[Rpm-announce] RPM 4.18.0 alpha released!
Panu Matilainen
pmatilai at redhat.com
Wed Apr 13 10:48:46 UTC 2022
Year 2021 proved challenging in various ways, but here we go again. By
far the biggest challenge in this release was dealing with the symlink
CVE pile from last year, which required a big rework of the file
handling code, and rewriting --restore to take advantage of the same
code. Which is why there's perhaps less new exciting things than in some
other recent releases, but there's some good stuff anyway.
The obligatory highlights summary:
* Big file handling rework to address a class of symlink vulnerabilities
during install, restore and erasure
* More intuitive conditional builds macro `%bcond`
* Weak dependencies accept qualifiers like `meta` and `pre` now
* New interactive shell for working with macros (`rpmspec --shell`) and
embedded Lua (`rpmlua`)
* New `%conf` spec section for build configuration
* New `rpmuncompress` cli tool simplifies unpacking multiple sources
* Numerous macro improvements and fixes
* Numerous OpenPGP parser correctness and security fixes
As usual, further details and download information available at:
https://rpm.org/wiki/Releases/4.18.0
On behalf of the rpm-team,
- Panu -
More information about the Rpm-announce
mailing list