Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-8972

Tarball verification update

    XMLWordPrintable

    Details

      Description

      I'd like to see several improvements to the code verification for MariaDB. Porters should always have a way to validate that the tarball they've downloaded has not been tampered with.

      1. Only PGP signed MD5 hashes available for downloadable tarballs. Please update the hashes to SHA256 and provide signatures for these as well.
      2. Documentation on how to verify your downloaded tarball seems to be missing
      3. PGP code signing key not published on the website (yet on https://yum.mariadb.org)

        Attachments

          Activity

            People

            Assignee:
            dbart Daniel Bartholomew
            Reporter:
            spil Bernard Spil
            Votes:
            1 Vote for this issue
            Watchers:
            3 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                Git Integration