Skip to navigation

Bug Fix Advisory rpm bug fix update

Advisory: RHBA-2009:0079-3
Type: Bug Fix Advisory
Severity: N/A
Issued on: 2009-01-20
Last updated on: 2009-01-20
Affected Products: RHEL Desktop Workstation (v. 5 client)
Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)

Details

Updated rpm packages that fix various issues and ensure compliance with
FIPS-140-2 are now available.

The RPM Package Manager (RPM) is a command line driven package management
system capable of installing, uninstalling, verifying, querying, and
updating software packages.

This update re-bases RPM to upstream version 4.4.2.3, and applies several
bug fixes from upstream, most notably:

* A bug that caused rpm to output a "Broken Pipe" error when some valid
packages were installed is now fixed. This error sometimes appeared during
the installation of packages that executed scriptlets that used a fork or
pipe during %post. This was because rpm used the SIGPIPE call (instead of
SIG_IGN) during %post. To fix this, rpm now uses the default handler for
executing scriptlets.

* A bug that sometimes caused "Floating point exception" errors when rpm
was run on a virtualized guest is now fixed. In previous releases, this
error was triggered each time rpm was run on a guest where ntpd was also
running. This was caused by incorrect timing code in rpm, which is now fixed.

* A bug in the rpmgiNext() function is now fixed. This bug previously
caused rpm to sometimes return an incorrect error code.

* A bug in the way rpm -U handled virtual provides is now fixed. This bug
previously caused inconsistent results when upgrading packages through RPM.
With this upstream fix, rpm -U now functions consistently and processes the
upgrade of packages with virtual provides correctly.

* The --httpproxy option no longer prevents rpm from downloading and
installing multiple packages from a webserver. In previous releases, using
--httpproxy resulted in multiple attempts to install only the first
retrieved package. This was because the urlinfo cache assigned the path of
the first retrieved package to all other packages whenever a proxied
connection was used. With this update, the urlinfo cache assigns the
correct path name of all packages during a proxied connection.

* Installing the 32-bit and 64-bit versions of the same package on a system
and subsequently removing one of them no longer renders the remaining
installed version as invalid.

* In previous releases, rpmbuild sometimes failed to build packages from
source if the redhat-rpm-config package was not installed. This was caused
by a bug in the rpmrc file, which contained a deprecated switch; namely,
-mcpu. This bug was fixed by replacing the deprecated switch with -mtune.

* rpm no longer deletes a package if an upgrade through yum fails. In
previous releases, if an exception occurred during the yum RPMTransaction
callback, rpm still deleted the "old" package even though rpm did not
successfully install the newer version first. With this release, rpm will
stop the upgrade process altogether (thereby preventing an incorrect
package deletion) if yum crashes while executing a transaction callback.

* rpm now adds secondary architecture-specific macro files on multi-arch
systems. This ensures that rpmbuild can properly compile packages for
secondary architectures on a primary architecture.

* rpm now closes all file descriptors it inherits during %post. In previous
releases, rpm only closed the first 100 file descriptors; as a result, any
daemons that were restarted during a large up2date transaction could crash.

* bzip2 is now a dependency for building iptables from source.

* rpmbuild no longer fails when it encounters a spec file that contains
leading comment line or other special symbols.

* rpm now checks for file conflicts under /usr/share/doc; however,
conflicts in documentation files are still allowed. In previous releases,
rpm skipped /usr/share/doc during file conflict checks altogether.

This update also applies the necessary security fixes to ensure that rpm is
now compliant with Federal Information Processing Standard 140-2
(FIPS-140-2). For more information about the upstream version this update
is based upon, refer to http://rpm.org/wiki/Releases/4.4.2.3.

