|
Bugzilla – Full Text Bug Listing |
| Summary: | Java Community repository -> unknown gpg key used for signing | ||
|---|---|---|---|
| Product: | [openSUSE] openSUSE 12.1 | Reporter: | melchiaros melchiaros <melchiaros> |
| Component: | Other | Assignee: | Michal Vyskocil <mvyskocil> |
| Status: | RESOLVED DUPLICATE | QA Contact: | E-mail List <qa-bugs> |
| Severity: | Critical | ||
| Priority: | P5 - None | ||
| Version: | Final | ||
| Target Milestone: | --- | ||
| Hardware: | x86-64 | ||
| OS: | SUSE Other | ||
| Whiteboard: | |||
| Found By: | --- | Services Priority: | |
| Business Priority: | Blocker: | --- | |
| Marketing QA Status: | --- | IT Deployment: | --- |
| Attachments: |
yast2 message, warn, zypper, other
the screenshot |
||
Created attachment 461668 [details]
the screenshot
-> osc maintainer Java:packages dup *** This bug has been marked as a duplicate of bug 727586 *** |
Created attachment 461667 [details] yast2 message, warn, zypper, other User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 I´ve used yast2 to import community repositories(and with this their keys); the most repositories works fine and the import of the gpg keys works well, with the known dialog of ... do you trust that key-> yes/no The Java Community repository is an exception: The is no importing dialog. Their is only a dialdog that informed the user that the gpg key is unknown and that there is no trust relationship to the owner of the key. I attach the screenshot of the yast2 message box. To mark it: It is a fresh system, I do not have messed on the repository keys until now, so the cause for this is not on my side. Because this could be a security violation I mark this here as critical. Reproducible: Always Steps to Reproduce: 1.call yast2 2.swith to repository management 3.Add new repositories -> community repositories -> Java Community repository -> import it -> see the dialog.