Mailinglist Archive: zypp-commit (223 mails)

< Previous Next >
[zypp-commit] r10497 - in /branches/SuSE-Linux-11_0-Branch/libzypp: VERSION.cmake package/libzypp.changes zypp/KeyRing.cc
  • From: mlandres@xxxxxxxxxxxxxxxx
  • Date: Fri, 04 Jul 2008 15:42:38 -0000
  • Message-id: <20080704154239.093689E03A@xxxxxxxxxxxxxxxx>
Author: mlandres
Date: Fri Jul 4 17:42:38 2008
New Revision: 10497

URL: http://svn.opensuse.org/viewcvs/zypp?rev=10497&view=rev
Log:
Also check if the fingerprint matches before importing updated keys. (bnc
#393160)

Modified:
branches/SuSE-Linux-11_0-Branch/libzypp/VERSION.cmake
branches/SuSE-Linux-11_0-Branch/libzypp/package/libzypp.changes
branches/SuSE-Linux-11_0-Branch/libzypp/zypp/KeyRing.cc

Modified: branches/SuSE-Linux-11_0-Branch/libzypp/VERSION.cmake
URL:
http://svn.opensuse.org/viewcvs/zypp/branches/SuSE-Linux-11_0-Branch/libzypp/VERSION.cmake?rev=10497&r1=10496&r2=10497&view=diff
==============================================================================
--- branches/SuSE-Linux-11_0-Branch/libzypp/VERSION.cmake (original)
+++ branches/SuSE-Linux-11_0-Branch/libzypp/VERSION.cmake Fri Jul 4 17:42:38
2008
@@ -47,4 +47,4 @@
SET(LIBZYPP_MAJOR "4")
SET(LIBZYPP_MINOR "26")
SET(LIBZYPP_COMPATMINOR "24")
-SET(LIBZYPP_PATCH "6")
+SET(LIBZYPP_PATCH "7")

Modified: branches/SuSE-Linux-11_0-Branch/libzypp/package/libzypp.changes
URL:
http://svn.opensuse.org/viewcvs/zypp/branches/SuSE-Linux-11_0-Branch/libzypp/package/libzypp.changes?rev=10497&r1=10496&r2=10497&view=diff
==============================================================================
--- branches/SuSE-Linux-11_0-Branch/libzypp/package/libzypp.changes (original)
+++ branches/SuSE-Linux-11_0-Branch/libzypp/package/libzypp.changes Fri Jul 4
17:42:38 2008
@@ -1,7 +1,15 @@
-------------------------------------------------------------------
+Fri Jul 4 17:19:24 CEST 2008 - ma@xxxxxxx
+
+- Also check if the fingerprint matches before importing updated keys.
+ (bnc #393160)
+- version 4.26.7
+- revision 10497
+
+-------------------------------------------------------------------
Fri Jun 27 16:16:50 CEST 2008 - ma@xxxxxxx

-- Invoke gpg with --homdir, otherwise command fails if executed
+- Invoke gpg with --homdir, otherwise command fails if executed
within a wrapper. (bnc #401259)
- version 4.26.6
- revision 10480
@@ -9,7 +17,7 @@
-------------------------------------------------------------------
Fri Jun 20 15:31:57 CEST 2008 - ma@xxxxxxx

-- Fix permanent duplication of gpg keys in the rpm database. Also
+- Fix permanent duplication of gpg keys in the rpm database. Also
retrieve correct creation and expire dates. (bnc #401259)
- version 4.26.5
- revision 10432
@@ -18,14 +26,14 @@
Thu Jun 19 17:46:04 CEST 2008 - ma@xxxxxxx

- Handle new patch messages and scripts in commit. Provide callbacks
- to display the patch messages and give visual feedback on script
+ to display the patch messages and give visual feedback on script
execution. (bnc #401220)
- revision 10410

-------------------------------------------------------------------
Tue Jun 10 15:55:31 CEST 2008 - ma@xxxxxxx

