[Rpm-maint] RPM 4.18.0 and POPT 1.19 released!

Panu Matilainen pmatilai at redhat.com
Wed Sep 21 10:13:15 UTC 2022


I seem to be short of clever/funny remarks for the preamble this time 
around, so maybe I'll just pass. In what must be the driest news of the 
day, we're releasing RPM 4.18.0 and POPT 1.19. Despite the timing, these 
releases aren't technically related, and RPM continues to work with 
older POPT releases as well.

== RPM ==

The highlights of what's changed since RPM 4.17 include
* Big file handling rework to address a class of symlink vulnerabilities
   during install, restore and erasure
* More intuitive conditional builds macro `%bcond`
* Weak dependencies accept qualifiers like `meta` and `pre` now
* New Sequoia-based OpenPGP backend
* New interactive shell for working with macros (`rpmspec --shell`) and 
embedded Lua (`rpmlua`)
* New `%conf` spec section for build configuration
* New `rpmuncompress` cli tool simplifies unpacking multiple sources
* Numerous macro improvements and fixes
* Numerous internal OpenPGP parser correctness and security fixes

Details and download info at

	https://rpm.org/wiki/Releases/4.18.0

== POPT ==

There's nothing particularly major in POPT, it's just bug and regression 
fixes, code cleanups and documentation improvements. Plus a license 
clarification. One noteworthy item is a memory leak fix which can affect 
callers, in particular some applications have been relying on 
poptGetArg() returned strings persisting over poptResetContext() call.

Details and download info at

	https://github.com/rpm-software-management/popt/releases/tag/popt-1.19-release

On behalf of the rpm-team,

	- Panu -



More information about the Rpm-maint mailing list