The tool was tested by my team when verifying 50 IMA signed packages and all of them were verified successfully. Giving +1 karma

Works well!

@mschwendt, Ideally yes. But createrepo_c is used in places where this would cause problems - see my reply on devel list https://lists.fedoraproject.org/pipermail/devel/2015-October/216015.html

@mschwendt @ngompa Read my comment about "the bug" here: https://lists.fedoraproject.org/pipermail/devel/2015-August/213882.html Especially the bullet no. 1 and its cons and why the solution you suggest wasn't implemented - createrepo_c tends to be part of critical systems for delivering updates - we just cannot break whole update system and require manual releng action just because some maintainer of some foobar package did a typo in spec of package which is used by two people in the world (where one is the maintainer itself and the second one is a person who installed it by mistake). There is no "problem hiding" - warning is printed. If you are providing invalid input you cannot expect valid output.

This update has been unpushed

This update has been unpushed

Cool! OpenVPN works again!