[Rpm-announce] RPM 4.18.0 alpha released!

Panu Matilainen pmatilai at redhat.com
Wed Apr 13 10:48:46 UTC 2022


Year 2021 proved challenging in various ways, but here we go again. By 
far the biggest challenge in this release was dealing with the symlink 
CVE pile from last year, which required a big rework of the file 
handling code, and rewriting --restore to take advantage of the same 
code. Which is why there's perhaps less new exciting things than in some 
other recent releases, but there's some good stuff anyway.

The obligatory highlights summary:
* Big file handling rework to address a class of symlink vulnerabilities 
during install, restore and erasure
* More intuitive conditional builds macro `%bcond`
* Weak dependencies accept qualifiers like `meta` and `pre` now
* New interactive shell for working with macros (`rpmspec --shell`) and 
embedded Lua (`rpmlua`)
* New `%conf` spec section for build configuration
* New `rpmuncompress` cli tool simplifies unpacking multiple sources
* Numerous macro improvements and fixes
* Numerous OpenPGP parser correctness and security fixes

As usual, further details and download information available at:

	https://rpm.org/wiki/Releases/4.18.0

On behalf of the rpm-team,

	- Panu -



More information about the Rpm-announce mailing list