Bug Fix Advisory rpm bug fix update

Advisory: RHBA-2009:0951-1
Type: Bug Fix Advisory
Severity: N/A
Issued on: 2009-05-18
Last updated on: 2009-05-18
Affected Products: Red Hat Desktop (v. 4)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux WS (v. 4)
OVAL: N/A

Details

Updated rpm packages that fix several bugs and add an enhancement are now
available.

The RPM Package Manager (RPM) is a command line-driven package management
system capable of installing, uninstalling, verifying, querying, and
updating software packages.

These updated rpm packages provide fixes for the following bugs:

* files in the /usr/share/mime directory incorrectly inherited the umask of
the process performing the installation, which, incorrectly, led to files
with permissions which were too strict to be used by users.

* RPM no longer crashes when it attempts to package files greater than two
gigabytes in size.

* when using the "--httpproxy" RPM option on the command line with multiple
package targets, RPM would only successfully download and install the first
in the argument list, while the rest would fail to download.

* attempting to package huge directory trees caused RPM to segmentation fault.

* previously, when RPM upgraded packages which are installed for both
32-bit and 64-bit architectures, it occasionally created unnecessary
.rpmsave and .rpmnew files, even in cases when the new configuration file
did not differ from the previous one (for example, it had not been changed
by the user). With these updated packages, RPM does not create these
redundant .rpmsave and .rpmnew files when upgrading multilib packages, thus
resolving the issue.

* when upgrading from Red Hat Enterprise Linux 4.6 to this release,
minilogd may log several SELinux denials. These error logs are harmless,
and can be safely ignored.

* RPM now closes open file descriptors more aggressively, which prevents
too many file descriptors from being open at one time.

In addition, these updated rpm packages provide the following enhancement:
the /bin/rpm binary is now owned by the root user and group instead of the
"rpm" user and group. This is a security feature that is useful against
certain attacks environments using the Network File System.

Users are advised to upgrade to these updated rpm packages, which resolve
these issues and add this enhancement.


Solution

Before applying this update, make sure that all previously-released errata
relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use the Red
Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Updated packages

Red Hat Desktop (v. 4)
SRPMS:
rpm-4.3.3-32_nonptl.src.rpm     24c0338bbb894d932745fa1ea89cef8a
 
IA-32:
popt-1.9.1-32_nonptl.i386.rpm     4eb7f9fa71d497557e430751538283de
rpm-4.3.3-32_nonptl.i386.rpm     6c4e893cbeed2afed1013992535b19ea
rpm-build-4.3.3-32_nonptl.i386.rpm     805f4e931f2b3312b5ea3ea3258299a3
rpm-devel-4.3.3-32_nonptl.i386.rpm     04e856055c729e2dd60d9262f93f40c8
rpm-libs-4.3.3-32_nonptl.i386.rpm     20f247eeafd0a7f9ae88afae7d3608c8
rpm-python-4.3.3-32_nonptl.i386.rpm     8b61195ef4759e18f99586eb7e82c43c
 
x86_64:
popt-1.9.1-32_nonptl.i386.rpm     4eb7f9fa71d497557e430751538283de
popt-1.9.1-32_nonptl.x86_64.rpm     59c76802b65c351f0b1f7a3b0d2fcc69
rpm-4.3.3-32_nonptl.x86_64.rpm     4d4f6d5c3b37ce87692552307ccb31d9
rpm-build-4.3.3-32_nonptl.x86_64.rpm     2e60e1c75bf63a54bf0a9f1566757702
rpm-devel-4.3.3-32_nonptl.x86_64.rpm     72d0d51784e9f6d02f31e2328390190c
rpm-libs-4.3.3-32_nonptl.i386.rpm     20f247eeafd0a7f9ae88afae7d3608c8
rpm-libs-4.3.3-32_nonptl.x86_64.rpm     7bcb74a0837701c95a4f4db4c112b46a
rpm-python-4.3.3-32_nonptl.x86_64.rpm     f40f019afe9df918c89e4db3071134d2
 