-- Allow to abort commit during package deletion. (bnc #389238)
+- Allow to abort commit during package deletion. (bnc #389238)
- revision 10367

-------------------------------------------------------------------
@@ -53,7 +61,7 @@
-------------------------------------------------------------------
Wed Jun 4 13:50:13 CEST 2008 - ma@xxxxxxx

-- Fix memory corruption in curl media handler (bnc #396979)
+- Fix memory corruption in curl media handler (bnc #396979)
- version 4.26.2
- revision 10336

@@ -61,7 +69,7 @@
Tue Jun 3 19:44:59 CEST 2008 - ma@xxxxxxx

- Take care satsolver recognizes 'Capability( "srcpackage:zypper" )'
- as 'source package named zypper'. So these capabilities can be used
+ as 'source package named zypper'. So these capabilities can be used
together with sat::Whatprovides or in resolver requests. (bnc #369893)
- version 4.26.1
- revision 10333
@@ -69,7 +77,7 @@
-------------------------------------------------------------------
Mon Jun 2 17:57:22 CEST 2008 - ma@xxxxxxx

-- Allow to skip/abort failed package removal. (bnc #226041)
+- Allow to skip/abort failed package removal. (bnc #226041)
- revision 10319

-------------------------------------------------------------------
@@ -77,7 +85,7 @@

- import newer keys if a trusted key is updated
(bnc#393160)
-- add message attribute to patches.
+- add message attribute to patches.
- 4.26.0

-------------------------------------------------------------------
@@ -121,7 +129,7 @@

- SOLVER_ERASE_SOLVABLE_NAME: As we do not know, if this request has come
from resolvePool or resolveQueue we will have to take care for both
- cases. (bnc#393969)
+ cases. (bnc#393969)
- r 10252

-------------------------------------------------------------------
@@ -140,7 +148,7 @@

- Do not regard packages with the same name while upgrading obsoleted
packages (bnc#394367)
-- r 10219
+- r 10219

-------------------------------------------------------------------
Sat May 24 01:23:44 CEST 2008 - dmacvicar@xxxxxxx
@@ -160,16 +168,16 @@
-------------------------------------------------------------------
Fri May 23 14:42:34 CEST 2008 - schubi@xxxxxxx

-- Added IgnoreAlreadyRecommended flag. So recomments/suggest will
+- Added IgnoreAlreadyRecommended flag. So recomments/suggest will
be ignored for already INSTALLED packages (bnc #389694)
-- r 10202
+- r 10202

-------------------------------------------------------------------
Fri May 23 10:22:47 CEST 2008 - schubi@xxxxxxx

- Packages which obsoletes and do NOT required other installed
packages will be installed if no other packages obsolete the installed
package too.
-- r 10196
+- r 10196

-------------------------------------------------------------------
Thu May 22 02:22:29 CEST 2008 - dmacvicar@xxxxxxx
@@ -189,13 +197,13 @@
-------------------------------------------------------------------
Wed May 21 11:37:23 CEST 2008 - schubi@xxxxxxx

-- added onlyRequires in the testcase (bnc #389184)
+- added onlyRequires in the testcase (bnc #389184)

-------------------------------------------------------------------
Tue May 20 12:12:27 CEST 2008 - jreidinger@xxxxxxx

- allow installation and refreshing from repository with alias that
- contains ' or " (bnc #392426)
+ contains ' or " (bnc #392426)
- r10158

-------------------------------------------------------------------
@@ -208,7 +216,7 @@
Mon May 19 18:13:19 CEST 2008 - schubi@xxxxxxx

- Resetting Delete Details in ResStatus correctly (bnc #391785)
-- r 10145
+- r 10145

-------------------------------------------------------------------
Mon May 19 11:47:06 CEST 2008 - dmacvicar@xxxxxxx
@@ -222,7 +230,7 @@

- Added new calls : isInstalledBy (const PoolItem item);
installs (const PoolItem item);
-- r 10125
+- r 10125
- 4.23.0

