Oh, sorry for missed that. But now the question is, what rpm version is used to
*sign* that package?
It doesn't seem like any rpm.org upstream version because deleting the
signature (with rpm <= 4.13.0) corrupts the package beyond recognition of those
older versions too:
```
[pmatilai@sopuli rpm-4.13.x]$ cp
~/Downloads/intel-aero-repo-1.4-r0.corei7_64.rpm /tmp/
[pmatilai@sopuli rpm-4.13.x]$ ./rpmkeys -Kv
/tmp/intel-aero-repo-1.4-r0.corei7_64.rpm
/tmp/intel-aero-repo-1.4-r0.corei7_64.rpm:
Header V3 RSA/SHA1 Signature, key ID bb0396db: NOKEY
Header SHA1 digest: OK (3066ac48fef77e939547216732d92bb047eb85b6)
V3 RSA/SHA1 Signature, key ID bb0396db: NOKEY
MD5 digest: OK (cf96418cf798c2ef1351fb012e7a6b7e)
[pmatilai@sopuli rpm-4.13.x]$ ./rpmsign --delsign
/tmp/intel-aero-repo-1.4-r0.corei7_64.rpm
/tmp/intel-aero-repo-1.4-r0.corei7_64.rpm:
[pmatilai@sopuli rpm-4.13.x]$ ./rpmkeys -Kv
/tmp/intel-aero-repo-1.4-r0.corei7_64.rpm
error: /tmp/intel-aero-repo-1.4-r0.corei7_64.rpm: sigh data: BAD, no. of
bytes(8900) out of range
```
If this is signed with an rpm.org release, a reproducer please.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/270#issuecomment-322698252_______________________________________________
Rpm-maint mailing list
[email protected]
http://lists.rpm.org/mailman/listinfo/rpm-maint
