Greetings: When using the OBS signing service, we observe errors during rpm installation in Redhat 7 x86_64 builds, related to keys in the rpm headers. For example, after we build and sign the perl-Authen-NTLM rpm, we see this in a downstream project that attempts to install it: installing perl-Authen-NTLM-1.02-1.3 error: .init_b_cache/perl-Authen-NTLM.rpm: rpmReadSignature failed: sigh load: BAD Research on rpmReadSignature errors reveals rpm header corruption as the root cause.
From https://bugzilla.redhat.com/show_bug.cgi?id=822255, detailing rpm read errors: Those mono packages have a slightly malformed signature header, which rpm prior to the recent security fixes didn't notice. The exact issue is that the signature header of those packages contain alignment for data types which are not supposed to be aligned, causing the expected vs calculated size to mismatch.
Is there an OpenSuse Build service fix available (or planned) for the signer service? If not, is there a workaround available that allows us to turn off signing for selected projects and Operating system configurations? Thanks. Jeff Glanz Dell | PG Release Engineering Team office + 1 512 724 9509 -- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-buildservice+owner@opensuse.org