[Rpm-maint] RPM 4.8.1 released!
Panu Matilainen
pmatilai at redhat.com
Fri Jun 11 10:41:06 UTC 2010
We're pleased to announce the availability of RPM release 4.8.1. Download
instructions and more detailed information are available from:
http://rpm.org/wiki/Releases/4.8.1
This is primarily a security and regression fix release, with few
other changes. Here's the executive summary of user visible changes
since RPM 4.8.0:
Security:
* Remove SUID/SGID bits from hardlinked executables on upgrade too
(CVE-2010-2059, RhBug:598775) [1]
* Remove POSIX capabilities from hardlinked executables on upgrade and
erase (CVE-2010-2059?, RhBug:598775)
General bugfixes and enhancements:
* Fix "empty reply from server" curl-syndrome with URL retrieval,
regression introduced in 4.6.0 (RhBug:598988)
* Fix transaction hanging on unrelated filesystems (RhBug:547548)
* Fix crash on URL retrieve to read-only location on install (RhBug:557118)
* Fix verification error code not to depend on verbosity
level (RhBug:557101)
* Fix return from chroot() on verify (RhBug:590588)
* Permit DOS-style line-endings in PGP ASCII armors (RhBug:532992)
* Fix :pgpsig header format extension sometimes showing numbers for
known hash types (RhBug:587755)
* Fix :deptype header format extension failing to show some flag
combinations
* Fix error message on package conflicts against installed packages
* Fix erased packages causing misleading disk-space checking
messages (RhBug:561160)
* Document --conflicts option in manpage (ticket #126)
Package building:
* Fix %defattr(-) syntax, regression introduced in (SuseBug:594310)
* Fix spec parser eating empty lines in %prep section, regression
introduced in 4.6.0 (RhBug:573339)
* Fix NOSOURCE/NOPATCH tag generation of nosrc packages, regression
introduced in 4.6.0
* Fix crash in the spec parser (RhBug:597835, SuseBug:582599)
* Fix copying of translated tags into source rpms (RhBug:578299)
* Only extract dependencies from .desktop files with Type=Application
and Exec= entries (ticket #150)
* Work around GNU tar debug output breaking rpmbuild -t (SuseBug:558475)
[1] This was originally reported by Michael Schröder from Suse,
together with a complete patch, all the way back in 2004 in
Red Hat bugzilla. Things went downhill from there, including
dismissive analysis of the issue in the bug report, and a
partial patch missing the upgrade case ending up in circulation
in various distributions and eventually getting applied to the
rpm.org tree. An unfortunate chain of events to say the
least, but there's no helping what happened back then. We can
only try our best to ensure such things wont happen again.
On behalf of the rpm-team,
- Panu -
More information about the Rpm-maint
mailing list