delta rpms - can we turn them off
fweimer at redhat.com
Sun Jun 29 11:36:06 UTC 2014
On 06/29/2014 12:32 PM, drago01 wrote:
> On Sun, Jun 29, 2014 at 1:55 AM, Jonathan Dieter <jdieter at lesbg.com> wrote:
>> 2. RPM would also need to support signatures across the uncompressed payload
>> as well as the compressed payload.
> Well Florian said that only the header is actually signed not the
> payload. So this shouldn't be necessary.
I missed that the information that the payload is XZ-compressed is
likely signed (hard to tell because the current RPM format isn't
documented). So we'd need a fake XZ implementation that produces an
essentially uncompressed data stream (xz -0 still compresses).
In the meantime, we could try to reduce the compression level to 0
unconditionally in applydeltarpm.
Florian Weimer / Red Hat Product Security
More information about the devel