You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We have resolved a number of bugs we would like to contribute back to open source in batches.
Always verify the payload hash against the manifest. (20877) If a user downloads an updated bundle (say, a pre-release and a release) to the same directory where payloads might've existed, merely checking the validity of the Authenticode signature is not sufficient and will end up failing the operation or succeeding with the wrong package(s). This can also affect the self-updating feature if you download to the same directory to use most of the payloads that were unchanged.
Reset the file stream pointer before every hash check. (20895) An unintended side effect of always checking the hash (a bug in No Download #1 above).
If two MSIs share the same CAB, or you rerun layout in the same directory that a partial layout occurred, the layout will fail. (20792)
Originally opened by heaths
The text was updated successfully, but these errors were encountered:
We have resolved a number of bugs we would like to contribute back to open source in batches.
The text was updated successfully, but these errors were encountered: