The root cause is RH signing server placing file signatures outside the
immutable region of the signature header, which breaks a whole bunch of
assumptions the rpm code makes about this. Hysterically this only ever worked
because we relaxed the signature header sanity checks for compatibility with
rpm5 in commit 34c2ba3c6a80a778cdf2e42a9193b3264e08e1b3 :facepalm:
And since we allow that, we'll have to work around it in the signing code.
There are other related bugs in that code too, mind.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/3469#issuecomment-2503093854
You are receiving this because you are subscribed to this thread.
Message ID: <rpm-software-management/rpm/issues/3469/2503093...@github.com>
_______________________________________________
Rpm-maint mailing list
Rpm-maint@lists.rpm.org
https://lists.rpm.org/mailman/listinfo/rpm-maint
