smart does not correctly verify packages coming from archives.
Bug #267901 reported by
Rick Clark
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| smart (Ubuntu) |
Fix Released
|
High
|
Rick Clark | ||
| Intrepid |
Fix Released
|
High
|
Rick Clark | ||
Bug Description
Binary package hint: smartpm-core
Smartpm does not use the gpg signatures provided with ubuntu to validate packages.
Revision history for this message
| Rick Clark (dendrobates) wrote | #1 |
| Changed in smart: | |
| assignee: | nobody → dendrobates |
| importance: | Undecided → High |
| milestone: | none → intrepid-alpha-6 |
| status: | New → In Progress |
Revision history for this message
| Rick Clark (dendrobates) wrote | #2 |
| Changed in smart: | |
| status: | In Progress → Fix Released |
To post a comment you must log in.
This fix addresses this paper:
http://