-------------------------------------------------------------------
@@ -236,22 +244,22 @@
Fri May 16 09:59:09 CEST 2008 - jreidinger@xxxxxxx

- throw more describing exception when repo probing failed
- (bnc #389690)
+ (bnc #389690)
- revision 10118

-------------------------------------------------------------------
Thu May 15 15:15:59 CEST 2008 - jreidinger@xxxxxxx

- allow call only merge old locks and newly added/removed without
- saving it to file
-- -revision 10104
+ saving it to file
+- -revision 10104

-------------------------------------------------------------------
Tue May 13 17:37:11 CEST 2008 - dmacvicar@xxxxxxx

- report non packages as keep installed if satisfied to the
user interace (Selectables)
-- 4.21.3
+- 4.21.3

-------------------------------------------------------------------
Tue May 13 15:50:28 CEST 2008 - jkupec@xxxxxxx
@@ -287,11 +295,11 @@
-------------------------------------------------------------------
Fri May 9 21:28:42 CEST 2008 - ma@xxxxxxx

-- Add zypp.conf option configdir (/etc/zypp) and arrange
+- Add zypp.conf option configdir (/etc/zypp) and arrange
all config files and directories to follow {configdir}
per default.
-- Fix zypp-query-pool to print satisfied products and additional
- products defined in {configdir}/products.d for registration.
+- Fix zypp-query-pool to print satisfied products and additional
+ products defined in {configdir}/products.d for registration.
(bnc #385868)
- version 4.21.0
- revision 10029
@@ -299,7 +307,7 @@
-------------------------------------------------------------------
Fri May 9 15:30:40 CEST 2008 - jreidinger@xxxxxxx

-- implement remove duplicate entries in lock file (bnc#385967)
+- implement remove duplicate entries in lock file (bnc#385967)

-------------------------------------------------------------------
Fri May 9 15:15:32 CEST 2008 - ma@xxxxxxx
@@ -317,7 +325,7 @@
-------------------------------------------------------------------
Thu May 8 16:33:37 CEST 2008 - ma@xxxxxxx

-- Support optional root argument to RepoManagerOptions, to prefix all
+- Support optional root argument to RepoManagerOptions, to prefix all
path names taken from ZConfig. (bnc #388265)
- version 4.20.0
- revision 9993
@@ -326,19 +334,19 @@
Thu May 8 14:21:51 CEST 2008 - schubi@xxxxxxx

- new solution action for removing requirements/conflicts (bnc #387631)
-- revision 9988
+- revision 9988

-------------------------------------------------------------------
Thu May 8 10:56:49 CEST 2008 - ma@xxxxxxx

-- Provide enumerated patch category 'Patch::categoryEnum()' (bnc #159100)
+- Provide enumerated patch category 'Patch::categoryEnum()' (bnc #159100)
- revision 9984

-------------------------------------------------------------------
Wed May 7 13:52:24 CEST 2008 - schubi@xxxxxxx

- DistUpgrade: searching for providers -> regarding name onl
-- r 9977
+- r 9977

-------------------------------------------------------------------
Tue May 6 17:35:59 CEST 2008 - dmacvicar@xxxxxxx
@@ -361,17 +369,17 @@
-------------------------------------------------------------------
Mon May 5 09:55:29 CEST 2008 - schubi@xxxxxxx

-- Switch off the upgrade mode of the
- SAT solver cause the packages have already been evaluated by
+- Switch off the upgrade mode of the
+ SAT solver cause the packages have already been evaluated by
the distupgrade machanism of libzypp. (bnc #386375)
-- rev 9943
+- rev 9943

-------------------------------------------------------------------
Fri May 2 16:36:04 CEST 2008 - jreidinger@xxxxxxx

- release file after copy to cache as soon as possible.
(bnc #381311)
-- r9940
+- r9940

