[Rpm-maint] [rpm-software-management/rpm] Fix possible package corruption on --delsign/resign/addsign (PR #3479)

Panu Matilainen notifications at github.com
Fri Nov 29 11:10:06 UTC 2024


Details in commit messages, the short story is that we could corrupt packages on signing operations due to miscalculations when unexpected stuff happened. That unexpected stuff in this case was misplaced IMA signatures but it's not specific to those.

Also add explicit tests for --delsign/--delfilesign behavior wrt IMA signatures.

Fixes: #3469
You can view, comment on, or merge this pull request online at:

  https://github.com/rpm-software-management/rpm/pull/3479

-- Commit Summary --

  * Add a test for deleting a misplaced IMA signature
  * Fix possible package corruption on --delsign/resign/addsign
  * Add tests for IMA signature deletion too

-- File Changes --

    M sign/rpmgensig.cc (5)
    A tests/data/RPMS/hello-2.0-1.x86_64-badima.rpm (0)
    M tests/rpmsigdig.at (55)

-- Patch Links --

https://github.com/rpm-software-management/rpm/pull/3479.patch
https://github.com/rpm-software-management/rpm/pull/3479.diff

-- 
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/3479
You are receiving this because you are subscribed to this thread.

Message ID: <rpm-software-management/rpm/pull/3479 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20241129/62f6234d/attachment-0001.htm>


More information about the Rpm-maint mailing list