Installed rpm 4.0.2-18 (i386 source)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Wed, 28 Nov 2001 12:06:46 -0500
Source: rpm
Binary: librpm0-dev librpm0 rpm
Architecture: source i386
Version: 4.0.2-18
Distribution: unstable
Urgency: high
Maintainer: Joey Hess <joeyh@debian.org>
Changed-By: Joey Hess <joeyh@debian.org>
Description:
librpm0 - RPM shared library
librpm0-dev - RPM shared library, development kit
rpm - Red Hat Package Manager
Changes:
rpm (4.0.2-18) unstable; urgency=HIGH
.
* Applied a patch dug out of a connectiva .src.rpm, that appears to fix
a bug that could allow arbitrary code to execute when rpm was used to
query a malicious package. Hard to check since there is no known exploit
and since no real technical information about the hole has been publically
posted.
Files:
4c9c5ed0a4ae168a11f492b3b6e453c1 700 admin optional rpm_4.0.2-18.dsc
9f489c791f60b4fe654e6e769f5ffcd6 16482 admin optional rpm_4.0.2-18.diff.gz
60b38d8cb4072932e43fc90997ce7256 458384 admin optional rpm_4.0.2-18_i386.deb
6a103978ff3ef29c8da1eab096ff0475 248626 libs optional librpm0_4.0.2-18_i386.deb
66e5a7cff293854a434473a658f72ca1 297176 devel extra librpm0-dev_4.0.2-18_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE8BR6m2tp5zXiKP0wRAs61AJ90qoO6pLjLwAfPmpjKSwQYY4cAagCbBPkP
FHDbLcEFeAlVY3LcQ7K4+0k=
=d73W
-----END PGP SIGNATURE-----
Installed:
librpm0-dev_4.0.2-18_i386.deb
to pool/main/r/rpm/librpm0-dev_4.0.2-18_i386.deb
librpm0_4.0.2-18_i386.deb
to pool/main/r/rpm/librpm0_4.0.2-18_i386.deb
rpm_4.0.2-18.diff.gz
to pool/main/r/rpm/rpm_4.0.2-18.diff.gz
rpm_4.0.2-18.dsc
to pool/main/r/rpm/rpm_4.0.2-18.dsc
rpm_4.0.2-18_i386.deb
to pool/main/r/rpm/rpm_4.0.2-18_i386.deb
Reply to: