[arch-general] gpg source validation for kernel.org style signatures

Christian Hesse list at eworm.de
Sun Jan 4 21:05:21 UTC 2015

Hello everybody,

pacman 4.2.0 gained support for verifying source tarballs with kernel.org
style signature. Some (even essential) packages could benefit from that,
linux and git come to mind.

How to handle this? Report a bug for every package? Provide a list here?
main(a){char*c=/*    Schoene Gruesse                         */"B?IJj;MEH"
"CX:;",b;for(a/*    Chris           get my mail address:    */=0;b=c[a++];)
putchar(b-1/(/*               gcc -o sig sig.c && ./sig    */b/42*2-3)*42);}
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/arch-general/attachments/20150104/051611dc/attachment.bin>

More information about the arch-general mailing list