https://bugzilla.novell.com/show_bug.cgi?id=868440 https://bugzilla.novell.com/show_bug.cgi?id=868440#c0 Summary: rpm verifies but still continues if the signature's key is missing Classification: openSUSE Product: openSUSE 13.1 Version: Final Platform: Other OS/Version: Other Status: NEW Severity: Normal Priority: P5 - None Component: Basesystem AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: jnelson-suse@jamponi.net QAContact: qa-bugs@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:27.0) Gecko/20100101 Firefox/27.0 See here: http://forums.opensuse.org/showthread.php/496213-zypper-up-found-no-key-but-... I'm not a participant in that thread, but I feel very very strongly about this. IMO, it's unacceptable that zypper would install an rpm without a known valid signature. At the very least, this should be a configurable setting or a yes/no question from zypper. Reproducible: Always Steps to Reproduce: 1. 2. 3. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.