Axel Thimm skrev: > Sorry for jumping in that late, but assuming a malicious deltarpm that > could fake a matching md5 sum to pass validation, wouldn't it get > applied and make that a security issue? I assume that deltarpms are (required to be) signed just like full rpms. /abo