[Rpm-maint] [rpm-software-management/rpm] rpmReadPackageFile(): respect transaction verification level (#1484)

Demi Marie Obenour notifications at github.com
Wed Jan 13 03:08:16 UTC 2021


@pmatilai so here is what I would *like* to see:

1. Duplicate tags in signature headers are not allowed.
2. Signature headers are not allowed to duplicate tags found in the immutable header, after fixups.
3. Signatures are verified before headers are imported.
4. `rpmReadPackageFile` is deprecated, in favor of `rpmReadPackageFileEx` which takes a verification level argument.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/1484#issuecomment-759174330
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20210112/f47c954e/attachment.html>


More information about the Rpm-maint mailing list