[Rpm-maint] [rpm-software-management/rpm] Fix regression reading rpm v3 and other rare packages (#1635) (#1688)

Panu Matilainen notifications at github.com
Tue May 25 11:24:55 UTC 2021


Commit d6a86b5e69e46cc283b1e06c92343319beb42e21 introduced far stricter
checks on what tags are allowed in signature and main headers than rpm
had previously seen, and unsurprisingly this introduced some regressions
on less common cases:

- On rpm v3 packages and some newer 3rd party created packages (such as
  install4j < 9.0.2), RPMTAG_ARCHIVESIZE resides in the main header
  to begin with
- In rpm 4.13 - 4.14, file IMA signatures were incorrectly placed in
  the main header.

As a quirk, permit the existence of RPMTAG_ARCHIVESIZE,
RPMTAG_FILESIGNATURES and RPMTAG_FILESIGNATURELENGTH in the main header
too provided that the corresponding signature tag is not there (so
they can reside in either but not both headers).

Initial workaround patch by Demi Marie Obenour.

Fixes: #1635
You can view, comment on, or merge this pull request online at:

  https://github.com/rpm-software-management/rpm/pull/1688

-- Commit Summary --

  * Fix regression reading rpm v3 and other rare packages (#1635)

-- File Changes --

    M lib/package.c (39)

-- Patch Links --

https://github.com/rpm-software-management/rpm/pull/1688.patch
https://github.com/rpm-software-management/rpm/pull/1688.diff

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/1688
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20210525/7ffeecbb/attachment.html>


More information about the Rpm-maint mailing list