Red Hat Security Advisory: rpm-4.0.2 for all Red Hat platforms and releasesMar 21, 2001, 21:23 (2 Talkback[s])
Date: Mon, 19 Mar 2001 14:25 -0500
Red Hat, Inc. Red Hat Security Advisory Synopsis: rpm-4.0.2 for all Red Hat platforms and releases. Advisory ID: RHSA-2001:016-03 Issue date: 2001-02-19 Updated on: 2001-03-19 Product: Red Hat Linux Keywords: rpm Cross references: Obsoletes:
A common version of rpm for all Red Hat distributions is being released. This version of rpm understands legacy version 3 packaging used in Red Hat 6.x/5.x distributions as well as version 4 packaging used in Red Hat 7.x.
In addition, rpm-4.0.2 has support for both the legacy db1 format used in Red Hat 6.x/5.x databases as well as support for the db3 format database used in Red Hat 7.x
2. Relevant releases/architectures:
Red Hat Linux 5.2 - alpha, i386, sparc
3. Problem description:
Several potential problems
1) Red Hat 6.x/5.x users will need to install the db3 packages from RHEA-2001:015-09.
2) Red Hat 5.x users should note that the default compiler flags in rpm have changed, and are not compatible with the gcc originally shipped with Red Hat 5.2. Use egcs as a compiler instead.
3) Red Hat 6.x/5.x users should convert from db1 to db3 format
dtabases at your earliest convience. This can be done by running,
as root, the command
4) All platforms: If you chose to install rpm-4.0.2, and then go back to a previous version of rpm, then you will experience segfaults due to an incompatible change in headers in the database. The problem is in legacy versions of rpm going back to rpm-3.0, and is both caused and fixed by rpm-4.0.2. This incompatibility also applies to any/all applications that are statically linked against rpm libraries which should either be upgraded or recompiled to use rpm-4.0.2 libraries. Applications that use shared libraries should not be affected by this problem.
5) All platforms: rpm-4.0.2 will fail to install if you have both db1 and db3 rpm databases in /var/lib/rpm. If the packages do not install, please check the directory /var/lib/rpm for the files "packages.rpm" (the db1 format headers) and "Packages" (the db3 format headers) and rename/remove the older or smaller of the two files in order to upgrade.
To update all RPMs for your particular architecture, run:
rpm -Fvh <filenames>
where <filenames> is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directly *only* contains the desired RPMs.
Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command:
This will start an interactive process that will result in the appropriate RPMs being upgraded on your system.
5. Bug IDs fixed (http://bugzilla.redhat.com/bugzilla for more info):
6. RPMs required:
Red Hat Linux 5.2:
Red Hat Linux 6.2:
Red Hat Linux 7.0:
MD5 sum Package Name