Red Hat Enterprise Linux AS (v. 4)
SRPMS:
rpm-4.3.3-32_nonptl.src.rpm     24c0338bbb894d932745fa1ea89cef8a
 
IA-32:
popt-1.9.1-32_nonptl.i386.rpm     4eb7f9fa71d497557e430751538283de
rpm-4.3.3-32_nonptl.i386.rpm     6c4e893cbeed2afed1013992535b19ea
rpm-build-4.3.3-32_nonptl.i386.rpm     805f4e931f2b3312b5ea3ea3258299a3
rpm-devel-4.3.3-32_nonptl.i386.rpm     04e856055c729e2dd60d9262f93f40c8
rpm-libs-4.3.3-32_nonptl.i386.rpm     20f247eeafd0a7f9ae88afae7d3608c8
rpm-python-4.3.3-32_nonptl.i386.rpm     8b61195ef4759e18f99586eb7e82c43c
 
IA-64:
popt-1.9.1-32_nonptl.i386.rpm     4eb7f9fa71d497557e430751538283de
popt-1.9.1-32_nonptl.ia64.rpm     0572255c4e2f919265d518169df5ba27
rpm-4.3.3-32_nonptl.ia64.rpm     3ce81d84ef0f6943e9285a4c7bed3253
rpm-build-4.3.3-32_nonptl.ia64.rpm     d2a7c43ac87170c99478b6886d8d2d88
rpm-devel-4.3.3-32_nonptl.ia64.rpm     908c9b640b35869bed61183b1cea0a49
rpm-libs-4.3.3-32_nonptl.i386.rpm     20f247eeafd0a7f9ae88afae7d3608c8
rpm-libs-4.3.3-32_nonptl.ia64.rpm     6549313555551e481dbea37d0298ee9d
rpm-python-4.3.3-32_nonptl.ia64.rpm     9ca8fc69329c3367f6afe69684957640
 
PPC:
popt-1.9.1-32_nonptl.ppc.rpm     e64bb60e053c0fc795e858cf72ed00d0
popt-1.9.1-32_nonptl.ppc64.rpm     fb3d1eb6f3ffacbce9b9979fc409f0ff
rpm-4.3.3-32_nonptl.ppc.rpm     96671dd493b24549385caf85e9f4d463
rpm-build-4.3.3-32_nonptl.ppc.rpm     a2d51e398cb54ef26994c18eee16b73e
rpm-devel-4.3.3-32_nonptl.ppc.rpm     90b0f73977175b8126d9e38f9e26adfd
rpm-libs-4.3.3-32_nonptl.ppc.rpm     844af42f87833802522acde8a50e6be7
rpm-libs-4.3.3-32_nonptl.ppc64.rpm     e40d2573661ad54a8264a14074d64597
rpm-python-4.3.3-32_nonptl.ppc.rpm     a311a7848ddd0dfe2da4c25fcf711dca
 
s390:
popt-1.9.1-32_nonptl.s390.rpm     da7ca3414345cf32907dad87dfcfb805
rpm-4.3.3-32_nonptl.s390.rpm     227f6e721fa4251178ae24fe0f9de72d
rpm-build-4.3.3-32_nonptl.s390.rpm     b34754ad2bcd13e53c6fc4da209ea214
rpm-devel-4.3.3-32_nonptl.s390.rpm     f981003b246b10a9d9c4fddaa0853afc
rpm-libs-4.3.3-32_nonptl.s390.rpm     8d0dfb5d813d1e45a9d30a9ab97acb4d
rpm-python-4.3.3-32_nonptl.s390.rpm     15c9029bcc163f785e4f6221708d8ecc
 
