[arch-general] Package signing for the umpteenth time (was Re: unrealircd 3.2.8.1-2 contains backdoor)
Ananda Samaddar
ananda at samaddar.co.uk
Sun Jun 13 05:38:29 EDT 2010
On Sun, 13 Jun 2010 09:58:38 +0200
Thomas Bächler <thomas at archlinux.org> wrote:
> Am 13.06.2010 02:33, schrieb Alexander Duscheleit:
> > OTOH the original mail was meant more to alert *users* of
> > unrealircd, the maintainer should actually already have been
> > noticed via the bug.
>
> In that case, it seems you chose your list wisely.
>
> > On a side-note, Sergej already has published a new pkgrel this
> > afternoon (2010-06-12 16:40:54 UTC). So the bug is/was already
> > obsolete before I wrote it.
>
> Good, didn't notice that. I was quite shocked when I read about the
> issue.
>
This is the reason why we need package signing for Pacman. I'm aware
that some progress has been made and it's being worked on. Are there
any updates?
Ananda
More information about the arch-general
mailing list