[Rpm-maint] [rpm-software-management/rpm] Ignore unknown signature algorithms in verification (Issue #4101)
Panu Matilainen
notifications at github.com
Fri Jan 30 07:43:07 UTC 2026
pmatilai created an issue (rpm-software-management/rpm#4101)
This is the sister bug of #3996: similarly to disabled algorithms, we shouldn't fail just because one of many signatures uses an unknown algorithm. Instead we should let the known and enabled ones decide the outcome.
This is now causing silly failures on Fedora 43- when accessing newer RHEL 9-10 packages that have PQC signatures in addition to the trad RSA, but Sequoia in Fedora doesn't yet support PQC.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/4101
You are receiving this because you are subscribed to this thread.
Message ID: <rpm-software-management/rpm/issues/4101 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20260129/f343df4e/attachment.htm>
More information about the Rpm-maint
mailing list