Red Hat alert: rpm-4.0.2 for all Red Hat platforms and releases.

Posted by dave on Mar 19, 2001 10:25 AM EDT
Mailing list
Mail this story
Print this story

A common version of rpm for all Red Hat distributions is being released. This version of rpm understands legacy version 3 packaging used in Red Hat 6.x/5.x distributions as well as version 4 packaging used in Red Hat 7.x. In addition, rpm-4.0.2 has support for both the legacy db1 format used in Red Hat 6.x/5.x databases as well as support for the db3 format database used in Red Hat 7.x

---------------------------------------------------------------------
                   Red Hat, Inc. Red Hat Security Advisory

Synopsis:          rpm-4.0.2 for all Red Hat platforms and releases.
Advisory ID:       RHSA-2001:016-03
Issue date:        2001-02-19
Updated on:        2001-03-19
Product:           Red Hat Linux
Keywords:          rpm
Cross references:  
Obsoletes:         
---------------------------------------------------------------------

1. Topic:

A common version of rpm for all Red Hat distributions is being released.
This version of rpm understands legacy version 3 packaging used in Red
Hat 6.x/5.x distributions as well as version 4 packaging used in Red Hat
7.x.
In addition, rpm-4.0.2 has support for both the legacy db1 format used in
Red Hat 6.x/5.x databases as well as support for the db3 format database
used in Red Hat 7.x

2. Relevant releases/architectures:

Red Hat Linux 5.2 - alpha, i386, sparc

Red Hat Linux 6.2 - alpha, i386, sparc

Red Hat Linux 7.0 - alpha, i386

3. Problem description:

Several potential problems

1) Red Hat 6.x/5.x users will need to install the db3 packages from
    RHEA-2001:015-09.

2) Red Hat 5.x users should note that the default compiler flags in rpm
    have changed, and are not compatible with the gcc originally shipped
    with Red Hat 5.2. Use egcs as a compiler instead.

3) Red Hat 6.x/5.x users should convert from db1 to db3 format dtabases at
    your earliest convience. This can be done by running, as root, the
    command
	rpm --rebuilddb
    Support for legacy db1 format rpm databases will be removed in the next
    release of rpm.

4) All platforms: If you chose to install rpm-4.0.2, and then go back to a
    previous version of rpm, then you will experience segfaults due to an
    incompatible change in headers in the database. The problem is in
    legacy versions of rpm going back to rpm-3.0, and is both caused and
    fixed by rpm-4.0.2. This incompatibility also applies to any/all
    applications that are statically linked against rpm libraries which
    should either be upgraded or recompiled to use rpm-4.0.2 libraries.
    Applications that use shared libraries should not be affected by this
    problem.

5) All platforms: rpm-4.0.2 will fail to install if you have both db1 and
    db3 rpm databases in /var/lib/rpm. If the packages do not install,
    please check the directory /var/lib/rpm for the files "packages.rpm"
    (the db1 format headers) and "Packages" (the db3 format headers)
    and rename/remove the older or smaller of the two files in order to 
    upgrade.

4. Solution:

To update all RPMs for your particular architecture, run:

rpm -Fvh 

where  is a list of the RPMs you wish to upgrade.  Only those
RPMs which are currently installed will be updated.  Those RPMs which are
not installed but included in the list will not be updated.  Note that you
can also use wildcards (*.rpm) if your current directly *only* contains the
desired RPMs.

Please note that this update is also available via Red Hat Network.  Many
people find this an easier way to apply updates.  To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

5. Bug IDs fixed (http://bugzilla.redhat.com/bugzilla for more info):



6. RPMs required:

Red Hat Linux 5.2:

SRPMS:
ftp://updates.redhat.com/5.2/SRPMS/rpm-4.0.2-5x.src.rpm

alpha:
ftp://updates.redhat.com/5.2/alpha/rpm-4.0.2-5x.alpha.rpm
ftp://updates.redhat.com/5.2/alpha/rpm-devel-4.0.2-5x.alpha.rpm
ftp://updates.redhat.com/5.2/alpha/rpm-build-4.0.2-5x.alpha.rpm
ftp://updates.redhat.com/5.2/alpha/popt-1.6.2-5x.alpha.rpm

i386:
ftp://updates.redhat.com/5.2/i386/rpm-4.0.2-5x.i386.rpm
ftp://updates.redhat.com/5.2/i386/rpm-devel-4.0.2-5x.i386.rpm
ftp://updates.redhat.com/5.2/i386/rpm-build-4.0.2-5x.i386.rpm
ftp://updates.redhat.com/5.2/i386/popt-1.6.2-5x.i386.rpm

sparc:
ftp://updates.redhat.com/5.2/sparc/rpm-4.0.2-5x.sparc.rpm
ftp://updates.redhat.com/5.2/sparc/rpm-devel-4.0.2-5x.sparc.rpm
ftp://updates.redhat.com/5.2/sparc/rpm-build-4.0.2-5x.sparc.rpm
ftp://updates.redhat.com/5.2/sparc/popt-1.6.2-5x.sparc.rpm

