Summary/Minutes for Wednesday's FESCo meeting (2012-12-05)
Adam Williamson
awilliam at redhat.com
Sat Dec 8 08:06:39 UTC 2012
On Fri, 2012-12-07 at 20:36 +0100, Till Maas wrote:
> On Fri, Dec 07, 2012 at 02:28:16PM -0500, Matthew Miller wrote:
> > On Fri, Dec 07, 2012 at 08:11:08PM +0100, Till Maas wrote:
> > > > * 960 - F18 schedule + the holidays (notting, 18:50:29)
> > > > * LINK: https://fedoraproject.org/wiki/JaroslavReznik/FedupF18Final -
> > > > not updated yet (jreznik, 18:58:15)
> > > > * AGREED: Do not block on fedup signature checking (not a regression)
> > > > (+:7, -:0, 0:0) (notting, 19:08:47)
> > > how is not providing a supported way to do secure upgrade of Fedora not
> > > a regression? It is a big disappointment that Fedora is more and more
> >
> > I assume because Anaconda has never done this. (Our dear old friend bug
> > #998.)
>
> Anaconda only needs to do this, if it is used for network installs. But
> it was always possible to verify the DVD image and use the verified
> packages from there: https://fedoraproject.org/verify
>
> Some people even bothered to change the process from using MD5 or SHA1
> to using SHA256 in the past.
fedup is supposed to support using a DVD image as a package source,
though I'm not sure of the current status of that.
--
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Twitter: AdamW_Fedora | identi.ca: adamwfedora
http://www.happyassassin.net
More information about the devel
mailing list