On Fri, Dec 07, 2012 at 02:28:16PM -0500, Matthew Miller wrote: > On Fri, Dec 07, 2012 at 08:11:08PM +0100, Till Maas wrote: > > > * 960 - F18 schedule + the holidays (notting, 18:50:29) > > > * LINK: https://fedoraproject.org/wiki/JaroslavReznik/FedupF18Final - > > > not updated yet (jreznik, 18:58:15) > > > * AGREED: Do not block on fedup signature checking (not a regression) > > > (+:7, -:0, 0:0) (notting, 19:08:47) > > how is not providing a supported way to do secure upgrade of Fedora not > > a regression? It is a big disappointment that Fedora is more and more > > I assume because Anaconda has never done this. (Our dear old friend bug > #998.) Anaconda only needs to do this, if it is used for network installs. But it was always possible to verify the DVD image and use the verified packages from there: https://fedoraproject.org/verify Some people even bothered to change the process from using MD5 or SHA1 to using SHA256 in the past. Regards Till -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