All rpm users are advised to upgrade to this update to apply the
aforementioned fixes.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

Updated packages

RHEL Desktop Workstation (v. 5 client)

SRPMS:
rpm-4.4.2.3-9.el5.src.rpm
File outdated by:  RHBA-2013:1297
    MD5: b6bd85643e97f196dc62070d47376626
 
IA-32:
rpm-apidocs-4.4.2.3-9.el5.i386.rpm
File outdated by:  RHBA-2013:1297
    MD5: 99f4106c3ad378fde3d0e2135e118d92
rpm-build-4.4.2.3-9.el5.i386.rpm
File outdated by:  RHBA-2013:1297
    MD5: cf96e601e2fbb930b2b304cb7bfc199c
rpm-devel-4.4.2.3-9.el5.i386.rpm
File outdated by:  RHBA-2013:1297
    MD5: 9b689d7447c30ff3096b3f3530edd83f
 
x86_64:
rpm-apidocs-4.4.2.3-9.el5.x86_64.rpm
File outdated by:  RHBA-2013:1297
    MD5: b5f14dedf7cdfb2a6d37665b4fbc3eae
rpm-build-4.4.2.3-9.el5.x86_64.rpm
File outdated by:  RHBA-2013:1297
    MD5: a2cd6fead6d29753778ed2e5b1e875f8
rpm-devel-4.4.2.3-9.el5.i386.rpm
File outdated by:  RHBA-2013:1297
    MD5: 9b689d7447c30ff3096b3f3530edd83f
rpm-devel-4.4.2.3-9.el5.x86_64.rpm
File outdated by:  RHBA-2013:1297
    MD5: 81cea32eb3549f5ac98141acc5063c3b
 
Red Hat Enterprise Linux (v. 5 server)

SRPMS:
rpm-4.4.2.3-9.el5.src.rpm
File outdated by:  RHBA-2013:1297
    MD5: b6bd85643e97f196dc62070d47376626
 
IA-32:
popt-1.10.2.3-9.el5.i386.rpm
File outdated by:  RHBA-2013:1297
    MD5: 3ae04781475cb4ae9c78a7424ce9f10b
rpm-4.4.2.3-9.el5.i386.rpm
File outdated by:  RHBA-2013:1297
    MD5: c839ba548281845f07a703d0b4815f2f
rpm-apidocs-4.4.2.3-9.el5.i386.rpm
File outdated by:  RHBA-2013:1297
    MD5: 99f4106c3ad378fde3d0e2135e118d92
rpm-build-4.4.2.3-9.el5.i386.rpm
File outdated by:  RHBA-2013:1297
    MD5: cf96e601e2fbb930b2b304cb7bfc199c
rpm-devel-4.4.2.3-9.el5.i386.rpm
File outdated by:  RHBA-2013:1297
    MD5: 9b689d7447c30ff3096b3f3530edd83f
rpm-libs-4.4.2.3-9.el5.i386.rpm
File outdated by:  RHBA-2013:1297
    MD5: 972010a6f62db8976e5ccd2e65fff11e
rpm-python-4.4.2.3-9.el5.i386.rpm
File outdated by:  RHBA-2013:1297
    MD5: 533c7f4d4f5b2fa9995e04b5993a582a
 
IA-64:
popt-1.10.2.3-9.el5.ia64.rpm
File outdated by:  RHBA-2013:1297
    MD5: f1a8d18e5766b7dabc6e0b072561d1b4
rpm-4.4.2.3-9.el5.ia64.rpm
File outdated by:  RHBA-2013:1297
    MD5: 8c15acaf999e6909592b37e7b236d93c
rpm-apidocs-4.4.2.3-9.el5.ia64.rpm
File outdated by:  RHBA-2013:1297
    MD5: 42f8add2d66b5549373f2629841ca73e
rpm-build-4.4.2.3-9.el5.ia64.rpm
File outdated by:  RHBA-2013:1297
    MD5: 7256f5133d254aa482f0a6a24c04f0b1
rpm-devel-4.4.2.3-9.el5.ia64.rpm
File outdated by:  RHBA-2013:1297
    MD5: f40029b943737ab099f72e9f4a979a06
rpm-libs-4.4.2.3-9.el5.ia64.rpm
File outdated by:  RHBA-2013:1297
    MD5: ced287c4cef6d072614b1c4f64207e3c
rpm-python-4.4.2.3-9.el5.ia64.rpm
File outdated by:  RHBA-2013:1297
    MD5: e999078381d3678e5e2ad5ef3efff60e
 
