[PATCH] Hardening: add signature check with rpmcliVerifySignatures
This api is not ideal but works for now. We don't have to set
installroot for the used transaction because we set keyring which is
used to retrieve the keys.
= changelog =
msg: Hardening: add signature check with rpmcliVerifySignatures
type: security
resolves: https://bugzilla.redhat.com/show_bug.cgi?id=
1932079
CVE-2021-3445
RhBug:
1932079
RhBug:
1932089
RhBug:
1932090
Related: CVE-2021-3421, CVE-2021-20271
Gbp-Pq: Name 0014-Hardening-add-signature-check-with-rpmcliVerifySigna.patch
projects / libdnf.git / commit