Red Hat Linux 6.2:

SRPMS:
ftp://updates.redhat.com/6.2/SRPMS/rpm-4.0.2-6x.src.rpm

alpha:
ftp://updates.redhat.com/6.2/alpha/rpm-4.0.2-6x.alpha.rpm
ftp://updates.redhat.com/6.2/alpha/rpm-devel-4.0.2-6x.alpha.rpm
ftp://updates.redhat.com/6.2/alpha/rpm-build-4.0.2-6x.alpha.rpm
ftp://updates.redhat.com/6.2/alpha/popt-1.6.2-6x.alpha.rpm

i386:
ftp://updates.redhat.com/6.2/i386/rpm-4.0.2-6x.i386.rpm
ftp://updates.redhat.com/6.2/i386/rpm-devel-4.0.2-6x.i386.rpm
ftp://updates.redhat.com/6.2/i386/rpm-build-4.0.2-6x.i386.rpm
ftp://updates.redhat.com/6.2/i386/popt-1.6.2-6x.i386.rpm

sparc:
ftp://updates.redhat.com/6.2/sparc/rpm-4.0.2-6x.sparc.rpm
ftp://updates.redhat.com/6.2/sparc/rpm-devel-4.0.2-6x.sparc.rpm
ftp://updates.redhat.com/6.2/sparc/rpm-build-4.0.2-6x.sparc.rpm
ftp://updates.redhat.com/6.2/sparc/popt-1.6.2-6x.sparc.rpm

Red Hat Linux 7.0:

SRPMS:
ftp://updates.redhat.com/7.0/SRPMS/rpm-4.0.2-7x.src.rpm

alpha:
ftp://updates.redhat.com/7.0/alpha/rpm-4.0.2-7x.alpha.rpm
ftp://updates.redhat.com/7.0/alpha/rpm-devel-4.0.2-7x.alpha.rpm
ftp://updates.redhat.com/7.0/alpha/rpm-build-4.0.2-7x.alpha.rpm
ftp://updates.redhat.com/7.0/alpha/rpm-python-4.0.2-7x.alpha.rpm
ftp://updates.redhat.com/7.0/alpha/popt-1.6.2-7x.alpha.rpm

i386:
ftp://updates.redhat.com/7.0/i386/rpm-4.0.2-7x.i386.rpm
ftp://updates.redhat.com/7.0/i386/rpm-devel-4.0.2-7x.i386.rpm
ftp://updates.redhat.com/7.0/i386/rpm-build-4.0.2-7x.i386.rpm
ftp://updates.redhat.com/7.0/i386/rpm-python-4.0.2-7x.i386.rpm
ftp://updates.redhat.com/7.0/i386/popt-1.6.2-7x.i386.rpm



