FS#49228 - [bitcoin] pkgbuild not verifying upstream signature

Attached to Project: Community Packages
Opened by ikohvei (ikohvei) - Friday, 06 May 2016, 02:20 GMT
Last edited by Timothy Redaelli (tredaelli) - Thursday, 30 June 2016, 14:04 GMT
Task Type Bug Report
Category Security
Status Closed
Assigned To Timothy Redaelli (tredaelli)
Architecture All
Severity Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No
This task depends upon

Closed by  Timothy Redaelli (tredaelli)
Thursday, 30 June 2016, 14:04 GMT
Reason for closing:  Won't implement
Additional comments about closing:  tor-browser and all the other packages are verifying the detached signature directly and not the SHA256SUMS.asc.
My procedure is to check this manually when I release a version.

Splitting packages is necessary since are different daemons with different dependencies
Comment by ikohvei (ikohvei) - Friday, 06 May 2016, 02:37 GMT
While I am here, just going to add... is it really necessary that the upstream pkg be broken into 4 different arch packages?
https://www.archlinux.org/packages/?sort=&q=bitcoin

Loading...