[Rpm-maint] [rpm-software-management/rpm] RFE: add a digest on the compressed payload content (#163)

Panu Matilainen notifications at github.com
Wed Mar 1 14:00:29 UTC 2017


What on earth does rpm-md have to do with this? It exists on an entirely different level, and has checksums on the entire package file, at the time of repository generation. Files can get corrupted and truncated in transit from rpmbuild to a repository. That has happened in Fedora repos, people were not so happy when a malformed Thunderbird package found its way through all the alleged signature checking etc.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/163#issuecomment-283347048
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20170301/6a3119b2/attachment.html>


More information about the Rpm-maint mailing list