s390x:
popt-1.9.1-32_nonptl.s390.rpm     da7ca3414345cf32907dad87dfcfb805
popt-1.9.1-32_nonptl.s390x.rpm     4b74b59e0271c81db30a1f6eb7a34b36
rpm-4.3.3-32_nonptl.s390x.rpm     0f6330f793160ac9a1c1abee47dd55a2
rpm-build-4.3.3-32_nonptl.s390x.rpm     7725b1fa13a85cffcb076eedf7f9074f
rpm-devel-4.3.3-32_nonptl.s390x.rpm     04ee6cba47ddccf92c828fef5bfd7eec
rpm-libs-4.3.3-32_nonptl.s390.rpm     8d0dfb5d813d1e45a9d30a9ab97acb4d
rpm-libs-4.3.3-32_nonptl.s390x.rpm     3d21a7c268cfdccdee300bfa7d380138
rpm-python-4.3.3-32_nonptl.s390x.rpm     c1c2632bc3d84553f6577f7d8537634c
 
x86_64:
popt-1.9.1-32_nonptl.i386.rpm     4eb7f9fa71d497557e430751538283de
popt-1.9.1-32_nonptl.x86_64.rpm     59c76802b65c351f0b1f7a3b0d2fcc69
rpm-4.3.3-32_nonptl.x86_64.rpm     4d4f6d5c3b37ce87692552307ccb31d9
rpm-build-4.3.3-32_nonptl.x86_64.rpm     2e60e1c75bf63a54bf0a9f1566757702
rpm-devel-4.3.3-32_nonptl.x86_64.rpm     72d0d51784e9f6d02f31e2328390190c
rpm-libs-4.3.3-32_nonptl.i386.rpm     20f247eeafd0a7f9ae88afae7d3608c8
rpm-libs-4.3.3-32_nonptl.x86_64.rpm     7bcb74a0837701c95a4f4db4c112b46a
rpm-python-4.3.3-32_nonptl.x86_64.rpm     f40f019afe9df918c89e4db3071134d2
 
Red Hat Enterprise Linux ES (v. 4)
SRPMS:
rpm-4.3.3-32_nonptl.src.rpm     24c0338bbb894d932745fa1ea89cef8a
 
IA-32:
popt-1.9.1-32_nonptl.i386.rpm     4eb7f9fa71d497557e430751538283de
rpm-4.3.3-32_nonptl.i386.rpm     6c4e893cbeed2afed1013992535b19ea
rpm-build-4.3.3-32_nonptl.i386.rpm     805f4e931f2b3312b5ea3ea3258299a3
rpm-devel-4.3.3-32_nonptl.i386.rpm     04e856055c729e2dd60d9262f93f40c8
rpm-libs-4.3.3-32_nonptl.i386.rpm     20f247eeafd0a7f9ae88afae7d3608c8
rpm-python-4.3.3-32_nonptl.i386.rpm     8b61195ef4759e18f99586eb7e82c43c
 
IA-64:
popt-1.9.1-32_nonptl.i386.rpm     4eb7f9fa71d497557e430751538283de
popt-1.9.1-32_nonptl.ia64.rpm     0572255c4e2f919265d518169df5ba27
rpm-4.3.3-32_nonptl.ia64.rpm     3ce81d84ef0f6943e9285a4c7bed3253
rpm-build-4.3.3-32_nonptl.ia64.rpm     d2a7c43ac87170c99478b6886d8d2d88
rpm-devel-4.3.3-32_nonptl.ia64.rpm     908c9b640b35869bed61183b1cea0a49
rpm-libs-4.3.3-32_nonptl.i386.rpm     20f247eeafd0a7f9ae88afae7d3608c8
rpm-libs-4.3.3-32_nonptl.ia64.rpm     6549313555551e481dbea37d0298ee9d
rpm-python-4.3.3-32_nonptl.ia64.rpm     9ca8fc69329c3367f6afe69684957640
 
