RPM 4.9.1.3 Release Notes
Download information
- rpm-4.9.1.3.tar.bz2 source
- SHA1SUM: d1157a05a2368de07e06638daee01d3749107c8b
Summary of changes from RPM 4.9.1.2
This is a security-only update for CVE:2012-0060, CVE:2012-0061 and CVE:2012-0815.
Security
- Properly sanity check region tags on header/package read (CVE:2012-0060)
- Sanity check header regions fit within the header (CVE:2012-0061)
- Sanity check negated region offsets too in headerVerifyInfo() (CVE:2012-0815)