Re: Bug#907723: link package versions on security-tracker to source packages
On Sat, Sep 1, 2018 at 5:53 PM, Holger Levsen wrote: > On Sat, Sep 01, 2018 at 12:43:58PM +0800, Paul Wise wrote: >> > So, I always go to [1] with my web browser, copy the URL of the .dsc file >> > and then dget that .dsc file. >> This misses out verifying apt signatures. > > the .dsc file is signed and dget verifies it. dget does not verify the apt signatures though, since it does not download them. -- bye, pabs https://wiki.debian.org/PaulWise
Re: Bug#907723: link package versions on security-tracker to source packages
On Sat, Sep 01, 2018 at 12:43:58PM +0800, Paul Wise wrote: > > So, I always go to [1] with my web browser, copy the URL of the .dsc file > > and then dget that .dsc file. > This misses out verifying apt signatures. the .dsc file is signed and dget verifies it. -- cheers, Holger --- holger@(debian|reproducible-builds|layer-acht).org PGP fingerprint: B8BF 5413 7B09 D35C F026 FE9D 091A B856 069A AA1C signature.asc Description: PGP signature