rpm: RPM does not require subkeys to have a valid binding signature https://github.com/rpm-software-management/rpm/pull/1788 CREATE(Triage):(User=admin) CVE-2021-3521 (https://nvd.nist.gov/vuln/detail/CVE-2021-3521)