On Mon, Aug 11, 2014 at 11:40:11PM +0200, Richard Weinberger wrote:
Hi!
How can I cryptographically verify libvirt releases?
There are no signature/hash files in http://libvirt.org/sources/.
All I see is that your git release tags are PGP signed.
So, anyone who cares has to ignore
Hi!
How can I cryptographically verify libvirt releases?
There are no signature/hash files in http://libvirt.org/sources/.
All I see is that your git release tags are PGP signed.
So, anyone who cares has to ignore everything in http://libvirt.org/sources/
and needs to regenerate the tarball from