PPC:
popt-1.10.2.3-9.el5.ppc.rpm
File outdated by:  RHBA-2013:1297
    MD5: 11594222e3dab1abd769bd9640fe418e
popt-1.10.2.3-9.el5.ppc64.rpm
File outdated by:  RHBA-2013:1297
    MD5: 035196184b0b5db3caf27a2d682eda3b
rpm-4.4.2.3-9.el5.ppc.rpm
File outdated by:  RHBA-2013:1297
    MD5: 9cffc41c63fc3d3f1458f396170dc22e
rpm-apidocs-4.4.2.3-9.el5.ppc.rpm
File outdated by:  RHBA-2013:1297
    MD5: 1354e3a7441cea95c402e11f816b1507
rpm-build-4.4.2.3-9.el5.ppc.rpm
File outdated by:  RHBA-2013:1297
    MD5: c86eca0afccda84d7f719823523641ee
rpm-devel-4.4.2.3-9.el5.ppc.rpm
File outdated by:  RHBA-2013:1297
    MD5: 32076fa18c719b11892bc77ac16aabd5
rpm-devel-4.4.2.3-9.el5.ppc64.rpm
File outdated by:  RHBA-2013:1297
    MD5: a651ea09c03d7c7d2a568bd107d99b86
rpm-libs-4.4.2.3-9.el5.ppc.rpm
File outdated by:  RHBA-2013:1297
    MD5: 215f99633380d2b0f8b1d03851244066
rpm-libs-4.4.2.3-9.el5.ppc64.rpm
File outdated by:  RHBA-2013:1297
    MD5: cadc08ab4f49e4e9c673cbc9d8f54c4b
rpm-python-4.4.2.3-9.el5.ppc.rpm
File outdated by:  RHBA-2013:1297
    MD5: d8af560924856b9914837f11563ea007
 
s390x:
popt-1.10.2.3-9.el5.s390.rpm
File outdated by:  RHBA-2013:1297
    MD5: 228ff58ab4fa8f2cc52d62424c32fb3d
popt-1.10.2.3-9.el5.s390x.rpm
File outdated by:  RHBA-2013:1297
    MD5: ff704e7df8e97292c4f79dd6f4b61edb
rpm-4.4.2.3-9.el5.s390x.rpm
File outdated by:  RHBA-2013:1297
    MD5: 8c21b34c87b812bdcaa502a9755ce691
rpm-apidocs-4.4.2.3-9.el5.s390x.rpm
File outdated by:  RHBA-2013:1297
    MD5: dda6b7d5d18168eef99ec396a40af1b3
rpm-build-4.4.2.3-9.el5.s390x.rpm
File outdated by:  RHBA-2013:1297
    MD5: f35a46f69f58c267067d812ac65c865e
rpm-devel-4.4.2.3-9.el5.s390.rpm
File outdated by:  RHBA-2013:1297
    MD5: 267891f53694c513a431390c52922a93
rpm-devel-4.4.2.3-9.el5.s390x.rpm
File outdated by:  RHBA-2013:1297
    MD5: 3c9d18996234f3e1b09e2a796e3d4d3b
rpm-libs-4.4.2.3-9.el5.s390.rpm
File outdated by:  RHBA-2013:1297
    MD5: 286d19b85efcaa802c5cc457f0ebd756
rpm-libs-4.4.2.3-9.el5.s390x.rpm
File outdated by:  RHBA-2013:1297
    MD5: 1af368b3b93719afd20bbd03cc938848
rpm-python-4.4.2.3-9.el5.s390x.rpm
File outdated by:  RHBA-2013:1297
    MD5: 8e8589ee7dccdcad9acf9e390c6cc48c
 
