On Mon, Apr 10, 2017 at 02:35:31PM -0400, Steve Grubb wrote: > Nobody has ever asked for one. I literally build the package in Fedora within > a few minutes of a release. Fedora has hashes of the audit tar file in the > "sources" file in the build system in case you want any historical > information: > > http://pkgs.fedoraproject.org/cgit/rpms/audit.git/log/sources >
Hello Steve, well.. then I want to ask you if you could use gpg signatures in future for your releases. We, at arch linux, are currently encouraging upstream to use signed releases and https. It's just 5min of work and it's a big step to a more secure internet. Thanks. chris
signature.asc
Description: PGP signature
-- Linux-audit mailing list [email protected] https://www.redhat.com/mailman/listinfo/linux-audit
