Closed #1503.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/1503#event-4453732610___
Rpm-maint mailing list
I pushed a patch that only rejects known signatures in the main header. That’s
enough to resolve my worries. @pmatilai is it enough for you?
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
@DemiMarie pushed 1 commit.
451c5b50a54cc93d901461a56bdeb9b50582b017 Reject signatures outside of
signature header
--
You are receiving this because you are subscribed to this thread.
View it on GitHub:
> > What are these consequences?
>
> I don't have a crystall ball. In the submitted form, this PR slams the door
> on any and all developments where one might want to use the lower tag region
> for some new special purposes, forever. With a file format that has lifespan
> of multiple decades,
> What are these consequences?
I don't have a crystall ball. In the submitted form, this PR slams the door on
any and all developments where one might want to use the lower tag region for
some new special purposes, forever. With a file format that has lifespan of
multiple decades, that'd be an
> I'm not very fond of the idea of banning tags based on their numbers, such a
> thing might have far-fetched, unwanted consequences. At any rate, the range
> here is too wide, the signature range is from HEADER_SIGBASE to
> HEADER_TAGBASE-1.
What are these consequences?
> I think I'd rather
I'm not very fond of the idea of banning tags based on their numbers, such a
thing might have far-fetched, unwanted consequences. At any rate, the range
here is too wide, the signature range is from HEADER_SIGBASE to
HEADER_TAGBASE-1.
I think I'd rather approach this from the angle that
@DemiMarie pushed 1 commit.
4acff44a2f438921445ecb93f7d85e781292f0a3 Reject signatures in immutable headers
--
You are receiving this because you are subscribed to this thread.
View it on GitHub:
This check will probably need to be moved to the package reading functions.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
Programs like DNF assume that RPM checks all signatures for validity, but
signatures outside the signature header won’t be checked. Therefore, they must
be rejected.
You can view, comment on, or merge this pull request online at:
https://github.com/rpm-software-management/rpm/pull/1503
--
10 matches
Mail list logo