diff options
-rw-r--r-- | NEWS | 1 | ||||
-rw-r--r-- | urpm/signature.pm | 4 |
2 files changed, 5 insertions, 0 deletions
@@ -3,6 +3,7 @@ (regression introduced in 7.0) - security: o warn about missing signatures on packages from media without signatures + o warn when signature checking is disabled per medium Version 7.3 - 24 August 2012 diff --git a/urpm/signature.pm b/urpm/signature.pm index 7852e0f0..b70f5a99 100644 --- a/urpm/signature.pm +++ b/urpm/signature.pm @@ -47,6 +47,10 @@ sub _check { #- no medium found for this rpm ? next if !$medium; #- check whether verify-rpm is specifically disabled for this medium + if (defined $medium->{'verify-rpm'} && !$medium->{'verify-rpm'}) { + $urpm->{log}(N("NOT checking %s\n", $filepath)); + next; + } next if defined $medium->{'verify-rpm'} && !$medium->{'verify-rpm'}; my $key_ids = $medium->{'key-ids'} || $urpm->{options}{'key-ids'}; |