sign the repository at ddebs.ubuntu.com
Bug #185625 reported by
Louis-Dominique Dubeau
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Ubuntu |
Fix Released
|
Undecided
|
Martin Pitt |
Bug Description
The repository at ddebs.ubuntu.com is currently not signed. Even if the server is well secured, a man-in-the-middle attack could cause someone to install tainted packages on their system.
Changed in ubuntu-meta: | |
status: | Confirmed → In Progress |
To post a comment you must log in.
Is there any reason why this cannot be done? Currently this is preventing me from doing a partial upgrade of my system. I can certainly remove the repo from my sources, but that isn't going to help with testing.