You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
RPM currently does not check that a signature contains exactly one packet. Requiring that a signature have exactly one packet would reduce the attack surface of RPM, but would reject packages with multiple signatures. If this is not possible, we can at least reject signatures that have non-signature packets.
The text was updated successfully, but these errors were encountered:
RPM currently does not check that a signature contains exactly one packet. Requiring that a signature have exactly one packet would reduce the attack surface of RPM, but would reject packages with multiple signatures. If this is not possible, we can at least reject signatures that have non-signature packets.
The text was updated successfully, but these errors were encountered: