Loading...

XML

Word

Printable

JSON

Type: Improvement
Resolution: Done
Priority: Major - P3
Fix Version/s: 3.0.8, 3.1.7
Affects Version/s: None
Component/s: Packaging
Labels:
None

Backwards Compatibility:
Minor Change
Backport Completed:

3.0.8
Sprint:
BUILD 2 04/24/15, BUILD 4 06/05/15, Build 5 06/26/16, Build 6 07/17/15, Build 7 08/10/15, Build 8 08/31/15
Confidence Status:
None
Work Order:
3

Aha! Reference:
None
Tracking Level:
None
Risk Status:
None
Exec Notes:
None
Goal Name:
None
Goal Link:
None

Packages available from 10gen yum repository (and probably all provided packages) should be signed using a GPG/PGP key. It makes it harder to compromise a yum repository (it is not enough to just replace RPM in a repo).

is related to

SERVER-5455 Sign source archives (tgz, zip, etc) with a public GPG key

Closed

SERVER-14036 Ubuntu Key File belongs to Richard Kreuter

Closed

SERVER-19893 Generate packages on their own platforms

Closed

Assignee:: Ernie Hershey (Inactive)
Reporter:: Marcin Zaj?czkowski
Participants:: Ernie Hershey, Githook User, Jakub Kramarz, Jarom Loveridge, Jason Woods, Marcin Zaj?czkowski, Michele Perucic, Tehmasp Chaudhri
Votes:: 26 Vote for this issue
Watchers:: 22 Start watching this issue

Created:: Feb 27 2013 02:07:21 PM UTC
Updated:: Nov 16 2021 01:56:43 PM UTC
Resolved:: Aug 13 2015 12:03:02 AM UTC
Confidence Status Last Update:: 06/Jul/15 2:48 PM

Details

Description

Attachments

Issue Links

Activity

People

Dates