*** This bug is a security vulnerability ***
Public security bug reported:
Instead of shipping a single keyring with 4 keys, ship each key
individually in trusted.gpg.d and do not call apt-key update at all.
Remove keys from /etc/apt/trusted.gpg
This is similar to changes done in debian-archive-keyring 2012.1 upload.
** Affects: ubuntu-keyring (Ubuntu)
Importance: Undecided
Status: New
** Patch added: "ubuntu-keyring_2016.09.16.debdiff.asc"
https://bugs.launchpad.net/bugs/1624408/+attachment/4742035/+files/ubuntu-keyring_2016.09.16.debdiff.asc
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1624408
Title:
ubuntu-keyring migrate to fragment files
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-keyring/+bug/1624408/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
