Security Advisory Important: rpm security update

Advisory: RHSA-2014:1976-1
Type: Security Advisory
Severity: Important
Issued on: 2014-12-09
Last updated on: 2014-12-09
Affected Products: Red Hat Enterprise Linux Desktop (v. 7)
Red Hat Enterprise Linux HPC Node (v. 7)
Red Hat Enterprise Linux Server (v. 7)
Red Hat Enterprise Linux Workstation (v. 7)
CVEs (cve.mitre.org): CVE-2013-6435
CVE-2014-8118

Details

Updated rpm packages that fix two security issues are now available for Red
Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having Important security
impact. Common Vulnerability Scoring System (CVSS) base scores, which give
detailed severity ratings, are available for each vulnerability from the
CVE links in the References section.

The RPM Package Manager (RPM) is a powerful command line driven package
management system capable of installing, uninstalling, verifying, querying,
and updating software packages. Each software package consists of an
archive of files along with information about the package such as its
version, description, and other information.

It was found that RPM wrote file contents to the target installation
directory under a temporary name, and verified its cryptographic signature
only after the temporary file has been written completely. Under certain
conditions, the system interprets the unverified temporary file contents
and extracts commands from it. This could allow an attacker to modify
signed RPM files in such a way that they would execute code chosen by the
attacker during package installation. (CVE-2013-6435)

It was found that RPM could encounter an integer overflow, leading to a
stack-based buffer overflow, while parsing a crafted CPIO header in the
payload section of an RPM file. This could allow an attacker to modify
signed RPM files in such a way that they would execute code chosen by the
attacker during package installation. (CVE-2014-8118)

These issues were discovered by Florian Weimer of Red Hat Product Security.

All rpm users are advised to upgrade to these updated packages, which
contain backported patches to correct these issues. All running
applications linked against the RPM library must be restarted for this
update to take effect.


Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the
Red Hat Network to apply this update are available at
https://access.redhat.com/articles/11258

Updated packages

Red Hat Enterprise Linux Desktop (v. 7)

SRPMS:
rpm-4.11.1-18.el7_0.src.rpm
File outdated by:  RHBA-2016:2359
    MD5: a8e6e36adae43f219c67b9fa6d6ab84a
SHA-256: f1f083b6c13db9035257dd23336ef459611176853f5254042a92a176852a1dc3
 
