Mailinglist Archive: opensuse-security (109 mails)

< Previous Next >
Re: SUSE Security Announcement: gpg,liby2util signature checking problems (SUSE-SA:2006:013)
  • From: Malte Gell <malte.gell@xxxxxx>
  • Date: Mon, 6 Mar 2006 19:28:22 +0100
  • Message-id: <200603061928.23272.malte.gell@xxxxxx>
On Monday 06 March 2006 18:59, Markus Gaugusch wrote:
> On Mar 6, Malte Gell <malte.gell@xxxxxx> wrote:

> > > This also proofs that at least on the common mirrors
> > > (ftp.gwdg.de, sometimes ftp.leo.org I think, and lately also
> > > suse.inode.at) no manipulated package were placed.
> >
> > Why is this a matter of what mirror one choses? I thought it´s only
> > a matter of how YOU or your fou4s checks the signatures?

> If I was running fou4s on a specific mirror and have not noticed any
> faulty packages, one could assume that this mirror was "clean".

Of course... I forgot fou4s just uses the standard patch notifications
provided by SUSE and so faulty packages would have been detected.
Clever ;-)

Malte

< Previous Next >