summaryrefslogtreecommitdiff
path: root/apt-private
diff options
context:
space:
mode:
authorJulian Andres Klode <jak@debian.org>2016-03-15 10:56:05 +0100
committerJulian Andres Klode <jak@debian.org>2016-03-15 12:33:21 +0100
commit08fd77e83528fd03795524adf76e359ae2b56e06 (patch)
treeda69c1dc532c243b176eb3c225ad3ac074292fe5 /apt-private
parent56b4c93f60ebdb828bb8d0b9ea2db448560208f5 (diff)
methods/gpgv: Correctly handle weak signatures with multiple keys
We added weak signatures to BadSigners, meaning that a Release file signed by both a weak signature and a strong signature would be rejected; preventing people from migrating from DSA to RSA keys in a sane way. Instead of using BadSigners, treat weak signatures like expired keys: They are no good signatures, and they are worthless. Gbp-Dch: ignore
Diffstat (limited to 'apt-private')
0 files changed, 0 insertions, 0 deletions