CVSROOT: /cvs Module name: src Changes by: [email protected] 2023/10/14 12:10:47
Modified files:
usr.sbin/fw_update: fw_update.sh
Log message:
Verify but don't overwrite SHA256.sig in fw_update(8)
Signify is happy to overwite the file with the signature stripped off.
However, if we do that, when downloading firmware we lose the ability
to check the signature before verifying checksums on the downloaded files.
Noticed by Thomas <exnihilo () fastmail ! org>
Right deraadt@
