vthib
commented
9 months ago @plusvic Do you have time to take a look at this as well as my other PRs? I'd love to be able to get those fixes in the next 4.4 release
Closed vthib closed 9 months ago
vthib
commented
9 months ago @plusvic Do you have time to take a look at this as well as my other PRs? I'd love to be able to get those fixes in the next 4.4 release
Commit 1a85738 fixed one bug but introduced a new one. The
pe.is_signedfield is now properly set (true if any signature is valid), but thesignatures[i].verifiedis now incorrectly set: instead of being set to whether this signature is verified, it is set to true if any previous signature is verified.Unfortunately, there is no test file that is triggering this behavior. This would require having a signature that is invalid appearing after a signature that is valid.
I targetted master, but we probably want this fix in 4.4.0. I'm not sure how you handle this, do you want me to target 4.4.x?