x86_64:
rpm-4.11.1-18.el7_0.x86_64.rpm
File outdated by:  RHBA-2016:2359
    MD5: 7e994a20104aadf547db309324df7bef
SHA-256: 17cb345a067c64b43698a0b27933458c5756dc70e4b30a97bc56aa7ebb3fee04
rpm-apidocs-4.11.1-18.el7_0.noarch.rpm
File outdated by:  RHBA-2016:2359
    MD5: f891e13a6f4458a8bb215270804d56d7
SHA-256: 8c08ed3dd2d33847aa9ba841903b82bad4745c55e6893edec166abfd8a7400c6
rpm-build-4.11.1-18.el7_0.x86_64.rpm
File outdated by:  RHBA-2016:2359
    MD5: 9e0db09d3554e810cd5bdc4dddc170d4
SHA-256: a1d1052e69a8b2b60347fc1b77c4524f3fb8ab5e9ff56b265fe1da2e26e74f01
rpm-build-libs-4.11.1-18.el7_0.i686.rpm
File outdated by:  RHBA-2016:2359
    MD5: 8d6b49ac9fc038ae68212e75e08f39af
SHA-256: 0b994e39031836abc8dc057739cb0cd4e9cf6a836e0582004c046bd3b0f524b9
rpm-build-libs-4.11.1-18.el7_0.x86_64.rpm
File outdated by:  RHBA-2016:2359
    MD5: c9bdbc45ac41f4074ce803da5ca1a6e4
SHA-256: bde6e05a60fe734d83d6806e26edc94ac5070db907489edb4cbddb14fa3bf0ff
rpm-cron-4.11.1-18.el7_0.noarch.rpm
File outdated by:  RHBA-2016:2359
    MD5: c0fcc2c4c7c9c26cf7458e30db661335
SHA-256: 433a2e96baaa44fe1aeb233f6dcdd998927aac6dbf13025cee8129337006c738
rpm-debuginfo-4.11.1-18.el7_0.i686.rpm
File outdated by:  RHBA-2016:2359
    MD5: 5dfa0f032c2b85fabbbeb0e6351bf60f
SHA-256: 4ea45b0fe6eeeb53985260f903e5df18e9ab7c3d9d5ac7025fa7eaf04c42eec5
rpm-debuginfo-4.11.1-18.el7_0.x86_64.rpm
File outdated by:  RHBA-2016:2359
    MD5: 580df1ed0dc8499014f37c73d5a2574e
SHA-256: 4382258daaa1cbf290a857c879dc952ba8ab778ab37e0b45b6cd72f9c7f4ca63
rpm-devel-4.11.1-18.el7_0.i686.rpm
File outdated by:  RHBA-2016:2359
    MD5: 094cf336c9275cce26046e2f1228bab9
SHA-256: f5b42a453649fda8262a97e53bb4e1df51ccced134ce41e9661fcdf8ae34972c
rpm-devel-4.11.1-18.el7_0.x86_64.rpm
File outdated by:  RHBA-2016:2359
    MD5: 41d75d120939f295d88f4193b62d8b99
SHA-256: 76e6ffa1977feed6eb70b75d46c32773d774c93805fbcfc6bbdf7d79d937923e
rpm-libs-4.11.1-18.el7_0.i686.rpm
File outdated by:  RHBA-2016:2359
    MD5: 038aa6078aa1fa398221999f2e5de026
SHA-256: d9c3a4bbf369968a734d691f2747ea4e8f229289680a11997ea65013e3b5c643
rpm-libs-4.11.1-18.el7_0.x86_64.rpm
File outdated by:  RHBA-2016:2359
    MD5: 9e42a46e66393236e0f53be5c622835d
SHA-256: 71949a9cf5be517d8e3b94c7ba14bdf944b7cbac473b5457cf4ce6ad7df742c7
rpm-python-4.11.1-18.el7_0.x86_64.rpm
File outdated by:  RHBA-2016:2359
    MD5: 4559c3e5182ce2ce24bc45d12d1820e0
SHA-256: 984d7b6d2b2724ad452aa8259fce4ffd6b469acb20943933d37e3e8b7c501dc9
rpm-sign-4.11.1-18.el7_0.x86_64.rpm
File outdated by:  RHBA-2016:2359
    MD5: 3fe151607b591c9d351cc9bae3b171b5
SHA-256: 7472a905df6cd447122c089f1221c7563a1f962db91d0c98824e8b2f3454b4bf
 
Red Hat Enterprise Linux HPC Node (v. 7)

SRPMS:
rpm-4.11.1-18.el7_0.src.rpm
File outdated by:  RHBA-2016:2359
    MD5: a8e6e36adae43f219c67b9fa6d6ab84a
SHA-256: f1f083b6c13db9035257dd23336ef459611176853f5254042a92a176852a1dc3
 
