On 28 September 2017 at 16:06, Panu Matilainen <pmati...@redhat.com> wrote: > > There aren't that many changes since rc1, but enough to warrant a second > release candidate instead of going for final. The important ones being: > > - Fix a bug of file triggers failing on some packages (MgBug:18797, in > 4.13.x already) > - Fix a regression on 32bit architectures on generation of packages over 2GB > in size (RhBug:1492587) > - Fix rpm following arbitrary directory symlinks on installation > (CVE-2017-7500) > - Fix rpm following symlinks on file creation (CVE-2017-7501) > - Adjust verification to match the new directory symlink rule > - Forbid 'if' richops in 'or' context and 'unless' richops in 'and' context > > As usual, the details + download info at: > > http://rpm.org/wiki/Releases/4.14.0 > > Oh and release notes changed to use SHA256 instead of SHA1 for the source > checksum. Guess it's about time.
perl-RPM4's testsuite seems to have caught a regression: Simulating several simulate rpm -bi in a row now fails with: error: Wrong number of entries for tag Filemodes: 2 found but 1 expected. As a workaround, we've to reload the spec file between 2 tests: http://svnweb.mageia.org/packages/cauldron/perl-RPM4/current/SOURCES/reload-spec-file-before-builds.patch?revision=1143572&view=markup I've attached the output of erl t/04spec.t with & w/o this patch
LOG.t04b
Description: Binary data
LOG.t04
Description: Binary data
_______________________________________________ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint
