Mailinglist Archive: opensuse-bugs (4753 mails)

[bugzilla_noreply@xxxxxxxxxx]

http://bugzilla.novell.com/show_bug.cgi?id=596037

http://bugzilla.novell.com/show_bug.cgi?id=596037#c0


           Summary: Issue warning if repo is signed with an expired key
    Classification: openSUSE
           Product: openSUSE 11.3
           Version: Milestone 4
          Platform: Other
        OS/Version: Other
            Status: NEW
          Severity: Enhancement
          Priority: P5 - None
         Component: libzypp
        AssignedTo: zypp-maintainers@xxxxxxxxxxxxxxxxxxxxxx
        ReportedBy: ma@xxxxxxxxxx
         QAContact: qa@xxxxxxx
          Found By: Community User
           Blocker: ---


---[opensuse] zypper: really no check for expiration of gpg keys?---
Meta data in OBS repo-md repositories (i.e., repomd. is usually
signed with gpg. It seems that zypper does not check expiration of
used gpg keys. (zypper 1.0.13 on openSUSE 11.1, in case that matters.)

As an example:
http://download.opensuse.org/repositories/Apache:/MirrorBrain/Apache_openSUSE_11.1/
has a key that expired at April 1, 2010; i.e., 12 days ago. (The
key has ID 0xBD6D129A and fingerprint EDDD C98D 96A0 F889 9AB0 7C78
9584 A164 BD6D 129A.)

I would have expected a warning or an error when this repository is
refreshed, but nothing as such happens.
---

-- 
Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.