31 Aug
2000
31 Aug
'00
20:50
Hi, Sorry to bring this up here but I recently downloaded a bunch of rpms for security updates from the SuSE ftp server. I noticed that Marc/Thomas/Roman always give the checksums in their advisories. But sometimes the relevant rpms are later updated without a new MD5 being included. I imagine in some cases these updates do not originate with the security dept. However, security guys -- I think you do a great job, btw -- perhaps you could make it a company policy that all packages on the ftp server have checksums -- perhaps in the index file in each folder? And perhaps this could then be PGP signed? Thanks Corvin