Summary: | gentoo should default to gpg validated emerge-webrsync | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | naduss <kolsjdldddd> |
Component: | Default Configs | Assignee: | Gentoo Security <security> |
Status: | RESOLVED UPSTREAM | ||
Severity: | normal | CC: | jaak |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
naduss
2015-01-20 11:13:14 UTC
This is not a matter for the Security team (that deals with vulnerability handling and tracking of application in the Gentoo tree). You might be interested in the Gentoo Keys project[0] that works in bringing OpenPGP signatures into the handling of commits and further packages. The first release of gkeys was made just recently. References: [0] https://wiki.gentoo.org/wiki/Project:Gentoo-keys We don't need a bug for tracking this. |