RPM 4.14.2 Release Notes
- rpm-4.14.2.tar.bz2
- SHA256SUM:
80cbc2c1e8e24e67c6f88b41d8ab5633b653a9a79d50d4750474a18cdb69352b
Summary of changes from RPM 4.14.1
Security
- Revised fix for CVE-2017-7500 that actually works
General bugfixes and enhancements
- Fix bogus warnings from –setperms/–setugids on %ghost and %missingok files
- Fix/improve inode and disk-space calculation on hardlinked files
- Fix %autosetup -S git on sources already containing a git repository (#239)
- Fix weak dependencies not affecting ordering (RhBug:1593185)
- Add support for enforcing signature policy and payload verification step
to transactions, –noverify option to skip (configurable via
%_pkgverify_level none/digest/signature/all macro)
- Add –setcaps to restore file capabilities
- Add –restore to restore all file permissions in one go
- Add query selectors –whatobsoletes and –whatconflicts
- Add :humansi and :hmaniec query formatters for human readable output (#375)
- Documentation updates + typo fixes (RhBug:1553898, #451…)
Package building
- Fix DistTag not getting defined from the %disttag macro (#406)
- Fix macro end detection if the first char of a macro line is ‘}’ (#401)
- Fix unhelpful error on invalid source files (#238)
- Fix debuginfo generation with file >= 5.33 (RhBug:1581224)
- Fix debugedit crashing on invalid index (RhBug:1543912)
- Fix debugedit generating invalid string pointers
- Fix type mismatch calculating new line program offset in debugedit
- Fix perl generator creating dependencies on invalid module names (RhBug:1539344)
- Add option to opt-out from Python bytecompilation out side of lib dir
- Add –nodebuginfo option to disable debuginfo package generation
- Add support for RISC-V relocation in debugedit
- Add macros for consistent build root policy disable/override ability
API
- Fix rpmErase() exit code to resemble that of rpmInstall()
- Fix rpmKeyringVerifySig() handling of missing keyring
- Add rpmtsVfyFlags() and rpmtsVfyLevel() for controlling package verification
flags and active policy of a transaction set
- Add RPMPROB_VERIFY and RPMPROB_FILTER_VERIFY for identifying and
controlling package verify problem objects
- Add RPMCALLBACK_VERIFY_START, RPMCALLBACK_VERIFY_PROGRESS and
RPMCALLBACK_VERIFY_STOP callback events, emitted as the first thing
in rpmtsRun() unless pkgverify is disabled
- Add RPMVSF_MASK_* symbols as aliases to replace “internal” RPMVSF* symbols
Internal improvements
- Fix a leak and a race in rpmdb open/close handling (#359)
- Fix several leaks in the ndb backend
- Fix a leak in gpg-pubkey header generation
- Fix potential division by zero in prelink detection (#420)
- Fix invalid size on RPM_BIN_TYPE data with HEADERIMPORT_FAST (#398)
- Fix misleading error on non-tty output (#355)
- Fix progress bar going crazy on packages with invalid size (RhBug:1478051)
- Fix several (mostly minor) resource leaks across the codebase
- Fix rpmkeys not properly honoring rpm configuration
- Add header tag type validation prior import (#242, #414)
- Remove controversial user/group duplicate detection from verify
- Optimize setting FD_CLOEXEC on all open files (#444, RhBug:1537564)
- Optimize brp-python-bytecompile
- Loads of refactoring to support package verification policies
Python bindings
- Fix addSign() and delSign() argument parsing (RhBug:1558126)
- Fix export of vsflags by using non-internal RPMVSF_MASK_* names (#440)
- Add ts.get/setVfyFlags() and ts.get/setVfyLevel() for controlling
package verification flags and policy of a transaction set
- Add symbols RPMSIG_(NONE|DIGEST|SIGNATURE|VERIFIABLE)_TYPE for
use with package verification policy level
- Add symbols RPMPROB_VERIFY and RPMPROB_FILTER_VERIFY (see API section)
- Add RPMCALLBACK_VERIFY_START, RPMCALLBACK_VERIFY_PROGRESS and
RPMCALLBACK_VERIFY_STOP symbols (see API section)
Build process
- Fix test-suite when coreutils multicall binary is used
- Fix unnecessary hard dependency on python macro helper (#387)
- Fix gpg 1 used as a fallback on test-suite, it wont work
- Add configure switch to disable systemd-inhibit plugin
- Add numerous test-cases