Patch bind to pluig Kaminsky DNS vulnerability for FC7?

Todd Zullinger tmz at
Wed Jul 30 23:37:17 UTC 2008

Mike wrote:
> and then did yum localupdate --nogpgcheck on the list of newly
> created rpms.

If you'd like to not have to disable the gpg signature check, that's
only a few more steps (most of which only need to be done once).

# Generate a key
gpg --gen-key # the defaults for key type and size are fine.

# Tell rpm what key to use (replace the keyid [8218AC56] with the
# keyid or the email address of the key you just created.
echo '%_gpg_name 8218AC56'>> ~/.rpmmacros

# Export the key from gpg
gpg -a --export 8218ac56> /tmp/rpm-gpg.asc

# Import the key to the rpm database (as root)
rpm --import /tmp/rpm-gpg.asc

# Whenever you (re)build a package, add --sign to the rpmbuild command
rpmbuild --rebuild --sign bind-9.5.0-33.P1.fc9.src.rpm

Todd        OpenPGP -> KeyID: 0xBEAF0CE3 | URL:
Nothing is wrong with California that a rise in the ocean level
wouldn't cure.
    -- Ross MacDonald (1915-1983)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 542 bytes
Desc: not available
URL: <>

More information about the fedora-list mailing list