Bug 9397 – Sign Debian/Ubuntu packages

Bug 9397 - Sign Debian/Ubuntu packages

Summary:

Sign Debian/Ubuntu packages

Status:	NEW

Product:	Logitech Media Server
Classification:	Unclassified
Component:	Misc
Version:	unspecified
Platform:	PC Ubuntu Linux

Importance:	-- enhancement with 27 votes (vote)
Target Milestone:	Future
Assigned To:	Mark Miksis

URL:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2008-09-04 17:24 UTC by Manoj Kasichainula
Modified:	2009-06-21 07:11 UTC (History)
CC List:	5 users (show)

See Also:
Category:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Manoj Kasichainula 2008-09-04 17:24:17 UTC

Similarly to https://bugs-archive.lyrion.org/show_bug.cgi?id=6974 , it would be great if the Debian packages for squeezecenter could be signed. This will help somewhat to prevent unauthorized packages from getting installed, and will also allow me to avoid an extra "Install these packages without verification [y/N]?" I have to deal with on every upgrade.

Instructions for doing this are at http://wiki.debian.org/SecureApt

Thanks.

bugzilla made me enter a component, but there is none for debian packages, so I picked the closest thing I could find that wasn't completely wrong.

Comment 1 Chris Owens 2008-09-22 12:15:51 UTC

Matt, is this something you think we should do?

Comment 2 James Richardson 2008-10-10 15:25:56 UTC

Targeting Enhancement bugs

Comment 3 Matthew Schoolmaster 2009-02-25 08:49:12 UTC

please consider doing this as soon as you can.

much appreciated.

Comment 4 Matt Wise 2009-05-04 09:52:13 UTC

Assigning to Mark, hopefully he'll have time to get around to this...

Comment 5 AndrewFG 2009-06-21 07:11:26 UTC

I voted for this because the should be a DSig on the Windows version too. 
i.e. both on the installer and the application .exe