-------------------------------------------------------------------
Fri May 2 16:28:05 CEST 2008 - schubi@xxxxxxx
@@ -379,28 +387,28 @@
- Bugfix: keep states by user has been removed it the
package has not been installed BUT has been recommended by another package.
(bnc #385832)
-- rev 9938
+- rev 9938

-------------------------------------------------------------------
Fri May 2 12:19:22 CEST 2008 - jreidinger@xxxxxxx

- add isLocal function to Url which say if scheme is local or
- internet.
+ internet.
- r9932

-------------------------------------------------------------------
Fri May 2 09:36:18 CEST 2008 - jreidinger@xxxxxxx

- cache decision for repository depend on his url.
-- http,ftp and smb cache packages.
+- http,ftp and smb cache packages.
- revision 9929

-------------------------------------------------------------------
Thu May 1 00:50:51 CEST 2008 - ma@xxxxxxx

- Load and maintain persistent hard locks stored in /etc/zypp/locks.
- Locks are loaded together with the target, and changes are writen
- back on commit. zypp.conf option locksfile.apply can be used to turn
+ Locks are loaded together with the target, and changes are writen
+ back on commit. zypp.conf option locksfile.apply can be used to turn
this feature on or off. (FATE #120352)
- version 4.18.0
- revision 9927
@@ -408,7 +416,7 @@
-------------------------------------------------------------------
Wed Apr 30 16:27:49 CEST 2008 - ma@xxxxxxx

-- Add zypp.conf option solvfilesdir: Path where the repo solv files
+- Add zypp.conf option solvfilesdir: Path where the repo solv files
are created. Default value: {cachedir}/solv.
- Target and repositories now save their solvfiles below {solvfilesdir}
in directories named after the repositories alias.
@@ -425,7 +433,7 @@
Tue Apr 29 16:37:19 CEST 2008 - schubi@xxxxxxx

- cleanup in return values of doUpgrade and doUpdate
-- r9886
+- r9886
- 4.17.0

-------------------------------------------------------------------
@@ -443,7 +451,7 @@
-------------------------------------------------------------------
Mon Apr 28 15:25:46 CEST 2008 - schubi@xxxxxxx

-- added translations
+- added translations

-------------------------------------------------------------------
Mon Apr 28 11:15:47 CEST 2008 - jkupec@xxxxxxx
@@ -454,7 +462,7 @@
-------------------------------------------------------------------
Fri Apr 25 16:12:12 CEST 2008 - ma@xxxxxxx

-- Prevent target::unload from creating a system repo in order
+- Prevent target::unload from creating a system repo in order
to unload it. (bnc 382297)
- version 4.15.2
- revision 9822
@@ -462,9 +470,9 @@
-------------------------------------------------------------------
Fri Apr 25 14:15:17 CEST 2008 - ma@xxxxxxx

-- Prevent deselected or deleted items from being re-selected due to
- recommends (aka. persistent soft locks). Unlike hard locked, those
- items will be automatically selected if required. The list of soft
+- Prevent deselected or deleted items from being re-selected due to
+ recommends (aka. persistent soft locks). Unlike hard locked, those
+ items will be automatically selected if required. The list of soft
locked items is stored in /var/lib/zypp/SoftLocks.
- version 4.15.1
- revision 9818
@@ -480,9 +488,9 @@
-------------------------------------------------------------------
Wed Apr 23 21:12:56 CEST 2008 - ma@xxxxxxx

-- Support dependencies requiring a specific architecture:
- "name[.arch] [op edition]". See class Capability for details
- about how to construct dependencies. (bnc #305445)
+- Support dependencies requiring a specific architecture:
+ "name[.arch] [op edition]". See class Capability for details
+ about how to construct dependencies. (bnc #305445)
- version 4.15.0
- revision 9805

@@ -497,7 +505,7 @@

- change locks api -
- make more functions const
-- replace add/remove by selectable to add/remove by ident or name and kind
+- replace add/remove by selectable to add/remove by ident or name and kind
- rename iterator to const_iterator to avoid confusion
- revision 9781

