This is a security-only update for the 4.9.x series to address the following three CVE's related to various input validation failures on headers: CVE-2012-0060, CVE-2012-0061 and CVE-2012-0815. Download instructions and more detailed information are available from: http://rpm.org/wiki/Releases/4.9.1.3 On behalf of the rpm-team, - Panu -