[Rpm-maint] [rpm-software-management/rpm] Reject signatures outside of signature header (#1503)

Demi Marie Obenour notifications at github.com
Fri Jan 15 23:00:14 UTC 2021


Programs like DNF assume that RPM checks all signatures for validity, but signatures outside the signature header won’t be checked.  Therefore, they must be rejected.
You can view, comment on, or merge this pull request online at:

  https://github.com/rpm-software-management/rpm/pull/1503

-- Commit Summary --

  * Reject signatures outside of signature header

-- File Changes --

    M lib/header.c (4)

-- Patch Links --

https://github.com/rpm-software-management/rpm/pull/1503.patch
https://github.com/rpm-software-management/rpm/pull/1503.diff

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/1503
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20210115/2a61578e/attachment.html>


More information about the Rpm-maint mailing list