[Rpm-maint] [rpm-software-management/rpm] Require creation time to be unique and hashed (PR #1912)

Demi Marie Obenour notifications at github.com
Mon Feb 14 17:31:16 UTC 2022


@DemiMarie commented on this pull request.



>  	    impl = *p;
-	    if (!(_digp->saved & PGPDIG_SAVED_TIME) &&
-		(sigtype == PGPSIGTYPE_POSITIVE_CERT || sigtype == PGPSIGTYPE_BINARY || sigtype == PGPSIGTYPE_TEXT || sigtype == PGPSIGTYPE_STANDALONE))

This check violated RFC 4880 §5.2.3.4, which applies to all types of signatures.

-- 
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/1912#discussion_r806079008
You are receiving this because you are subscribed to this thread.

Message ID: <rpm-software-management/rpm/pull/1912/review/881965952 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20220214/6dac0ca8/attachment.html>


More information about the Rpm-maint mailing list