Loading...

XML

Word

Printable

JSON

Type: Improvement
Resolution: Done
Priority: Major - P3
Fix Version/s: 3.0.8, 3.1.7
Affects Version/s: None
Component/s: Packaging
Labels:
None

Backwards Compatibility:
Minor Change
Backport Completed:

3.0.8
Sprint:
BUILD 2 04/24/15, BUILD 4 06/05/15, Build 5 06/26/16, Build 6 07/17/15, Build 7 08/10/15, Build 8 08/31/15

Packages available from 10gen yum repository (and probably all provided packages) should be signed using a GPG/PGP key. It makes it harder to compromise a yum repository (it is not enough to just replace RPM in a repo).

is related to

SERVER-5455 Sign source archives (tgz, zip, etc) with a public GPG key

Closed

SERVER-14036 Ubuntu Key File belongs to Richard Kreuter

Closed

SERVER-19893 Generate packages on their own platforms

Closed

related to

DOCS-5411 securely download the mongodb packages

Closed

DOCS-7370 Add rpm signature verification to rpm package installation docs

Closed

Assignee:: Ernie Hershey (Inactive)

Reporter:: Marcin Zaj?czkowski

Participants:: Ernie Hershey, Githook User, Jakub Kramarz, Jarom Loveridge, Jason Woods, Marcin Zaj?czkowski, Michele Perucic, Tehmasp Chaudhri

Votes:: 26 Vote for this issue

Watchers:: 22 Start watching this issue

Created:: Feb 27 2013 02:07:21 PM UTC

Updated:: Nov 16 2021 01:56:43 PM UTC

Resolved:: Aug 13 2015 12:03:02 AM UTC

Details

Description

Attachments

Issue Links

Activity

People

Dates