[Mageia-dev] freeze push: rpm

Thierry Vignaud thierry.vignaud at gmail.com
Thu Apr 5 02:25:39 CEST 2012


Please let in rpm-
It's a pure security fixes release.
It passes rpm, perl-URPM & urpmi test suites (same % of success for urpmi).

See http://rpm.org/wiki/Releases/
"Summary of changes from RPM

This is a security-only update for CVE:2012-0060, CVE:2012-0061 and

    Properly sanity check region tags on header/package read (CVE:2012-0060)
    Sanity check header regions fit within the header (CVE:2012-0061)
    Sanity check negated region offsets too in headerVerifyInfo()

More information about the Mageia-dev mailing list