@@ -505,7 +513,7 @@
Tue Apr 22 13:55:14 CEST 2008 - schubi@xxxxxxx

- Do architecture changes while "dup" in the external distribution
- upgrade ONLY. bnc #382274
+ upgrade ONLY. bnc #382274
- Added "ignore" to the solutions
- Added "self-conflicts" to the solution
- added new solver mechanism "resolveQueue"
@@ -522,8 +530,8 @@
-------------------------------------------------------------------
Mon Apr 21 15:38:10 CEST 2008 - ma@xxxxxxx

-- Added Target::release(), returning the targets distribution
- release string.
+- Added Target::release(), returning the targets distribution
+ release string.
- revision 9761

-------------------------------------------------------------------
@@ -549,7 +557,7 @@
-------------------------------------------------------------------
Wed Apr 16 15:00:19 CEST 2008 - ma@xxxxxxx

-- Disable fast creation of @System.solv. It may produce wrong results
+- Disable fast creation of @System.solv. It may produce wrong results
e.g. after a rebuilddb.
- version 4.13.1
- revision 9666
@@ -569,7 +577,7 @@
- save do nothing if no locks added/removed
- fix bug with multiple save lock
- don't save same query multiple times
-- improve tests
+- improve tests
- revision 9644

-------------------------------------------------------------------
@@ -578,7 +586,7 @@
- added new translations
- activate zypp-query-pool
- Revision 9637
-- 4.12.1
+- 4.12.1

-------------------------------------------------------------------
Tue Apr 15 00:54:07 CEST 2008 - jkupec@xxxxxxx
@@ -628,8 +636,8 @@
Fri Apr 11 14:43:05 CEST 2008 - ma@xxxxxxx

- Fix SolvIterMixin to avioid multiple visits of the same Selectable.
-- Add Resolvable::poolItem() providing access to the corresponding
- PoolItem. API to query isRelevant/isSatisfied/isBroken was moved
+- Add Resolvable::poolItem() providing access to the corresponding
+ PoolItem. API to query isRelevant/isSatisfied/isBroken was moved
to PoolItem.
- Add ResPool::satisfiedProductsBegin/End iterator over all products
whose dependencies are satisfied. This reflects the status determined
@@ -640,19 +648,19 @@
Fri Apr 11 12:07:47 CEST 2008 - jreidinger@xxxxxxx

- switch to new locks api
-- revision 9524
+- revision 9524

-------------------------------------------------------------------
Wed Apr 9 21:24:54 CEST 2008 - ma@xxxxxxx

- Enable ui::Selectable lookup by Solvable/PoolItem in ResPoolProxy.
-- Add SolvIterMixin: Base class providing PoolItem_iterator and
+- Add SolvIterMixin: Base class providing PoolItem_iterator and
Selectable_iterator iterator types based on a Solvable iterator.
- Enhanced WhatProvides and SolvableSet to PoolItem_iterator to offer
PoolItem_iterator and Selectable_iterator.
-- Add Solvable::SplitIdent: Helper class that splits an identifier
+- Add Solvable::SplitIdent: Helper class that splits an identifier
into kind and name.
-- Provide methods Pattern::contents returning a collection of packages
+- Provide methods Pattern::contents returning a collection of packages
associated with the pattern/patch.
- revision 9496

@@ -660,18 +668,18 @@
Tue Apr 8 15:50:48 CEST 2008 - jreidinger@xxxxxxx

- add comparing to PoolQuery
-- revision 9466
+- revision 9466

-------------------------------------------------------------------
Tue Apr 8 13:18:30 CEST 2008 - jreidinger@xxxxxxx

-- move RepoInfo to universal RepoException. This can enable more verbose
output - for frontend. (helps with bnc #377137)
+- move RepoInfo to universal RepoException. This can enable more verbose
output - for frontend. (helps with bnc #377137)
- revision 9452

