RPM 4.13.0.1 Release Notes

Download information

• rpm-4.13.0.1.tar.bz2 source
• SHA1SUM: 9566f95f38fcb214e439c552f378c2f64ba0aff9

Summary of changes from RPM 4.13.0

Security fixes

• Fix several out of bounds reads in the OpenPGP parser (GH:148, GH:149, GH:151)
• Fix handling of OpenPGP reserved tag (should be rejected)
• Fix various crashes from malformed packages with invalid tags (GH:133, GH:135, GH:136, GH:138 and GH:139)

General bugfixes

• Fix %transfiletriggerpostun nondeterministic behavior (RhBug:1284645)
• Fix rpmdb cleanup on signal (regression introduced in 4.13.0)

Package building

• Fix debuginfo GDB index generation (RhBug:1410907, regression introduced in 4.13.0)
• Fix malformed packages being generated around 4GB size boundary (RhBug:1405570, regression introduced in 4.12.0)
• Fix special %doc/%license directory inheriting default file permissions (RhBug:1399798, regression introduced in 4.13.0)

Build process

• Fix API documentation generation with Doxygen >= 1.8.8 (GH:131)