http://bugzilla.novell.com/show_bug.cgi?id=625383 http://bugzilla.novell.com/show_bug.cgi?id=625383#c0 Summary: Update repositories not trusted Classification: openSUSE Product: openSUSE 11.3 Version: Final Platform: Other OS/Version: Other Status: NEW Severity: Normal Priority: P5 - None Component: Basesystem AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: lkundrak@v3.sk QAContact: qa@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.4) Gecko/20100622 Fedora/3.6.4-2.fc14 Firefox/3.6.4 I booted off a OpenSUSE 11.3 live GNOME media and run zypper up: Run "zypper in osc" and got this: File 'content' from repository 'openSUSE-11.3-Oss' is signed with an unknown key 'B88B2FD43DBDC284'. Continue? [yes/no] (no): yes The public keys should probably be shipped with distribution (it is the case for at least Fedora), otherwise the user can not be sure about the validity of the updates which can be considered a security flaw. Reproducible: Always Steps to Reproduce: 1. 2. 3. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.