FEDORA-2017-ab57a100f3

security update in Fedora 25 for rpm

Status: stable a year ago

This latest stable release on rpm 4.13.x branch brings in several important bugfixes. For details see release notes at http://rpm.org/wiki/Releases/4.13.0.2.

How to install

sudo dnf upgrade --advisory=FEDORA-2017-ab57a100f3

Comments 12

This update has been submitted for testing by pmatilai.

This update has been pushed to testing.

Works

karma: +1

works for me in a VM

karma: +1

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

This update has been submitted for batched by pmatilai.

This update has been submitted for stable by bodhi.

This update has been unpushed.

FWIW the reason for unpushing is the just-emerged https://bugzilla.redhat.com/show_bug.cgi?id=1514608 which looks like a regression in hardlink handling, and the last thing we need right before EOL is a new regression.

This update has been submitted for batched by pmatilai.

This update has been submitted for stable by pmatilai.

This update has been pushed to stable.


Add Comment & Feedback
Toggle Preview

Comment fields support Fedora-Flavored Markdown. Comments are governed under this privacy policy.

-1 0 +1 Feedback Guidelines

Is the update generally functional? (karma)

You need to be logged in to add karma!

Does the system's basic functionality continue to work after this update?
#1467374 CVE-2017-7500 rpm: Following symlinks to directories when installing packages allows privilege escalation [fedora-all]
#1467375 CVE-2017-7501 rpm: Following symlinks to files when installing packages allows privilege escalation [fedora-all]
Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
medium
Karma
+2
stable threshold: 5
unstable threshold: -3
Autopush
Disabled
Dates
submitted 2 years ago
in testing 2 years ago
in stable a year ago

Related Bugs 2

00 #1467374 CVE-2017-7500 rpm: Following symlinks to directories when installing packages allows privilege escalation [fedora-all]
00 #1467375 CVE-2017-7501 rpm: Following symlinks to files when installing packages allows privilege escalation [fedora-all]

Automated Test Results