Re: [OE-core] [dunfell][PATCH] rpm: fix CVE-2021-3421

[dunfell][PATCH] rpm: fix CVE-2021-3421 · Minjae Kim <hidden> · 2021-06-24
Re: [OE-core] [dunfell][PATCH] rpm: fix CVE-2021-3421 · Anuj Mittal <hidden> · 2021-06-25
Re: [dunfell][PATCH] rpm: fix CVE-2021-3421 · Minjae Kim <hidden> · 2021-06-25
Re: [OE-core] [dunfell][PATCH] rpm: fix CVE-2021-3421 · Steve Sakoman <hidden> · 2021-06-25
Re: [dunfell][PATCH] rpm: fix CVE-2021-3421 · Minjae Kim <hidden> · 2021-06-26

From: Steve Sakoman <hidden>
Date: 2021-06-25 15:07:41

On Thu, Jun 24, 2021 at 7:30 PM Minjae Kim [off-list ref] wrote:

In order to fix CVE-2021-3421, I added RPMSIGTAG_FILESIGNATURES and RPMSIGTAG_FILESIGNATURELENGTH in lib/rpmtag.h.
So It is possible to build. but I cannot test on target yet.

FWIW, a-full test on the autobuilder passed with this patch included.

I'm not sure that is sufficient testing, so I won't include this patch
in a pull request until I hear back about the result of your testing.

Steve

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help