CentOS - Apr 2004 - Update centos-yumconf fixes security issue

An update has been released to centos-yumconf , the yum configuration file 
for centos because it was not set ot check the gpgkey on the packages ity 
installed.

It was assumed that if there was a key then it would be checked, but that 
is not the case, it has to be explicitly enabled per repo.

https://bugzilla.caosity.org/show_bug.cgi?id=543 refers

The updated file is :-

http://mirror.centos.org/centos-3/3.1/updates/i386/RPMS/centos-yumconf-1-7.noarch.rpm

and should be on all mirrors within a few hours.

If you run 'yum update' then the package will be automatically updated, 
however if you run yum against a local, non mirrored repository, or you 
have edited yum.conf then you may not pick up this update, in which case 
you should edit yum.conf to add gpgcheck=1 to each repo stanza.

Lance

-- 
uklinux.net - The ISP of choice for the discerning Linux user.