RPM 4.9.1.3 Release Notes

  1. Download information
  2. Summary of changes from RPM 4.9.1.2
    1. Security

Download information

Summary of changes from RPM 4.9.1.2

This is a security-only update for CVE:2012-0060, CVE:2012-0061 and CVE:2012-0815.

Security

  • Properly sanity check region tags on header/package read (CVE:2012-0060)
  • Sanity check header regions fit within the header (CVE:2012-0061)
  • Sanity check negated region offsets too in headerVerifyInfo() (CVE:2012-0815)