Project

Profile

Help

Story #8523

When syncing content from a remote, GPG signatures are checked

Added by cottsay 8 days ago. Updated 8 days ago.

Status:
NEW
Priority:
Normal
Assignee:
-
Sprint/Milestone:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Platform Release:
Groomed:
No
Sprint Candidate:
No
Tags:
Sprint:
Quarter:

Description

As it stands, the remote repository sync process makes no effort to verify the GPG signature of packages or metadata in the remote repository.

RPM repositories can sign the repository metadata, the individual packages, or both.

History

#1 Updated by daviddavis 8 days ago

  • Project changed from Pulp to RPM Support

Please register to edit this issue

Also available in: Atom PDF