-------------------------------------------------------------------
Tue Apr 8 10:52:30 CEST 2008 - jreidinger@xxxxxxx

-- initial implementation of new locks (FATE #120118 and #120352)
+- initial implementation of new locks (FATE #120118 and #120352)
- revision 9442

-------------------------------------------------------------------
@@ -684,7 +692,7 @@
Fri Apr 4 14:01:45 CEST 2008 - jreidinger@xxxxxxx

- add split with respect to escaped delimeters and also for quotes
-- revision 9373
+- revision 9373

-------------------------------------------------------------------
Thu Apr 3 12:55:50 CEST 2008 - ma@xxxxxxx
@@ -696,7 +704,7 @@
Thu Apr 3 11:59:13 CEST 2008 - ma@xxxxxxx

- Allow to store a media label in MediaSetAccess. This label is
- passed to a media change requests to describe which CD is
+ passed to a media change requests to describe which CD is
requested. (bnc #330094)
- Fixed some missing package and source package attributes.
- revision 9347
@@ -705,25 +713,25 @@
Wed Apr 2 13:48:52 CEST 2008 - schubi@xxxxxxx

- Moved poolItem.status().isSatisfied(),.... to poolItem.isSatisfied()
-- Removed establish state in ResStatus
+- Removed establish state in ResStatus
- revision 9337
- version 4.7.0

-------------------------------------------------------------------
Wed Apr 2 10:24:17 CEST 2008 - ma@xxxxxxx

-- Add PoolItem::isSatisfied()/isBroken() to test whether
+- Add PoolItem::isSatisfied()/isBroken() to test whether
the items requirements are met.
- revision 9334

-------------------------------------------------------------------
Tue Apr 1 21:54:10 CEST 2008 - ma@xxxxxxx

-- Extend sat::WhatProvides to allow to query for possible providers
- of a collection of capabilies. E.g. all providers of a packages
+- Extend sat::WhatProvides to allow to query for possible providers
+ of a collection of capabilies. E.g. all providers of a packages
requirements.
-- Fixed retrieval of translated texts from .solv files, provided the
- solv file contains them.
+- Fixed retrieval of translated texts from .solv files, provided the
+ solv file contains them.
- revision 9328

-------------------------------------------------------------------
@@ -737,7 +745,7 @@
Wed Mar 26 16:15:24 CET 2008 - ma@xxxxxxx

- Allow prioritizing repos by adding a line 'priority=N' to the
- .repo file. Where N is an integer number from 1 (highest prio)
+ .repo file. Where N is an integer number from 1 (highest prio)
to 99 (least and default). (bnc #369827, fate #302872)
- version 4.6.1
- revision 9276
@@ -768,13 +776,13 @@
Thu Mar 20 15:00:24 CET 2008 - jreidinger@xxxxxxx

- return more information from checking if metadata need refresh,
- so user can get better info. (bnc #307249)
+ so user can get better info. (bnc #307249)
- revision 9231

-------------------------------------------------------------------
Tue Mar 18 21:59:04 CET 2008 - ma@xxxxxxx

-- class sat::LocaleSupport: Convenience methods to manage support
+- class sat::LocaleSupport: Convenience methods to manage support
for language specific packages.
- revision 9197

@@ -819,19 +827,19 @@
Fri Mar 14 12:07:41 CET 2008 - jreidinger@xxxxxxx

- Save repo type during refresh if type is NONE (f.e. lazy probing).
-- revision 9153
+- revision 9153

-------------------------------------------------------------------
Fri Mar 14 11:34:24 CET 2008 - jreidinger@xxxxxxx

- replace gpg escaped semicolon with real semicolon (bnc #355434)
-- revision 9151
+- revision 9151

-------------------------------------------------------------------
Fri Mar 14 10:17:41 CET 2008 - jreidinger@xxxxxxx

- make strings from RpmDb and Keyring exceptions translatable
-- revision 9146
+- revision 9146

