Package: apksigcopier
Version: 1.1.1-1
Severity: serious

https://ci.debian.net/packages/a/apksigcopier/unstable/amd64/72115554/ and
confirmed locally:

 + apksigcopier compare NewPipe_v0.21.0.apk org.schabi.newpipe_966.apk
 DOES NOT VERIFY
 ERROR: APK Signature Scheme v2 signer #1: APK integrity check failed.
CHUNKED_SHA256 digest mismatch. Expected:
<647ed7a031902520b13c810fd292ee70e426338290be1ba043c67f80c25d3720>, actual:
<d89fb3f20914ba51325ca8cba40d8b79dfea145e1aa7c91bd10a058accf81433>
 Error: failed to verify /tmp/tmp1mi1vi6a/output.apk.


-- System Information:
Debian Release: forky/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (500, 'testing'), 
(101, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 7.0.12+deb14.1-amd64 (SMP w/16 CPU threads; PREEMPT)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=ru_RU.UTF-8, LC_CTYPE=ru_RU.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages apksigcopier depends on:
ii  python3        3.13.9-3+b1
ii  python3-click  8.2.0+0.really.8.1.8-1

apksigcopier recommends no packages.

Versions of packages apksigcopier suggests:
pn  apksigner  <none>

Reply via email to