diff --git a/.github/workflows/make-check.yml b/.github/workflows/make-check.yml
index 73313d80b..80b6d9a72 100755
--- a/.github/workflows/make-check.yml
+++ b/.github/workflows/make-check.yml
@@ -99,10 +99,9 @@ jobs:
       uses: Homebrew/actions/setup-homebrew@master
     - name: install dependencies
       run: |
-          brew update
-          brew install automake autoconf pkg-config libtool
-          # brew install libxml2 libxslt
-          brew install openssl nspr nss libgcrypt gnutls
+          HOMEBREW_NO_AUTO_UPDATE=1 HOMEBREW_NO_INSTALLED_DEPENDENTS_CHECK=1 brew install automake autoconf pkg-config libtool
+          HOMEBREW_NO_AUTO_UPDATE=1 HOMEBREW_NO_INSTALLED_DEPENDENTS_CHECK=1 brew install libxml2 libxslt
+          HOMEBREW_NO_AUTO_UPDATE=1 HOMEBREW_NO_INSTALLED_DEPENDENTS_CHECK=1 brew install openssl nspr nss libgcrypt gnutls
     - uses: actions/checkout@v2
     - name: create-build-dirs
       run: |
diff --git a/src/gnutls/signatures.c b/src/gnutls/signatures.c
index 8ce057697..9c2e7d797 100644
--- a/src/gnutls/signatures.c
+++ b/src/gnutls/signatures.c
@@ -895,7 +895,9 @@ xmlSecGnuTLSSignatureVerify(xmlSecTransformPtr transform,
         err = gnutls_pubkey_verify_hash2(pubkey, ctx->signAlgo, ctx->verifyFlags, &hash, &signature);
     }
 
-    if(err == GNUTLS_E_SUCCESS) {
+    /* In case of a verification failure GNUTLS_E_PK_SIG_VERIFY_FAILED
+       is returned, and zero or positive code on success. */
+    if(err >= 0) {
         /* signature is good */
         transform->status = xmlSecTransformStatusOk;
     } else if(err == GNUTLS_E_PK_SIG_VERIFY_FAILED) {