a silly question, how do you understand that a package is signed in any repo?? apart from the warning of dnf, of course....
Antonio Montagnani
Linux Fedora 24 (Workstation) inviato da Gmail
2016-06-22 6:31 GMT+02:00 Ed Greshko ed.greshko@greshko.com:
On 06/22/16 12:27, Samuel Sieb wrote:
On 06/21/2016 09:12 PM, Ed Greshko wrote:
On 06/22/16 11:59, Gordon Messmer wrote:
I'll admit that the risk is hypothetical, but what does rpmfusion's
flux
have to do with the risk of allowing unsigned packages?
It was only one package that was unsigned, and it came from rpmfusion,
and they are in the
middle of putting up an new infrastructure. So not unthinkable a
package had slipped thru
unsigned.
dnf stops at the first unsigned package. All the rpmfusion F24 packages
are currently
in the updates-testing repository and are unsigned.
Right, and that is why I suggested I should have disable just the rpmfusion check.
In any event.... If you are worried, don't upgrade. If you're not worried, upgrade. Your choice.
-- You're Welcome Zachary Quinto -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://lists.fedoraproject.org/admin/lists/users@lists.fedoraproject.org Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org