x86_64:
rpm-4.11.1-18.el7_0.x86_64.rpm
File outdated by:  RHBA-2016:2359
    MD5: 7e994a20104aadf547db309324df7bef
SHA-256: 17cb345a067c64b43698a0b27933458c5756dc70e4b30a97bc56aa7ebb3fee04
rpm-apidocs-4.11.1-18.el7_0.noarch.rpm
File outdated by:  RHBA-2016:2359
    MD5: f891e13a6f4458a8bb215270804d56d7
SHA-256: 8c08ed3dd2d33847aa9ba841903b82bad4745c55e6893edec166abfd8a7400c6
rpm-build-4.11.1-18.el7_0.x86_64.rpm
File outdated by:  RHBA-2016:2359
    MD5: 9e0db09d3554e810cd5bdc4dddc170d4
SHA-256: a1d1052e69a8b2b60347fc1b77c4524f3fb8ab5e9ff56b265fe1da2e26e74f01
rpm-build-libs-4.11.1-18.el7_0.i686.rpm
File outdated by:  RHBA-2016:2359
    MD5: 8d6b49ac9fc038ae68212e75e08f39af
SHA-256: 0b994e39031836abc8dc057739cb0cd4e9cf6a836e0582004c046bd3b0f524b9
rpm-build-libs-4.11.1-18.el7_0.x86_64.rpm
File outdated by:  RHBA-2016:2359
    MD5: c9bdbc45ac41f4074ce803da5ca1a6e4
SHA-256: bde6e05a60fe734d83d6806e26edc94ac5070db907489edb4cbddb14fa3bf0ff
rpm-cron-4.11.1-18.el7_0.noarch.rpm
File outdated by:  RHBA-2016:2359
    MD5: c0fcc2c4c7c9c26cf7458e30db661335
SHA-256: 433a2e96baaa44fe1aeb233f6dcdd998927aac6dbf13025cee8129337006c738
rpm-debuginfo-4.11.1-18.el7_0.i686.rpm
File outdated by:  RHBA-2016:2359
    MD5: 5dfa0f032c2b85fabbbeb0e6351bf60f
SHA-256: 4ea45b0fe6eeeb53985260f903e5df18e9ab7c3d9d5ac7025fa7eaf04c42eec5
rpm-debuginfo-4.11.1-18.el7_0.x86_64.rpm
File outdated by:  RHBA-2016:2359
    MD5: 580df1ed0dc8499014f37c73d5a2574e
SHA-256: 4382258daaa1cbf290a857c879dc952ba8ab778ab37e0b45b6cd72f9c7f4ca63
rpm-devel-4.11.1-18.el7_0.i686.rpm
File outdated by:  RHBA-2016:2359
    MD5: 094cf336c9275cce26046e2f1228bab9
SHA-256: f5b42a453649fda8262a97e53bb4e1df51ccced134ce41e9661fcdf8ae34972c
rpm-devel-4.11.1-18.el7_0.x86_64.rpm
File outdated by:  RHBA-2016:2359
    MD5: 41d75d120939f295d88f4193b62d8b99
SHA-256: 76e6ffa1977feed6eb70b75d46c32773d774c93805fbcfc6bbdf7d79d937923e
rpm-libs-4.11.1-18.el7_0.i686.rpm
File outdated by:  RHBA-2016:2359
    MD5: 038aa6078aa1fa398221999f2e5de026
SHA-256: d9c3a4bbf369968a734d691f2747ea4e8f229289680a11997ea65013e3b5c643
rpm-libs-4.11.1-18.el7_0.x86_64.rpm
File outdated by:  RHBA-2016:2359
    MD5: 9e42a46e66393236e0f53be5c622835d
SHA-256: 71949a9cf5be517d8e3b94c7ba14bdf944b7cbac473b5457cf4ce6ad7df742c7
rpm-python-4.11.1-18.el7_0.x86_64.rpm
File outdated by:  RHBA-2016:2359
    MD5: 4559c3e5182ce2ce24bc45d12d1820e0
SHA-256: 984d7b6d2b2724ad452aa8259fce4ffd6b469acb20943933d37e3e8b7c501dc9
rpm-sign-4.11.1-18.el7_0.x86_64.rpm
File outdated by:  RHBA-2016:2359
    MD5: 3fe151607b591c9d351cc9bae3b171b5
SHA-256: 7472a905df6cd447122c089f1221c7563a1f962db91d0c98824e8b2f3454b4bf
 
Red Hat Enterprise Linux Server (v. 7)

SRPMS:
rpm-4.11.1-18.el7_0.src.rpm
File outdated by:  RHBA-2016:2359
    MD5: a8e6e36adae43f219c67b9fa6d6ab84a
SHA-256: f1f083b6c13db9035257dd23336ef459611176853f5254042a92a176852a1dc3
 
