On 8/3/20 9:43 AM, Antal Nemeš wrote:
-----Original Message----- From: CentOS-devel centos-devel-bounces@centos.org On Behalf Of Brian Stinson Sent: Monday, 3 August 2020 16:14
I believe 14.3 is exactly the same as 14.2 except that RH needed to adjust the signing order of their certificates and since those are RH specific, 14.2 == 14.3 for the intents and purposes of non-RHEL builds.
Trevor
This is the correct answer. The difference between 14.2 and 14.3 is only applicable to RHEL, and is not a change in the underlying content. The CentOS kernels were dual-signed in the right order for us in 14.2
--Brian
Great, thanks for confirmation. This throws a gigantic monkey wrench in my attempts at automating src.rpm generation from git.centos.org, so I hope this was an exceptional occurrence?
Yes .. one could say that an embargoed, 'named' sescureboot/kernel fix that requires a signature from Microsoft before release AND requires hiding embargoed content (which CentOS is not set up to do ..we build everythign in the open) .. is VERY MUCH an exceptional occurrence.
Some filtering rules in my brain just triggered an alarm here, too many words like 'embargoed content', 'secureboot', 'hiding', 'Microsoft'... on a GNU/Linux devel list :-)
Simon