x86_64:
popt-1.10.2.3-9.el5.i386.rpm
File outdated by:  RHBA-2013:1297
    MD5: 3ae04781475cb4ae9c78a7424ce9f10b
popt-1.10.2.3-9.el5.x86_64.rpm
File outdated by:  RHBA-2013:1297
    MD5: 6f1a315458daa861700212dee8b3b96f
rpm-4.4.2.3-9.el5.x86_64.rpm
File outdated by:  RHBA-2013:1297
    MD5: d91da0fbb8eedce0fa27d670de70f1d1
rpm-apidocs-4.4.2.3-9.el5.x86_64.rpm
File outdated by:  RHBA-2013:1297
    MD5: b5f14dedf7cdfb2a6d37665b4fbc3eae
rpm-build-4.4.2.3-9.el5.x86_64.rpm
File outdated by:  RHBA-2013:1297
    MD5: a2cd6fead6d29753778ed2e5b1e875f8
rpm-devel-4.4.2.3-9.el5.i386.rpm
File outdated by:  RHBA-2013:1297
    MD5: 9b689d7447c30ff3096b3f3530edd83f
rpm-devel-4.4.2.3-9.el5.x86_64.rpm
File outdated by:  RHBA-2013:1297
    MD5: 81cea32eb3549f5ac98141acc5063c3b
rpm-libs-4.4.2.3-9.el5.i386.rpm
File outdated by:  RHBA-2013:1297
    MD5: 972010a6f62db8976e5ccd2e65fff11e
rpm-libs-4.4.2.3-9.el5.x86_64.rpm
File outdated by:  RHBA-2013:1297
    MD5: 0fc96990109ddebd8555d85ef9946de7
rpm-python-4.4.2.3-9.el5.x86_64.rpm
File outdated by:  RHBA-2013:1297
    MD5: 03b00713bf0ba7bc2d103e549e6cecba
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
rpm-4.4.2.3-9.el5.src.rpm
File outdated by:  RHBA-2013:1297
    MD5: b6bd85643e97f196dc62070d47376626
 
IA-32:
popt-1.10.2.3-9.el5.i386.rpm
File outdated by:  RHBA-2013:1297
    MD5: 3ae04781475cb4ae9c78a7424ce9f10b
rpm-4.4.2.3-9.el5.i386.rpm
File outdated by:  RHBA-2013:1297
    MD5: c839ba548281845f07a703d0b4815f2f
rpm-libs-4.4.2.3-9.el5.i386.rpm
File outdated by:  RHBA-2013:1297
    MD5: 972010a6f62db8976e5ccd2e65fff11e
rpm-python-4.4.2.3-9.el5.i386.rpm
File outdated by:  RHBA-2013:1297
    MD5: 533c7f4d4f5b2fa9995e04b5993a582a
 
x86_64:
popt-1.10.2.3-9.el5.i386.rpm
File outdated by:  RHBA-2013:1297
    MD5: 3ae04781475cb4ae9c78a7424ce9f10b
popt-1.10.2.3-9.el5.x86_64.rpm
File outdated by:  RHBA-2013:1297
    MD5: 6f1a315458daa861700212dee8b3b96f
rpm-4.4.2.3-9.el5.x86_64.rpm
File outdated by:  RHBA-2013:1297
    MD5: d91da0fbb8eedce0fa27d670de70f1d1
rpm-libs-4.4.2.3-9.el5.i386.rpm
File outdated by:  RHBA-2013:1297
    MD5: 972010a6f62db8976e5ccd2e65fff11e
rpm-libs-4.4.2.3-9.el5.x86_64.rpm
File outdated by:  RHBA-2013:1297
    MD5: 0fc96990109ddebd8555d85ef9946de7
rpm-python-4.4.2.3-9.el5.x86_64.rpm
File outdated by:  RHBA-2013:1297
    MD5: 03b00713bf0ba7bc2d103e549e6cecba
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

233713 - RPM upgrade behaviour is inconsistent
244236 - Incorrect return code
250207 - The description about option '--dump' in manpage is wrong
257921 - RPM needs secondary arch macro files
355551 - rpmrc provides obsolete default switches
426258 - bi-arch packages cause unnecessary .rpmnew and .rpmsave files
431860 - RPM 32/64-bit share the same files leaving last package on removal in invalid state
445075 - bzip2 not mentioned as a dependency in iptables-1.3.5-1.2.1.src.rpm
447177 - rpmbuild fails on a spec with a leading comment line
450205 - rpm --httpproxy can't handle multiple rpm packages
453645 - RPM should close more than 100 file descriptors
454887 - Rebase RPM to Fedora 9 version
460808 - Need to fix RPM to skip checking file conflicts under /usr/share/doc
463944 - rpm writes error : File not found by glob: and return code = 0
463999 - Rpm can "delete old versions" without having "installed new versions"
471591 - echo: write error: Broken pipe in %post
472467 - [RHEL5.3] kernel-xen Floating point exception on 32bit para-virt guest



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/