PPC:
rpm-4.11.1-18.el7_0.ppc64.rpm
File outdated by:  RHBA-2016:2359
    MD5: 460aae339f1c00b1438157ee182d1301
SHA-256: 7a47eec5907a52ee5cf06da9dce5034e70b810c8b1decce0ff822c6f82c8713e
rpm-apidocs-4.11.1-18.el7_0.noarch.rpm
File outdated by:  RHBA-2016:2359
    MD5: f891e13a6f4458a8bb215270804d56d7
SHA-256: 8c08ed3dd2d33847aa9ba841903b82bad4745c55e6893edec166abfd8a7400c6
rpm-build-4.11.1-18.el7_0.ppc64.rpm
File outdated by:  RHBA-2016:2359
    MD5: 2d0494bfbfc183b324d110a47fa0d63e
SHA-256: 0ee3463e13e5b300f12430570893b4cab0dccf909041a28e2495039d2c18373c
rpm-build-libs-4.11.1-18.el7_0.ppc.rpm
File outdated by:  RHBA-2016:2359
    MD5: 4e1528af2b71e3e70749e7dce426349a
SHA-256: bbcefdca96aa89a12abed126211d6a7142357f781d5b334a92af8a1ad5818464
rpm-build-libs-4.11.1-18.el7_0.ppc64.rpm
File outdated by:  RHBA-2016:2359
    MD5: d06c714f8a6c4d407b31678523a17f0d
SHA-256: 2afdfd6939f2e07ea1914ed1c5d6cca0e052c675d1402543fb2397349fabe86d
rpm-cron-4.11.1-18.el7_0.noarch.rpm
File outdated by:  RHBA-2016:2359
    MD5: c0fcc2c4c7c9c26cf7458e30db661335
SHA-256: 433a2e96baaa44fe1aeb233f6dcdd998927aac6dbf13025cee8129337006c738
rpm-debuginfo-4.11.1-18.el7_0.ppc.rpm
File outdated by:  RHBA-2016:2359
    MD5: f250f82e84d186d20885615bd071e07e
SHA-256: 87cad6b0435a5da395a9f6f5420dbfcfb6984a347684531df352f014a7a73c70
rpm-debuginfo-4.11.1-18.el7_0.ppc64.rpm
File outdated by:  RHBA-2016:2359
    MD5: b26a37ebbfb3a869b7006954e4dbb6a8
SHA-256: ae16b9240a8ba87e3dedf80ac5e7bdbce79e17198659c6992f6ec8c98fd90e22
rpm-devel-4.11.1-18.el7_0.ppc.rpm
File outdated by:  RHBA-2016:2359
    MD5: 3b40d49d60ce9828f415b26f4c385118
SHA-256: e95adf52f1f55446365087b135eb366821a25ca464ad28b24abac3afb2f0f2a6
rpm-devel-4.11.1-18.el7_0.ppc64.rpm
File outdated by:  RHBA-2016:2359
    MD5: 2dfae558ff462a7baeb6054a01881615
SHA-256: b635bb5da8c63f3509218809961893f35c05c0375aff403153cc098425ca8271
rpm-libs-4.11.1-18.el7_0.ppc.rpm
File outdated by:  RHBA-2016:2359
    MD5: e554edc1fd0e9ff1c789d974d44da29c
SHA-256: 6bfb3c146c926458173ca43256b8f3f5322b92dc95e7f9bcecead2452eea058e
rpm-libs-4.11.1-18.el7_0.ppc64.rpm
File outdated by:  RHBA-2016:2359
    MD5: 8be51075400e09d79db7887186748646
SHA-256: 101940df1eb4e7e3d0c4c21a08475b6e005294c8949f359c68df715b783a43bc
rpm-python-4.11.1-18.el7_0.ppc64.rpm
File outdated by:  RHBA-2016:2359
    MD5: e1700786eaa793b8ac4f64dbc3001e74
SHA-256: 0e30416a1ed8af94978775a3c0380dcbfdae5fa3cdf503976a45a72725e775fe
rpm-sign-4.11.1-18.el7_0.ppc64.rpm
File outdated by:  RHBA-2016:2359
    MD5: 090230a87ae7ee3d9f9e43ba2cd97396
SHA-256: 0d01fc7fc7b6da17f5d91292fc03ed875c3865e29ce43569ea42e255bde00029
 
