On Mon, 05 Mar 2012 10:42:15 +0100 Florian Pritz wrote: > You should read pacman.conf(5) "PACKAGE AND DATABASE SIGNATURE CHECKING" > and use "Optional PackageRequired" Quick question and I'm guessing the answer will be just to wait and that's fine. There are just a few packages preventing me from using Required in pacman.conf. Like scribes and xcb-proto (the testing version is signed so I guess that will migrate). Just wondering if there is any pacman.conf magic that will tie a signature checking setting to a particaulr package name? p.s. I don't know what people use apart from just updating regularly but I've just written a script to look up packages installed with exploits (cves) and also curently in the three main repos for arch. I haven't the time at the mo to make it less crude and generic/ready/fancy for the general public, but if anyone's interested let me know. This is what I found recently. bugzilla-4.2 flyspray-0.9.9.6 phpldapadmin-1.2.2 wordpress-3.3.1 emacs-23.4 flashplugin-11.1.102.62 glib-1.2.10 mysql-5.5.21 ocaml-3.12.1 tomcat-5.5.34 vlc-2.0.0