7. Verification:

MD5 sum                           Package Name
--------------------------------------------------------------------------
64691330604ed8c0c5eedde76c2fb184  5.2/SRPMS/rpm-4.0.2-5x.src.rpm
0fba7783b2ed9960d3f57293750238bb  5.2/alpha/popt-1.6.2-5x.alpha.rpm
7aaf74071671d996f6b2ceba5783fa2c  5.2/alpha/rpm-4.0.2-5x.alpha.rpm
ebb5e6ae5892486c8d8a369810cbac71  5.2/alpha/rpm-build-4.0.2-5x.alpha.rpm
fcb56dbdde9859afb8ba607f77ed2064  5.2/alpha/rpm-devel-4.0.2-5x.alpha.rpm
d455f9ec99ecb93835fd2b0c38aff58b  5.2/i386/popt-1.6.2-5x.i386.rpm
eddf2ff8b7cbb1badf0ea5f581e4ff0d  5.2/i386/rpm-4.0.2-5x.i386.rpm
679eaacbc1e225a6797fb0088d745f92  5.2/i386/rpm-build-4.0.2-5x.i386.rpm
8c179f743ebc3a79c76a55dea9584f95  5.2/i386/rpm-devel-4.0.2-5x.i386.rpm
797daa74f557647f3a8da87c0f49eaa7  5.2/sparc/popt-1.6.2-5x.sparc.rpm
b2f031ee0041739dc7ee6d4e6817076a  5.2/sparc/rpm-4.0.2-5x.sparc.rpm
fb20a02cfe1238ad4801ce71222edfd8  5.2/sparc/rpm-build-4.0.2-5x.sparc.rpm
74cb51bb776849459f26ad43378a6286  5.2/sparc/rpm-devel-4.0.2-5x.sparc.rpm
91a8647595c6a534f4084fbdeecd1380  6.2/SRPMS/rpm-4.0.2-6x.src.rpm
b613246a3a48e77f79577165cfe62057  6.2/alpha/popt-1.6.2-6x.alpha.rpm
082aff6cdcf39899574b0226f4eeca53  6.2/alpha/rpm-4.0.2-6x.alpha.rpm
bd0aa3c85732486bade9d662a8a9d025  6.2/alpha/rpm-build-4.0.2-6x.alpha.rpm
2a5c11545da29718ba39e46cd22499ea  6.2/alpha/rpm-devel-4.0.2-6x.alpha.rpm
b0271d8de9211cce3ad146f1e6c62bd9  6.2/i386/popt-1.6.2-6x.i386.rpm
0fb05fb1600edcb55fbcbbdb1edb40d8  6.2/i386/rpm-4.0.2-6x.i386.rpm
76e060bd28312325b2ff221fac847fc9  6.2/i386/rpm-build-4.0.2-6x.i386.rpm
6332e5d1519627108b3c664de6a37b6d  6.2/i386/rpm-devel-4.0.2-6x.i386.rpm
9240547d1df05a9cd43a8507e10ea1f1  6.2/sparc/popt-1.6.2-6x.sparc.rpm
10133d01dcaeedb695e5ea7c9a582427  6.2/sparc/rpm-4.0.2-6x.sparc.rpm
fbb0068debc0faf7f7bc54d920fbffb1  6.2/sparc/rpm-build-4.0.2-6x.sparc.rpm
88f53e91f9da46d85068f5c9795e46bc  6.2/sparc/rpm-devel-4.0.2-6x.sparc.rpm
7af51ac96d8f0f18e139140cfceea9aa  7.0/SRPMS/rpm-4.0.2-7x.src.rpm
a4236ea3635f4325fa3149986cd4a14f  7.0/alpha/popt-1.6.2-7x.alpha.rpm
fa9e0fa03a627f498f07301465ac27dd  7.0/alpha/rpm-4.0.2-7x.alpha.rpm
40e1b82d88a8ad19f98d217e47ef1bf5  7.0/alpha/rpm-build-4.0.2-7x.alpha.rpm
ce4c54eeb33c7c5d0d30767d1d91e7cb  7.0/alpha/rpm-devel-4.0.2-7x.alpha.rpm
447da8566447b4c9115631d9ee7b705a  7.0/alpha/rpm-python-4.0.2-7x.alpha.rpm
e259bf0ba9b4ae2ba85d5f6517df7333  7.0/i386/popt-1.6.2-7x.i386.rpm
998f0871de8bb93af136aba676b9bf48  7.0/i386/rpm-4.0.2-7x.i386.rpm
bb12807e379c9ee46a3629f2e3271215  7.0/i386/rpm-build-4.0.2-7x.i386.rpm
4a96b1b9bfea3b071b19607d7364952f  7.0/i386/rpm-devel-4.0.2-7x.i386.rpm
5901bc8f18e7464b673a185227f95b41  7.0/i386/rpm-python-4.0.2-7x.i386.rpm

These packages are GPG signed by Red Hat, Inc. for security.  Our key
is available at:
    http://www.redhat.com/corp/contact.html

You can verify each package with the following command:
    rpm --checksig  

If you only wish to verify that each package has not been corrupted or
tampered with, examine only the md5sum with the following command:
    rpm --checksig --nogpg 

8. References:




Copyright(c) 2000, 2001 Red Hat, Inc.

  Nav
» Read more about: Story Type: Security; Groups: Red Hat

« Return to the newswire homepage

This topic does not have any threads posted yet!

You cannot post until you login.