x86_64:
popt-1.9.1-32_nonptl.i386.rpm     4eb7f9fa71d497557e430751538283de
popt-1.9.1-32_nonptl.x86_64.rpm     59c76802b65c351f0b1f7a3b0d2fcc69
rpm-4.3.3-32_nonptl.x86_64.rpm     4d4f6d5c3b37ce87692552307ccb31d9
rpm-build-4.3.3-32_nonptl.x86_64.rpm     2e60e1c75bf63a54bf0a9f1566757702
rpm-devel-4.3.3-32_nonptl.x86_64.rpm     72d0d51784e9f6d02f31e2328390190c
rpm-libs-4.3.3-32_nonptl.i386.rpm     20f247eeafd0a7f9ae88afae7d3608c8
rpm-libs-4.3.3-32_nonptl.x86_64.rpm     7bcb74a0837701c95a4f4db4c112b46a
rpm-python-4.3.3-32_nonptl.x86_64.rpm     f40f019afe9df918c89e4db3071134d2
 
Red Hat Enterprise Linux WS (v. 4)
SRPMS:
rpm-4.3.3-32_nonptl.src.rpm     24c0338bbb894d932745fa1ea89cef8a
 
IA-32:
popt-1.9.1-32_nonptl.i386.rpm     4eb7f9fa71d497557e430751538283de
rpm-4.3.3-32_nonptl.i386.rpm     6c4e893cbeed2afed1013992535b19ea
rpm-build-4.3.3-32_nonptl.i386.rpm     805f4e931f2b3312b5ea3ea3258299a3
rpm-devel-4.3.3-32_nonptl.i386.rpm     04e856055c729e2dd60d9262f93f40c8
rpm-libs-4.3.3-32_nonptl.i386.rpm     20f247eeafd0a7f9ae88afae7d3608c8
rpm-python-4.3.3-32_nonptl.i386.rpm     8b61195ef4759e18f99586eb7e82c43c
 
IA-64:
popt-1.9.1-32_nonptl.i386.rpm     4eb7f9fa71d497557e430751538283de
popt-1.9.1-32_nonptl.ia64.rpm     0572255c4e2f919265d518169df5ba27
rpm-4.3.3-32_nonptl.ia64.rpm     3ce81d84ef0f6943e9285a4c7bed3253
rpm-build-4.3.3-32_nonptl.ia64.rpm     d2a7c43ac87170c99478b6886d8d2d88
rpm-devel-4.3.3-32_nonptl.ia64.rpm     908c9b640b35869bed61183b1cea0a49
rpm-libs-4.3.3-32_nonptl.i386.rpm     20f247eeafd0a7f9ae88afae7d3608c8
rpm-libs-4.3.3-32_nonptl.ia64.rpm     6549313555551e481dbea37d0298ee9d
rpm-python-4.3.3-32_nonptl.ia64.rpm     9ca8fc69329c3367f6afe69684957640
 
x86_64:
popt-1.9.1-32_nonptl.i386.rpm     4eb7f9fa71d497557e430751538283de
popt-1.9.1-32_nonptl.x86_64.rpm     59c76802b65c351f0b1f7a3b0d2fcc69
rpm-4.3.3-32_nonptl.x86_64.rpm     4d4f6d5c3b37ce87692552307ccb31d9
rpm-build-4.3.3-32_nonptl.x86_64.rpm     2e60e1c75bf63a54bf0a9f1566757702
rpm-devel-4.3.3-32_nonptl.x86_64.rpm     72d0d51784e9f6d02f31e2328390190c
rpm-libs-4.3.3-32_nonptl.i386.rpm     20f247eeafd0a7f9ae88afae7d3608c8
rpm-libs-4.3.3-32_nonptl.x86_64.rpm     7bcb74a0837701c95a4f4db4c112b46a
rpm-python-4.3.3-32_nonptl.x86_64.rpm     f40f019afe9df918c89e4db3071134d2
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

426259 - bi-arch packages cause unnecessary .rpmnew and .rpmsave files
433795 - When building rpm bigger than 2G, rpmbuild fails with segmentation fault
438675 - rpmbuild segfaults on huge directory tree
445835 - Something is causing SELinux denials for minilogd/ntpdate when upgrading
450201 - rpm --httpproxy can't handle multiple rpm packages
479680 - Missing Dependency: sqlite-devel is needed by package rpm-devel


These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/