64691330604ed8c0c5eedde76c2fb184 5.2/SRPMS/rpm-4.0.2-5x.src.rpm 0fba7783b2ed9960d3f57293750238bb 5.2/alpha/popt-1.6.2-5x.alpha.rpm 7aaf74071671d996f6b2ceba5783fa2c 5.2/alpha/rpm-4.0.2-5x.alpha.rpm ebb5e6ae5892486c8d8a369810cbac71 5.2/alpha/rpm-build-4.0.2-5x.alpha.rpm fcb56dbdde9859afb8ba607f77ed2064 5.2/alpha/rpm-devel-4.0.2-5x.alpha.rpm d455f9ec99ecb93835fd2b0c38aff58b 5.2/i386/popt-1.6.2-5x.i386.rpm eddf2ff8b7cbb1badf0ea5f581e4ff0d 5.2/i386/rpm-4.0.2-5x.i386.rpm 679eaacbc1e225a6797fb0088d745f92 5.2/i386/rpm-build-4.0.2-5x.i386.rpm 8c179f743ebc3a79c76a55dea9584f95 5.2/i386/rpm-devel-4.0.2-5x.i386.rpm 797daa74f557647f3a8da87c0f49eaa7 5.2/sparc/popt-1.6.2-5x.sparc.rpm b2f031ee0041739dc7ee6d4e6817076a 5.2/sparc/rpm-4.0.2-5x.sparc.rpm fb20a02cfe1238ad4801ce71222edfd8 5.2/sparc/rpm-build-4.0.2-5x.sparc.rpm 74cb51bb776849459f26ad43378a6286 5.2/sparc/rpm-devel-4.0.2-5x.sparc.rpm 91a8647595c6a534f4084fbdeecd1380 6.2/SRPMS/rpm-4.0.2-6x.src.rpm b613246a3a48e77f79577165cfe62057 6.2/alpha/popt-1.6.2-6x.alpha.rpm 082aff6cdcf39899574b0226f4eeca53 6.2/alpha/rpm-4.0.2-6x.alpha.rpm bd0aa3c85732486bade9d662a8a9d025 6.2/alpha/rpm-build-4.0.2-6x.alpha.rpm 2a5c11545da29718ba39e46cd22499ea 6.2/alpha/rpm-devel-4.0.2-6x.alpha.rpm b0271d8de9211cce3ad146f1e6c62bd9 6.2/i386/popt-1.6.2-6x.i386.rpm 0fb05fb1600edcb55fbcbbdb1edb40d8 6.2/i386/rpm-4.0.2-6x.i386.rpm 76e060bd28312325b2ff221fac847fc9 6.2/i386/rpm-build-4.0.2-6x.i386.rpm 6332e5d1519627108b3c664de6a37b6d 6.2/i386/rpm-devel-4.0.2-6x.i386.rpm 9240547d1df05a9cd43a8507e10ea1f1 6.2/sparc/popt-1.6.2-6x.sparc.rpm 10133d01dcaeedb695e5ea7c9a582427 6.2/sparc/rpm-4.0.2-6x.sparc.rpm fbb0068debc0faf7f7bc54d920fbffb1 6.2/sparc/rpm-build-4.0.2-6x.sparc.rpm 88f53e91f9da46d85068f5c9795e46bc 6.2/sparc/rpm-devel-4.0.2-6x.sparc.rpm 7af51ac96d8f0f18e139140cfceea9aa 7.0/SRPMS/rpm-4.0.2-7x.src.rpm a4236ea3635f4325fa3149986cd4a14f 7.0/alpha/popt-1.6.2-7x.alpha.rpm fa9e0fa03a627f498f07301465ac27dd 7.0/alpha/rpm-4.0.2-7x.alpha.rpm 40e1b82d88a8ad19f98d217e47ef1bf5 7.0/alpha/rpm-build-4.0.2-7x.alpha.rpm ce4c54eeb33c7c5d0d30767d1d91e7cb 7.0/alpha/rpm-devel-4.0.2-7x.alpha.rpm 447da8566447b4c9115631d9ee7b705a 7.0/alpha/rpm-python-4.0.2-7x.alpha.rpm e259bf0ba9b4ae2ba85d5f6517df7333 7.0/i386/popt-1.6.2-7x.i386.rpm 998f0871de8bb93af136aba676b9bf48 7.0/i386/rpm-4.0.2-7x.i386.rpm bb12807e379c9ee46a3629f2e3271215 7.0/i386/rpm-build-4.0.2-7x.i386.rpm 4a96b1b9bfea3b071b19607d7364952f 7.0/i386/rpm-devel-4.0.2-7x.i386.rpm 5901bc8f18e7464b673a185227f95b41 7.0/i386/rpm-python-4.0.2-7x.i386.rpmThese packages are GPG signed by Red Hat, Inc. for security. Our key is available at:
You can verify each package with the following command:
If you only wish to verify that each package has not been
corrupted or tampered with, examine only the md5sum with the
Copyright(c) 2000, 2001 Red Hat, Inc.