[Rpm-maint] [rpm-software-management/rpm] Fix IMA signature lengths assumed constant (again) (PR #1900)
Demi Marie Obenour
notifications at github.com
Mon Feb 7 01:25:28 UTC 2022
I tried checking this in rpmvs, and it does not look like there is a good way to report an error from there (yet). I could, of course, add support for that, but it would be a larger refactor. I have already done that refactor and would be willing to make a PR, but it is rather large (144 lines added, 143 lines deleted) and needs additional work (it assumes that there will be no string arrays in the signature header with length greater than 1, which is false for file and verity signatures).
@pmatilai would you mind merging this PR (or #1913) to avoid a security regression?
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/1900#issuecomment-1030981023
You are receiving this because you are subscribed to this thread.
Message ID: <rpm-software-management/rpm/pull/1900/c1030981023 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20220206/fc8075eb/attachment.html>
More information about the Rpm-maint
mailing list