summaryrefslogtreecommitdiff
path: root/vendor
diff options
context:
space:
mode:
authorDavid Kalnischkies <david@kalnischkies.de>2015-04-12 11:20:55 +0200
committerDavid Kalnischkies <david@kalnischkies.de>2015-04-19 01:13:09 +0200
commitde1c9b8ad208ae677fc6e916a907e319f246b1e8 (patch)
tree274e676efe68bc63792ffef3ac5d3f8dcc5f74ca /vendor
parentd84da4995df24329e96d57a22136683a9e370f4e (diff)
unsigned Release files can expire, too
Checking Valid-Until on an unsigned Release file doesn't give us any security brownie points as an attacker could just change the date and in practice repositories with unsigned Release files will very likely not have a Valid-Until date, but for symetry and the fact that being unsigned is currently just a warning, while expired is a fatal error.
Diffstat (limited to 'vendor')
0 files changed, 0 insertions, 0 deletions