Fedora Users — Re: Fedora Updates: whole packages vs patches

Re: Fedora Updates: whole packages vs patches

Date Prev

Date Next

Thread Prev

Thread Next

Date Index

Thread Index

To: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>

Subject: Re: Fedora Updates: whole packages vs patches

From: Rich Burroughs <rich@xxxxxxxxxxxx>

Date: Thu, 09 Dec 2004 11:36:59 -0800

In-reply-to: <[email protected]>

References: <[email protected]>

Reply-to: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>

User-agent: Mozilla Thunderbird 1.0 (Windows/20041206)

Jorge Fábregas wrote:

1- create an rpm with just that file (thus...it will be a patch rpm). size 1K

Then the md5sums that RPM uses to check the integrity of the files would be broken for the initial package. It's not perfect, but rpm -V is a nice quick and dirty way to check if files have been altered or trojaned.

In the case of a patch RPM like you mention, you'd then have to also check the sums for the patch, and compare that to the list of files in the original, to make sure that the ones in the original package that had been changed were all the same files in the patch. It would be pretty messy.


Rich