-------------------------------------------------------------------
Thu Mar 13 18:41:26 CET 2008 - dmacvicar@xxxxxxx
@@ -842,7 +850,7 @@
-------------------------------------------------------------------
Thu Mar 13 18:40:57 CET 2008 - jreidinger@xxxxxxx

-- enable frontend to rewrite add_probe settings.(bnc #309612)
+- enable frontend to rewrite add_probe settings.(bnc #309612)
- Correct adding repo without type to lazy probing.
- revision 9135

@@ -918,13 +926,13 @@

-------------------------------------------------------------------
Wed Mar 5 11:33:26 CET 2008 - ma@xxxxxxx
-
+
- Try to rebuild broken solv files in Target::load.
- revision 9015

-------------------------------------------------------------------
Tue Mar 4 18:17:41 CET 2008 - ma@xxxxxxx
-
+
- Try to rebuild broken solv files in RepoManager::loadFromCache.
- Fix RepoStatus::operator&& and RepoStatus testsuite.
- revision 9008
@@ -938,7 +946,7 @@

-------------------------------------------------------------------
Tue Mar 4 12:57:58 CET 2008 - ma@xxxxxxx
-
+
- Save and restore requested locales on target load/commit.
- revision 8999

@@ -946,7 +954,7 @@
Mon Mar 3 17:10:26 CET 2008 - schubi@xxxxxxx

- (Update) Prevent reinstallation of installed packages.
-- revision 8984
+- revision 8984

-------------------------------------------------------------------
Sun Mar 2 16:13:16 CET 2008 - coolo@xxxxxxx
@@ -984,7 +992,7 @@

-------------------------------------------------------------------
Tue Feb 26 13:26:30 CET 2008 - ma@xxxxxxx
-
+
- Fixed Capabilites iterator exposing prereq marker.
- revision 8914

@@ -998,11 +1006,11 @@
Mon Feb 25 17:06:53 CET 2008 - schubi@xxxxxxx

- Testcases regards modaliases, rpmlib, ... correctly
-- Revision 8904
+- Revision 8904

-------------------------------------------------------------------
Mon Feb 25 13:20:26 CET 2008 - ma@xxxxxxx
-
+
- Remove obsolete sql database. (bnc#363224)
- revision 8898


Modified: branches/SuSE-Linux-11_0-Branch/libzypp/zypp/KeyRing.cc
URL:
http://svn.opensuse.org/viewcvs/zypp/branches/SuSE-Linux-11_0-Branch/libzypp/zypp/KeyRing.cc?rev=10497&r1=10496&r2=10497&view=diff
==============================================================================
--- branches/SuSE-Linux-11_0-Branch/libzypp/zypp/KeyRing.cc (original)
+++ branches/SuSE-Linux-11_0-Branch/libzypp/zypp/KeyRing.cc Fri Jul 4 17:42:38
2008
@@ -249,7 +249,7 @@
for (list<PublicKey>::const_iterator it = keys.begin(); it != keys.end();
it++)
{
if ( id == (*it).id() )
-
+
return true;
}
return false;
@@ -345,14 +345,17 @@
if ( publicKeyExists( id, generalKeyRing() ) )
{
PublicKey untkey = exportKey( id, generalKeyRing() );
- if ( untkey.created() > key.created() )
+ // bnc #393160: Comment #30: Compare at least the fingerprint
+ // in case an attacker created a key the the same id.
+ if ( untkey.fingerprint() == key.fingerprint()
+ && untkey.created() > key.created() )
{
MIL << "Key " << key << " was updated. Saving new version into
trusted keyring." << endl;
importKey( untkey, true );
key = untkey;
}
}
-
+
MIL << "Key " << id << " " << key.name() << " is trusted" << endl;
// it exists, is trusted, does it validates?
if ( verifyFile( file, signature, trustedKeyRing() ) )

--
To unsubscribe, e-mail: zypp-commit+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: zypp-commit+help@xxxxxxxxxxxx

< Previous Next >
This Thread
  • No further messages