Fedora and supply-chain attacks
Fedora and supply-chain attacks
Posted Jun 17, 2021 21:23 UTC (Thu) by tchernobog (guest, #73595)In reply to: Fedora and supply-chain attacks by jccleaver
Parent article: Fedora and supply-chain attacks
A checksum and a signature are different, though. The latter guarantees provenance through the signer key; anybody can compute and post checksums instead.