Kubuntu GUI package manager does not warn if packages are unsigned
Bug #256245 reported by
Scott Kitterman
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Adept Manager |
Unknown
|
Medium
|
|||
Release Notes for Ubuntu |
Fix Released
|
Undecided
|
Unassigned | ||
adept (Ubuntu) |
Won't Fix
|
High
|
Unassigned | ||
Karmic |
Won't Fix
|
High
|
Unassigned | ||
kpackagekit (Ubuntu) |
Fix Released
|
High
|
Unassigned | ||
Karmic |
Won't Fix
|
High
|
Unassigned | ||
packagekit (Ubuntu) |
Fix Released
|
High
|
Sebastian Heinlein | ||
Karmic |
Fix Released
|
High
|
Sebastian Heinlein |
Bug Description
Binary package hint: adept
Generally other package managers (e.g apt or synaptic) warn the user if packages are unsigned. While this might have at one point been a nice to have feature, in the current era of DNS cache poisoning attacks package signatures are the only guarantee we have that the package being installed is authentic. This is essential.
Changed in adeptmgr: | |
status: | Unknown → New |
Changed in adeptmgr: | |
status: | New → Confirmed |
Changed in adept: | |
status: | Confirmed → Triaged |
Changed in kpackagekit (Ubuntu Karmic): | |
status: | Confirmed → Won't Fix |
status: | Won't Fix → Confirmed |
Changed in kpackagekit (Ubuntu): | |
status: | Confirmed → Triaged |
tags: | removed: regression-potential |
Changed in adeptmgr: | |
importance: | Unknown → Medium |
Changed in adeptmgr: | |
status: | Confirmed → Unknown |
To post a comment you must log in.
Confirmed on IRC with mornfall that this feature is not present.