summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--NEWS2
-rw-r--r--urpm/signature.pm3
2 files changed, 5 insertions, 0 deletions
diff --git a/NEWS b/NEWS
index e257f927..a5083434 100644
--- a/NEWS
+++ b/NEWS
@@ -1,6 +1,8 @@
- decrease total package count when some files are missing
- fix installing a package if user acks bogus signature
(regression introduced in 7.0)
+- security:
+ o warn about missing signatures on packages from media without signatures
Version 7.3 - 24 August 2012
diff --git a/urpm/signature.pm b/urpm/signature.pm
index 235867bf..7852e0f0 100644
--- a/urpm/signature.pm
+++ b/urpm/signature.pm
@@ -31,6 +31,9 @@ sub _check {
if ($verif =~ /NOT OK/) {
$verif =~ s/\n//g;
$invalid_sources{$filepath} = N("Invalid signature (%s)", $verif);
+ } elsif ($verif =~ /OK \(\(none\)\)/ ) {
+ $verif =~ s/\n//g;
+ $invalid_sources{$filepath} = N("Missing signature (%s)", $verif);
} else {
unless ($medium && urpm::media::is_valid_medium($medium) &&
$medium->{start} <= $id && $id <= $medium->{end})
generated by cgit v1.2.1 (git 2.21.0) at 2024-06-30 22:49:16 +0000