diff options
author | David Kalnischkies <david@kalnischkies.de> | 2015-04-12 11:20:55 +0200 |
---|---|---|
committer | David Kalnischkies <david@kalnischkies.de> | 2015-04-19 01:13:09 +0200 |
commit | de1c9b8ad208ae677fc6e916a907e319f246b1e8 (patch) | |
tree | 274e676efe68bc63792ffef3ac5d3f8dcc5f74ca /vendor | |
parent | d84da4995df24329e96d57a22136683a9e370f4e (diff) |
unsigned Release files can expire, too
Checking Valid-Until on an unsigned Release file doesn't give us any
security brownie points as an attacker could just change the date and in
practice repositories with unsigned Release files will very likely not
have a Valid-Until date, but for symetry and the fact that being
unsigned is currently just a warning, while expired is a fatal error.
Diffstat (limited to 'vendor')
0 files changed, 0 insertions, 0 deletions