s390x:
rpm-4.11.1-18.el7_0.s390x.rpm
File outdated by:  RHBA-2016:2359
    MD5: a036f7465f0c532a45fe05384241cec9
SHA-256: c6c5cf954e1eb1a1b062e336ec184dbb546148c5541c36962cf4e9e090ee06ad
rpm-apidocs-4.11.1-18.el7_0.noarch.rpm
File outdated by:  RHBA-2016:2359
    MD5: f891e13a6f4458a8bb215270804d56d7
SHA-256: 8c08ed3dd2d33847aa9ba841903b82bad4745c55e6893edec166abfd8a7400c6
rpm-build-4.11.1-18.el7_0.s390x.rpm
File outdated by:  RHBA-2016:2359
    MD5: 4043f5c199cb36d9822c6ad05d07e4c8
SHA-256: 5c7fcb706eb35b0c3a19130eb8d0af0523159c846934c3254277bd6b42d29c3e
rpm-build-libs-4.11.1-18.el7_0.s390.rpm
File outdated by:  RHBA-2016:2359
    MD5: e2d1f34a9eb888241019cc4001a737bb
SHA-256: 75f2940f0b33e0474270133fab3bdea7f6b24739f85b6d92b7867ed3c99cc0d0
rpm-build-libs-4.11.1-18.el7_0.s390x.rpm
File outdated by:  RHBA-2016:2359
    MD5: b60a6ea0bb98251830d666c7f68af91c
SHA-256: 6e60c36780596e3779275286f97386eee600a6edc7a735914e6a496e0159498f
rpm-cron-4.11.1-18.el7_0.noarch.rpm
File outdated by:  RHBA-2016:2359
    MD5: c0fcc2c4c7c9c26cf7458e30db661335
SHA-256: 433a2e96baaa44fe1aeb233f6dcdd998927aac6dbf13025cee8129337006c738
rpm-debuginfo-4.11.1-18.el7_0.s390.rpm
File outdated by:  RHBA-2016:2359
    MD5: b8653703ab1993fdd1c127fb221f940f
SHA-256: 1ac982027afb4cbfea5491274719b78a882949c69ac1a9fd24aa48c02fe9a424
rpm-debuginfo-4.11.1-18.el7_0.s390x.rpm
File outdated by:  RHBA-2016:2359
    MD5: 0a0832ed047ec391f818d5e7a4479bfd
SHA-256: 9a23e3feea172073bab99611800803cf87e3cac0150e705a40b8229a38943284
rpm-devel-4.11.1-18.el7_0.s390.rpm
File outdated by:  RHBA-2016:2359
    MD5: d18a9ccf58908eeb903795f2b9be667e
SHA-256: 9e96f662d1f5205aae728883f235e922e8fb6abaa9b96d9efb1b0b2cd767007c
rpm-devel-4.11.1-18.el7_0.s390x.rpm
File outdated by:  RHBA-2016:2359
    MD5: 39cbb1f38bd8a29e521e3097faf9bb28
SHA-256: 13399f2ec3e10626f83448b7a122bee872fa7584837f1c6e5383363b67889b0c
rpm-libs-4.11.1-18.el7_0.s390.rpm
File outdated by:  RHBA-2016:2359
    MD5: 1c4ecc272b019e90fb97fe012bde0bfc
SHA-256: 7aa42308f1a4f402995690798fb11cbc0c61e5915406c26136823fd7d733db44
rpm-libs-4.11.1-18.el7_0.s390x.rpm
File outdated by:  RHBA-2016:2359
    MD5: ac020a6730b9baf255e21c64d52d9b06
SHA-256: 169fe9f218d49e4ae00fe828b0c9ff93840edf35fc224df9db517deb3ca31b60
rpm-python-4.11.1-18.el7_0.s390x.rpm
File outdated by:  RHBA-2016:2359
    MD5: 54a82206bb69dd2d008e0053f0319406
SHA-256: 39dd336cc0f7b412d9ffb7e1fde07304394837089d5e464ac39b9b36bf5db301
rpm-sign-4.11.1-18.el7_0.s390x.rpm
File outdated by:  RHBA-2016:2359
    MD5: 537b6bcf7f4e3cd577a676b493a8de4d
SHA-256: a1f536e736b8758953a8d6899c2869fbe017fb9391acb98134afe8a5140a1baa
 
