Hey nVidida folks… can you work to update your package build process to use modern digests when building RPM packages… we see things like the following… note the SHA-1 & MD5 digests… these ought to be at least SHA-256 …
rpm -Kvv nsight-systems-2023.1.2-2023.1.2.43_3237721-0.x86_64.rpm
ufdio: 1 reads, 17154 total bytes in 0.000008 secs
D: loading keyring from pubkeys in /var/lib/rpm/pubkeys/*.key
D: couldn't find any keys in /var/lib/rpm/pubkeys/*.key
D: loading keyring from rpmdb
D: serialize failed, using private dbenv
D: opening db environment /var/lib/rpm cdb:private:0x401
D: opening db index /var/lib/rpm/Packages 0x400 mode=0x0
D: locked db index /var/lib/rpm/Packages
D: opening db index /var/lib/rpm/Name 0x400 mode=0x0
D: read h# 440
Header SHA1 digest: OK
D: added key gpg-pubkey-8483c65d-5ccc5b19 to keyring
D: read h# 660
Header SHA1 digest: OK
D: added key gpg-pubkey-6d745a60-60287f36 to keyring
D: read h# 1157
Header SHA1 digest: OK
D: added key gpg-pubkey-2f86d6a1-5cf7cefb to keyring
D: read h# 1166
Header SHA1 digest: OK
D: added key gpg-pubkey-621e9f35-58adea78 to keyring
D: read h# 1273
Header SHA1 digest: OK
D: added key gpg-pubkey-d42d0685-62589a51 to keyring
D: read h# 1369
Header SHA1 digest: OK
D: added key gpg-pubkey-51312f3f-621fa7a9 to keyring
D: added subkey 0 of main key gpg-pubkey-51312f3f-621fa7a9 to keyring
D: read h# 1370
Header SHA1 digest: OK
D: added key gpg-pubkey-35dfa027-60ba0235 to keyring
D: added subkey 0 of main key gpg-pubkey-35dfa027-60ba0235 to keyring
D: Using legacy gpg-pubkey(s) from rpmdb
nsight-systems-2023.1.2-2023.1.2.43_3237721-0.x86_64.rpm:
Header V4 RSA/SHA512 Signature, key ID d42d0685: OK
Header SHA1 digest: OK
V4 RSA/SHA512 Signature, key ID d42d0685: OK
MD5 digest: OK
ufdio: 9079 reads, 297396981 total bytes in 0.064217 secs
D: closed db index /var/lib/rpm/Packages
D: closed db index /var/lib/rpm/Name
D: closed db environment /var/lib/rpm