[Rpm-announce] RPM 4.14.2-rc1 released!

[Panu Matilainen]

We don't usually bother with release candidates for stable tree updates, 
but this one is an exception for a reason - it's a big one.

The Big Thing here is the addition of a package verification step to 
transactions which verifies the entire package prior to starting the 
transaction. By default, only a valid digest coverage for the entire 
package is required but this can be configured (with %_pkgverify_level 
macro, see main macros file for details) to require a valid signature, 
and there we have an enforcing signature policy. Finally.
This is intentionally implemented in a way that it forces depsolvers to 
learn new tricks in order to bypass. It's also supposed to be 
transparent, so well-behaved rpm API clients should just work. Knock 
wood, but hence the rc.

And since I know you're all wondering by now: such a big feature is not 
something we usually backport to existing releases, the reason for this 
exception is that this was always planned for rpm 4.14, it's just that 
we missed the original deadline by a year. Oops.

Beyond the verification thing, there's the usual assortment of bugfixes 
and minor enhancements all over the place, from a whole bunch of 
different contributors.

For details and download info, head to

	http://rpm.org/wiki/Releases/4.14.2

Please try and test as many scenarios and clients as possible.

On behalf of the #rpm-team,

	- Panu -