View Issue Details

IDProjectCategoryView StatusLast Update
0018016CentOS-8dnfpublic2021-01-15 10:47
Reportercndc Assigned To 
PriorityhighSeveritymajorReproducibilityalways
Status newResolutionopen 
Product Version8.3.2011 
Summary0018016: Distribution signed with unknown key - major security impact
Descriptionwarning: /var/lib/mock/epel-8-x86_64/root/var/cache/dnf/BaseOS-586be817612a3cb1/packages/acl-2.2.53-1.el8.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID 8483c65d: NOKEY
Steps To ReproduceRun this:-

mock -r epel-8-x86_64 --init
Additional InformationUnknown keys mean that anyone and/or any mirror can substitute their own malware giving total control of victim systems.
Tagssecurity

Activities

There are no notes attached to this issue.

Issue History

Date Modified Username Field Change
2021-01-15 10:47 cndc New Issue
2021-01-15 10:47 cndc Tag Attached: security