[Rpm-maint] [rpm-software-management/rpm] Validate and require subkey binding signatures on PGP public keys (#1795)
Shreenidhi Shedi
notifications at github.com
Wed Sep 14 06:59:47 UTC 2022
Hi @DemiMarie,
I followed `https://access.redhat.com/articles/3359321` to generate keys. But after this fix, I'm unable to import the keys.
```
root [ ~ ]# rpm --import foo.key
error: foo.key: key 1 import failed.
root [ ~ ]# rpm -qi rpm
Name : rpm
Version : 4.16.1.3
Release : 12.ph4
Architecture: x86_64
Install Date: Tue Sep 13 16:57:51 2022
```
Can you please assist me on generating the keys properly?
Here are my patches where I back ported this CVE fix to 4.16.x
https://github.com/vmware/photon/blob/4.0/SPECS/rpm/CVE-2021-3521-1.patch
https://github.com/vmware/photon/blob/4.0/SPECS/rpm/CVE-2021-3521-2.patch
https://github.com/vmware/photon/blob/4.0/SPECS/rpm/CVE-2021-3521-3.patch
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/1795#issuecomment-1246330529
You are receiving this because you are subscribed to this thread.
Message ID: <rpm-software-management/rpm/pull/1795/c1246330529 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20220913/1c25e2ba/attachment.html>
More information about the Rpm-maint
mailing list