x86_64:
rpm-4.11.1-18.el7_0.x86_64.rpm
File outdated by:  RHBA-2016:2359
    MD5: 7e994a20104aadf547db309324df7bef
SHA-256: 17cb345a067c64b43698a0b27933458c5756dc70e4b30a97bc56aa7ebb3fee04
rpm-apidocs-4.11.1-18.el7_0.noarch.rpm
File outdated by:  RHBA-2016:2359
    MD5: f891e13a6f4458a8bb215270804d56d7
SHA-256: 8c08ed3dd2d33847aa9ba841903b82bad4745c55e6893edec166abfd8a7400c6
rpm-build-4.11.1-18.el7_0.x86_64.rpm
File outdated by:  RHBA-2016:2359
    MD5: 9e0db09d3554e810cd5bdc4dddc170d4
SHA-256: a1d1052e69a8b2b60347fc1b77c4524f3fb8ab5e9ff56b265fe1da2e26e74f01
rpm-build-libs-4.11.1-18.el7_0.i686.rpm
File outdated by:  RHBA-2016:2359
    MD5: 8d6b49ac9fc038ae68212e75e08f39af
SHA-256: 0b994e39031836abc8dc057739cb0cd4e9cf6a836e0582004c046bd3b0f524b9
rpm-build-libs-4.11.1-18.el7_0.x86_64.rpm
File outdated by:  RHBA-2016:2359
    MD5: c9bdbc45ac41f4074ce803da5ca1a6e4
SHA-256: bde6e05a60fe734d83d6806e26edc94ac5070db907489edb4cbddb14fa3bf0ff
rpm-cron-4.11.1-18.el7_0.noarch.rpm
File outdated by:  RHBA-2016:2359
    MD5: c0fcc2c4c7c9c26cf7458e30db661335
SHA-256: 433a2e96baaa44fe1aeb233f6dcdd998927aac6dbf13025cee8129337006c738
rpm-debuginfo-4.11.1-18.el7_0.i686.rpm
File outdated by:  RHBA-2016:2359
    MD5: 5dfa0f032c2b85fabbbeb0e6351bf60f
SHA-256: 4ea45b0fe6eeeb53985260f903e5df18e9ab7c3d9d5ac7025fa7eaf04c42eec5
rpm-debuginfo-4.11.1-18.el7_0.x86_64.rpm
File outdated by:  RHBA-2016:2359
    MD5: 580df1ed0dc8499014f37c73d5a2574e
SHA-256: 4382258daaa1cbf290a857c879dc952ba8ab778ab37e0b45b6cd72f9c7f4ca63
rpm-devel-4.11.1-18.el7_0.i686.rpm
File outdated by:  RHBA-2016:2359
    MD5: 094cf336c9275cce26046e2f1228bab9
SHA-256: f5b42a453649fda8262a97e53bb4e1df51ccced134ce41e9661fcdf8ae34972c
rpm-devel-4.11.1-18.el7_0.x86_64.rpm
File outdated by:  RHBA-2016:2359
    MD5: 41d75d120939f295d88f4193b62d8b99
SHA-256: 76e6ffa1977feed6eb70b75d46c32773d774c93805fbcfc6bbdf7d79d937923e
rpm-libs-4.11.1-18.el7_0.i686.rpm
File outdated by:  RHBA-2016:2359
    MD5: 038aa6078aa1fa398221999f2e5de026
SHA-256: d9c3a4bbf369968a734d691f2747ea4e8f229289680a11997ea65013e3b5c643
rpm-libs-4.11.1-18.el7_0.x86_64.rpm
File outdated by:  RHBA-2016:2359
    MD5: 9e42a46e66393236e0f53be5c622835d
SHA-256: 71949a9cf5be517d8e3b94c7ba14bdf944b7cbac473b5457cf4ce6ad7df742c7
rpm-python-4.11.1-18.el7_0.x86_64.rpm
File outdated by:  RHBA-2016:2359
    MD5: 4559c3e5182ce2ce24bc45d12d1820e0
SHA-256: 984d7b6d2b2724ad452aa8259fce4ffd6b469acb20943933d37e3e8b7c501dc9
rpm-sign-4.11.1-18.el7_0.x86_64.rpm
File outdated by:  RHBA-2016:2359
    MD5: 3fe151607b591c9d351cc9bae3b171b5
SHA-256: 7472a905df6cd447122c089f1221c7563a1f962db91d0c98824e8b2f3454b4bf
 
Red Hat Enterprise Linux Workstation (v. 7)

