Alexander Ploumistos wrote:
On Mon, Nov 30, 2015 at 10:53 AM, Florian Weimer
<fweimer(a)redhat.com>
wrote:
> Apparently, ABRT reports crashes for packages not part of Fedora.
Thanks, I'd guessed that much, but I wanted some confirmation.
> A possible fix would be to look at the signing key in the RPM database
> and report only packages which are signed with an official Fedora key.
> But that does not work because not all packages are signed. But apart
> from that, I don't see any way to identify Fedora packages as genuine.
It might still be useful to know if a (popular) 3rd party package
breaks for some reason, even though it's not our responsibility to fix
it.
Are packages from scratch builds signed or not?
scratch builds are not signed
-- Rex