is subscribed to adept in ubuntu.
More information about the kubuntu-bugs
mailing list