Opened 16 months ago

Last modified 16 months ago

#1429 assigned Bug / Defect

Fix Fedora Copr instructions in the OpenvpnSoftwareRepos doc

Reported by: a13x Owned by: David Sommerseth
Priority: trivial Milestone:
Component: Documentation Version:
Severity: Not set (select this one, unless your'e a OpenVPN developer) Keywords:



The Wiki offers to install OpenVPN software from Fedora Copr:

Actually, adding such a repository is not recommended since it breaks the supply chain security on that system.

The Open Source Security Foundation (OpenSSF, is doing a lot to persuade the community that the supply chain is important. That is especially true for OpenVPN software, which is critical for information security.

I would recommend adding a proper disclaimer to the Wiki chapter about Fedora Copr usage or at least add a detailed description of how to check the OpenVPN package signatures.


Change History (1)

comment:1 Changed 16 months ago by Gert Döring

Owner: set to David Sommerseth
Status: newassigned

Assigning to the Fedora maintainer, @dazo...

Note: See TracTickets for help on using tickets.