SRPMS:
rpm-4.11.1-18.el7_0.src.rpm
File outdated by:  RHBA-2016:2359
    MD5: a8e6e36adae43f219c67b9fa6d6ab84a
SHA-256: f1f083b6c13db9035257dd23336ef459611176853f5254042a92a176852a1dc3
 
x86_64:
rpm-4.11.1-18.el7_0.x86_64.rpm
File outdated by:  RHBA-2016:2359
    MD5: 7e994a20104aadf547db309324df7bef
SHA-256: 17cb345a067c64b43698a0b27933458c5756dc70e4b30a97bc56aa7ebb3fee04
rpm-apidocs-4.11.1-18.el7_0.noarch.rpm
File outdated by:  RHBA-2016:2359
    MD5: f891e13a6f4458a8bb215270804d56d7
SHA-256: 8c08ed3dd2d33847aa9ba841903b82bad4745c55e6893edec166abfd8a7400c6
rpm-build-4.11.1-18.el7_0.x86_64.rpm
File outdated by:  RHBA-2016:2359
    MD5: 9e0db09d3554e810cd5bdc4dddc170d4
SHA-256: a1d1052e69a8b2b60347fc1b77c4524f3fb8ab5e9ff56b265fe1da2e26e74f01
rpm-build-libs-4.11.1-18.el7_0.i686.rpm
File outdated by:  RHBA-2016:2359
    MD5: 8d6b49ac9fc038ae68212e75e08f39af
SHA-256: 0b994e39031836abc8dc057739cb0cd4e9cf6a836e0582004c046bd3b0f524b9
rpm-build-libs-4.11.1-18.el7_0.x86_64.rpm
File outdated by:  RHBA-2016:2359
    MD5: c9bdbc45ac41f4074ce803da5ca1a6e4
SHA-256: bde6e05a60fe734d83d6806e26edc94ac5070db907489edb4cbddb14fa3bf0ff
rpm-cron-4.11.1-18.el7_0.noarch.rpm
File outdated by:  RHBA-2016:2359
    MD5: c0fcc2c4c7c9c26cf7458e30db661335
SHA-256: 433a2e96baaa44fe1aeb233f6dcdd998927aac6dbf13025cee8129337006c738
rpm-debuginfo-4.11.1-18.el7_0.i686.rpm
File outdated by:  RHBA-2016:2359
    MD5: 5dfa0f032c2b85fabbbeb0e6351bf60f
SHA-256: 4ea45b0fe6eeeb53985260f903e5df18e9ab7c3d9d5ac7025fa7eaf04c42eec5
rpm-debuginfo-4.11.1-18.el7_0.x86_64.rpm
File outdated by:  RHBA-2016:2359
    MD5: 580df1ed0dc8499014f37c73d5a2574e
SHA-256: 4382258daaa1cbf290a857c879dc952ba8ab778ab37e0b45b6cd72f9c7f4ca63
rpm-devel-4.11.1-18.el7_0.i686.rpm
File outdated by:  RHBA-2016:2359
    MD5: 094cf336c9275cce26046e2f1228bab9
SHA-256: f5b42a453649fda8262a97e53bb4e1df51ccced134ce41e9661fcdf8ae34972c
rpm-devel-4.11.1-18.el7_0.x86_64.rpm
File outdated by:  RHBA-2016:2359
    MD5: 41d75d120939f295d88f4193b62d8b99
SHA-256: 76e6ffa1977feed6eb70b75d46c32773d774c93805fbcfc6bbdf7d79d937923e
rpm-libs-4.11.1-18.el7_0.i686.rpm
File outdated by:  RHBA-2016:2359
    MD5: 038aa6078aa1fa398221999f2e5de026
SHA-256: d9c3a4bbf369968a734d691f2747ea4e8f229289680a11997ea65013e3b5c643
rpm-libs-4.11.1-18.el7_0.x86_64.rpm
File outdated by:  RHBA-2016:2359
    MD5: 9e42a46e66393236e0f53be5c622835d
SHA-256: 71949a9cf5be517d8e3b94c7ba14bdf944b7cbac473b5457cf4ce6ad7df742c7
rpm-python-4.11.1-18.el7_0.x86_64.rpm
File outdated by:  RHBA-2016:2359
    MD5: 4559c3e5182ce2ce24bc45d12d1820e0
SHA-256: 984d7b6d2b2724ad452aa8259fce4ffd6b469acb20943933d37e3e8b7c501dc9
rpm-sign-4.11.1-18.el7_0.x86_64.rpm
File outdated by:  RHBA-2016:2359
    MD5: 3fe151607b591c9d351cc9bae3b171b5
SHA-256: 7472a905df6cd447122c089f1221c7563a1f962db91d0c98824e8b2f3454b4bf
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

1039811 - CVE-2013-6435 rpm: race condition during the installation process
1168715 - CVE-2014-8118 rpm: integer overflow and stack overflow in CPIO header parsing


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/