Miles Sabin wrote:
The RHEL signing keys have, however, been used by an unauthorized party to sign unauthorized packages. Some people would say that that qualified as "compromised" on any reasonable definition.
Signing is a thing, distributing a signed package through the official ways is another. The latter didn't happen as we know.
-- BÉRES László RHCE, RHCX senior IT engineer, trainer Red Hat, Fedora, CentOS, SELinux: http://sys-admin.hu -- fedora-list mailing list [email protected] To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
