- Issued:
- 2011-05-18
- Updated:
- 2011-05-18
RHBA-2011:0739 - rpm bug fix and enhancement update
Synopsis
rpm bug fix and enhancement update
Type/Severity
Bug Fix Advisory
Topic
Updated rpm packages that fix several bugs and add various enhancements are now available.
[Updated 23 October 2012] This advisory has been updated with a corrected description of the BZ#479608 and BZ#553108 bugs. This update does not change the packages in any way.
Description
The RPM Package Manager (RPM) is a command line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages.
These updated rpm packages provide fixes for the following bugs:
-
The "freshen" (rpm -F/--freshen) operation did not consider the architecture the packages were built for when selecting selecting update candidates, which caused either misleading error messages or packages being updated to a different architecture inappropriately on multilib systems. RPM now requires an exact architecture match between packages on multilib systems to perform the freshen operation. (BZ#479608, BZ#553108)
-
RPM previously forced the umask of a process to "022" at library initialization, which could cause unwanted behavior for API users, especially in python, where importing the rpm module would silently change the umask. The umask is now only changed for the duration of a transaction and restored to its previous value afterwards. (BZ#565843)
-
Package signing could result in a misleading passphrase-related error message when the passphrase was correct but other issues (such as an expired key) prevented signing. Since RPM relies on GnuPG to perform package-signing, it has no knowledge of such details and cannot report them. However, to avoid this situation, any error messages from GnuPG are now passed to RPM users where they were previously silenced unless verbose mode was used when signing packages. (BZ#607222)
-
Using custom signing parameters such as a different digest algorithm, it was possible to successfully sign a package that RPM could not validate due to differencies in supported algorithms between GnuPG and NSS. RPM now gives an error message when unsupported parameters are used in package signing. (BZ#608599)
-
Package (re)signing could lead to multiple bad signatures being added to a package, rather than being replaced appropriately, because of flawed heuristics used in determining the signature type. Pre-existing and newly created signatures are now compared in detail to precisely determine the need to replace or skip signatures. (BZ#608608, BZ#681013)
-
Attempting to build packages that contained fonts when the fontconfig package was not installed sometimes led to the build failing with a "getOutputFrom(): Broken pipe" error because of flaws in the dependency generation system. The "font provides" helper script now always flushes stdin to prevent this from occurring. Additionally, the error message has been made more informative to make catching such issues easier in the future. (BZ#609117)
-
Attempting to verify packages with "%verifyscript" caused the script to run twice and fail to reflect a failure in response to an RPM exit code. These were simple logic errors, which have been fixed in this update. (BZ#668629)
-
When both the primary and secondary architecture versions of a package were installed and then updated or erased, RPM failed to erase all files of the previous installation because erasure order was incorrect in cases where order was not dictated by other dependencies. Erasure ordering between primary and secondary architecture packages is now handled correctly in this situation. (BZ#680261)
-
debuginfo generation could fail to handle cross-directory hard links between binaries in some rare situations, causing corresponding .debug files to be missing in the generated package. This update ensures cross-directory hard linked files in packages are always handled correctly during debuginfo generation. (BZ#618428)
These updated packages also provide the following enhancement:
- debuginfo generation has been enhanced to generate pre-calculated index files for the GNU Project Debugger (gdb). These indexes improve gdb startup times. (BZ#652787)
All users of the RPM Package Manager are advised to upgrade to these updated packages, which correct these issues and add this enhancement.
Solution
Before applying this update, make sure that all previously-released errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258
Affected Products
| Product | Version | Arch |
|---|---|---|
| Red Hat Enterprise Linux for Scientific Computing | 6 | x86_64 |
| Red Hat Enterprise Linux for Power, big endian | 6 | ppc64 |
| Red Hat Enterprise Linux for IBM z Systems | 6 | s390x |
| Red Hat Enterprise Linux Workstation | 6 | x86_64 |
| Red Hat Enterprise Linux Workstation | 6 | i386 |
| Red Hat Enterprise Linux Server | 6 | x86_64 |
| Red Hat Enterprise Linux Server | 6 | i386 |
| Red Hat Enterprise Linux Server from RHUI | 6 | x86_64 |
| Red Hat Enterprise Linux Server from RHUI | 6 | i386 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support | 6 | x86_64 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support | 6 | i386 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension | 6 | x86_64 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension | 6 | i386 |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension (for IBM z Systems) | 6 | s390x |
| Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) | 6 | s390x |
| Red Hat Enterprise Linux Desktop | 6 | x86_64 |
| Red Hat Enterprise Linux Desktop | 6 | i386 |
Updated Packages
- rpm-devel-4.8.0-16.el6.s390x.rpm
- rpm-debuginfo-4.8.0-16.el6.x86_64.rpm
- rpm-debuginfo-4.8.0-16.el6.i686.rpm
- rpm-4.8.0-16.el6.s390x.rpm
- rpm-devel-4.8.0-16.el6.i686.rpm
- rpm-libs-4.8.0-16.el6.x86_64.rpm
- rpm-build-4.8.0-16.el6.s390x.rpm
- rpm-build-4.8.0-16.el6.x86_64.rpm
- rpm-debuginfo-4.8.0-16.el6.ppc64.rpm
- rpm-devel-4.8.0-16.el6.ppc.rpm
- rpm-python-4.8.0-16.el6.ppc64.rpm
- rpm-4.8.0-16.el6.ppc64.rpm
- rpm-devel-4.8.0-16.el6.ppc64.rpm
- rpm-python-4.8.0-16.el6.i686.rpm
- rpm-python-4.8.0-16.el6.s390x.rpm
- rpm-cron-4.8.0-16.el6.noarch.rpm
- rpm-build-4.8.0-16.el6.i686.rpm
- rpm-libs-4.8.0-16.el6.ppc.rpm
- rpm-debuginfo-4.8.0-16.el6.s390x.rpm
- rpm-debuginfo-4.8.0-16.el6.s390.rpm
- rpm-4.8.0-16.el6.src.rpm
- rpm-python-4.8.0-16.el6.x86_64.rpm
- rpm-libs-4.8.0-16.el6.ppc64.rpm
- rpm-libs-4.8.0-16.el6.s390.rpm
- rpm-build-4.8.0-16.el6.ppc64.rpm
- rpm-4.8.0-16.el6.x86_64.rpm
- rpm-4.8.0-16.el6.i686.rpm
- rpm-libs-4.8.0-16.el6.s390x.rpm
- rpm-debuginfo-4.8.0-16.el6.ppc.rpm
- rpm-devel-4.8.0-16.el6.x86_64.rpm
- rpm-libs-4.8.0-16.el6.i686.rpm
- rpm-devel-4.8.0-16.el6.s390.rpm
- rpm-apidocs-4.8.0-16.el6.noarch.rpm
Fixes
- This content is not included.BZ - 479608
- This content is not included.BZ - 608599
- This content is not included.BZ - 608608
- This content is not included.BZ - 609117
- This content is not included.BZ - 618428
- This content is not included.BZ - 668629
- This content is not included.BZ - 680261
- This content is not included.BZ - 681013
CVEs
(none)
References
Additional information
- The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
- Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.