8b3666ea2d
When RPM experiences a signed package, with a signature that it does NOT know. By default it will send the -fingerprint- (and only the 16 digit fingerprint) to an external HKP server, trying to get the key down. This is probably not a reasonable default behavior for the system to do, instead it should simply fail the key lookup. If someone wants to enable the HKP server it's easy enough to do by enabling the necessary macros. (From OE-Core rev: fdaa9115fb20d4af49ce8407b5785096c66ecf6c) Signed-off-by: yzhu1 <yanjun.zhu@windriver.com> Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> |
||
|---|---|---|
| .. | ||
| rpm | ||
| rpm-4.11.2 | ||
| rpmresolve | ||
| rpm_4.11.2.bb | ||
| rpm_5.4+cvs.bb | ||
| rpm_5.4.14.bb | ||
| rpmresolve_1.0.bb | ||