rpm bug fix update

Updated rpm packages that fix various issues and ensure compliance with
FIPS-140-2 are now available.

The RPM Package Manager (RPM) is a command line driven package management
system capable of installing, uninstalling, verifying, querying, and
updating software packages.

This update re-bases RPM to upstream version 4.4.2.3, and applies several
bug fixes from upstream, most notably:

* A bug that caused rpm to output a "Broken Pipe" error when some valid
packages were installed is now fixed. This error sometimes appeared during
the installation of packages that executed scriptlets that used a fork or
pipe during %post. This was because rpm used the SIGPIPE call (instead of
SIG_IGN) during %post. To fix this, rpm now uses the default handler for
executing scriptlets.

* A bug that sometimes caused "Floating point exception" errors when rpm
was run on a virtualized guest is now fixed. In previous releases, this
error was triggered each time rpm was run on a guest where ntpd was also
running. This was caused by incorrect timing code in rpm, which is now fixed.

* A bug in the rpmgiNext() function is now fixed. This bug previously
caused rpm to sometimes return an incorrect error code.

* A bug in the way rpm -U handled virtual provides is now fixed. This bug
previously caused inconsistent results when upgrading packages through RPM.
With this upstream fix, rpm -U now functions consistently and processes the
upgrade of packages with virtual provides correctly.

* The --httpproxy option no longer prevents rpm from downloading and
installing multiple packages from a webserver. In previous releases, using
--httpproxy resulted in multiple attempts to install only the first
retrieved package. This was because the urlinfo cache assigned the path of
the first retrieved package to all other packages whenever a proxied
connection was used. With this update, the urlinfo cache assigns the
correct path name of all packages during a proxied connection.

* Installing the 32-bit and 64-bit versions of the same package on a system
and subsequently removing one of them no longer renders the remaining
installed version as invalid.

* In previous releases, rpmbuild sometimes failed to build packages from
source if the redhat-rpm-config package was not installed. This was caused
by a bug in the rpmrc file, which contained a deprecated switch; namely,
-mcpu. This bug was fixed by replacing the deprecated switch with -mtune.

* rpm no longer deletes a package if an upgrade through yum fails. In
previous releases, if an exception occurred during the yum RPMTransaction
callback, rpm still deleted the "old" package even though rpm did not
successfully install the newer version first. With this release, rpm will
stop the upgrade process altogether (thereby preventing an incorrect
package deletion) if yum crashes while executing a transaction callback.

* rpm now adds secondary architecture-specific macro files on multi-arch
systems. This ensures that rpmbuild can properly compile packages for
secondary architectures on a primary architecture.

* rpm now closes all file descriptors it inherits during %post. In previous
releases, rpm only closed the first 100 file descriptors; as a result, any
daemons that were restarted during a large up2date transaction could crash.

* bzip2 is now a dependency for building iptables from source.

* rpmbuild no longer fails when it encounters a spec file that contains
leading comment line or other special symbols.

* rpm now checks for file conflicts under /usr/share/doc; however,
conflicts in documentation files are still allowed. In previous releases,
rpm skipped /usr/share/doc during file conflict checks altogether.

This update also applies the necessary security fixes to ensure that rpm is
now compliant with Federal Information Processing Standard 140-2
(FIPS-140-2). For more information about the upstream version this update
is based upon, refer to http://rpm.org/wiki/Releases/4.4.2.3.

All rpm users are advised to upgrade to this update to apply the
aforementioned fixes.

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

233713 - RPM upgrade behaviour is inconsistent
244236 - Incorrect return code
250207 - The description about option '--dump' in manpage is wrong
257921 - RPM needs secondary arch macro files
355551 - rpmrc provides obsolete default switches
426258 - bi-arch packages cause unnecessary .rpmnew and .rpmsave files
431860 - RPM 32/64-bit share the same files leaving last package on removal in invalid state
445075 - bzip2 not mentioned as a dependency in iptables-1.3.5-1.2.1.src.rpm
447177 - rpmbuild fails on a spec with a leading comment line
450205 - rpm --httpproxy can't handle multiple rpm packages
453645 - RPM should close more than 100 file descriptors
454887 - Rebase RPM to Fedora 9 version
460808 - Need to fix RPM to skip checking file conflicts under /usr/share/doc
463944 - rpm writes error : File not found by glob: and return code = 0
463999 - Rpm can "delete old versions" without having "installed new versions"
471591 - echo: write error: Broken pipe in %post
472467 - [RHEL5.3] kernel-xen Floating point exception on 32bit para-virt guest