[arch-general] Package signing: database signatures?

Don deJuan donjuansjiz at gmail.com
Sun Mar 11 15:47:56 EDT 2012


On 03/10/2012 08:12 AM, Kevin Chadwick wrote:
> On Mon, 05 Mar 2012 10:42:15 +0100
> Florian Pritz wrote:
>
>> You should read pacman.conf(5) "PACKAGE AND DATABASE SIGNATURE CHECKING"
>> and use "Optional PackageRequired"
>
> Quick question and I'm guessing the answer will be just to wait and
> that's fine.
>
> There are just a few packages preventing me from using Required in
> pacman.conf.
>
> Like scribes and xcb-proto (the testing version is signed so I guess
> that will migrate).
>
> Just wondering if there is any pacman.conf magic that will tie a
> signature checking setting to a particaulr package name?
>
>
>
> p.s.
>
> I don't know what people use apart from just updating regularly but I've
> just written a script to look up packages installed with exploits
> (cves) and also curently in the three main repos for arch. I haven't the
> time at the mo to make it less crude and generic/ready/fancy for the
> general public, but if anyone's interested let me know.

I would be interested in seeing the script you wrote for this please. 
Thanks :)


>
>
> This is what I found recently.
>
> bugzilla-4.2
> flyspray-0.9.9.6
> phpldapadmin-1.2.2
> wordpress-3.3.1
> emacs-23.4
> flashplugin-11.1.102.62
> glib-1.2.10
> mysql-5.5.21
> ocaml-3.12.1
> tomcat-5.5.34
> vlc-2.0.0



More information about the arch-general mailing list