Updated rpm packages that fix two security issues are now available for RedHat Enterprise Linux 7.Red Hat Product Security has rated this update as having Important securityimpact. Common Vulnerability Scoring System (CVSS) base scores, which givedetailed severity ratings, are available for each vulnerability from theCVE links in the References section.

The RPM Package Manager (RPM) is a powerful command line driven packagemanagement system capable of installing, uninstalling, verifying, querying,and updating software packages. Each software package consists of anarchive of files along with information about the package such as itsversion, description, and other information.It was found that RPM wrote file contents to the target installationdirectory under a temporary name, and verified its cryptographic signatureonly after the temporary file has been written completely. Under certainconditions, the system interprets the unverified temporary file contentsand extracts commands from it. This could allow an attacker to modifysigned RPM files in such a way that they would execute code chosen by theattacker during package installation. (CVE-2013-6435)It was found that RPM could encounter an integer overflow, leading to astack-based buffer overflow, while parsing a crafted CPIO header in thepayload section of an RPM file. This could allow an attacker to modifysigned RPM files in such a way that they would execute code chosen by theattacker during package installation. (CVE-2014-8118)These issues were discovered by Florian Weimer of Red Hat Product Security.All rpm users are advised to upgrade to these updated packages, whichcontain backported patches to correct these issues. All runningapplications linked against the RPM library must be restarted for thisupdate to take effect.
Red Hat Enterprise Linux Desktop (v. 7)

SRPMS:
rpm-4.11.1-18.el7_0.src.rpm
    MD5: a8e6e36adae43f219c67b9fa6d6ab84aSHA-256: f1f083b6c13db9035257dd23336ef459611176853f5254042a92a176852a1dc3
 
x86_64:
rpm-4.11.1-18.el7_0.x86_64.rpm
    MD5: 7e994a20104aadf547db309324df7befSHA-256: 17cb345a067c64b43698a0b27933458c5756dc70e4b30a97bc56aa7ebb3fee04
rpm-apidocs-4.11.1-18.el7_0.noarch.rpm
    MD5: f891e13a6f4458a8bb215270804d56d7SHA-256: 8c08ed3dd2d33847aa9ba841903b82bad4745c55e6893edec166abfd8a7400c6
rpm-build-4.11.1-18.el7_0.x86_64.rpm
    MD5: 9e0db09d3554e810cd5bdc4dddc170d4SHA-256: a1d1052e69a8b2b60347fc1b77c4524f3fb8ab5e9ff56b265fe1da2e26e74f01
rpm-build-libs-4.11.1-18.el7_0.i686.rpm
    MD5: 8d6b49ac9fc038ae68212e75e08f39afSHA-256: 0b994e39031836abc8dc057739cb0cd4e9cf6a836e0582004c046bd3b0f524b9
rpm-build-libs-4.11.1-18.el7_0.x86_64.rpm
    MD5: c9bdbc45ac41f4074ce803da5ca1a6e4SHA-256: bde6e05a60fe734d83d6806e26edc94ac5070db907489edb4cbddb14fa3bf0ff
rpm-cron-4.11.1-18.el7_0.noarch.rpm
    MD5: c0fcc2c4c7c9c26cf7458e30db661335SHA-256: 433a2e96baaa44fe1aeb233f6dcdd998927aac6dbf13025cee8129337006c738
rpm-debuginfo-4.11.1-18.el7_0.i686.rpm
    MD5: 5dfa0f032c2b85fabbbeb0e6351bf60fSHA-256: 4ea45b0fe6eeeb53985260f903e5df18e9ab7c3d9d5ac7025fa7eaf04c42eec5
rpm-debuginfo-4.11.1-18.el7_0.x86_64.rpm
    MD5: 580df1ed0dc8499014f37c73d5a2574eSHA-256: 4382258daaa1cbf290a857c879dc952ba8ab778ab37e0b45b6cd72f9c7f4ca63
rpm-devel-4.11.1-18.el7_0.i686.rpm
    MD5: 094cf336c9275cce26046e2f1228bab9SHA-256: f5b42a453649fda8262a97e53bb4e1df51ccced134ce41e9661fcdf8ae34972c
rpm-devel-4.11.1-18.el7_0.x86_64.rpm
    MD5: 41d75d120939f295d88f4193b62d8b99SHA-256: 76e6ffa1977feed6eb70b75d46c32773d774c93805fbcfc6bbdf7d79d937923e
rpm-libs-4.11.1-18.el7_0.i686.rpm
    MD5: 038aa6078aa1fa398221999f2e5de026SHA-256: d9c3a4bbf369968a734d691f2747ea4e8f229289680a11997ea65013e3b5c643
rpm-libs-4.11.1-18.el7_0.x86_64.rpm
    MD5: 9e42a46e66393236e0f53be5c622835dSHA-256: 71949a9cf5be517d8e3b94c7ba14bdf944b7cbac473b5457cf4ce6ad7df742c7
rpm-python-4.11.1-18.el7_0.x86_64.rpm
    MD5: 4559c3e5182ce2ce24bc45d12d1820e0SHA-256: 984d7b6d2b2724ad452aa8259fce4ffd6b469acb20943933d37e3e8b7c501dc9
rpm-sign-4.11.1-18.el7_0.x86_64.rpm
    MD5: 3fe151607b591c9d351cc9bae3b171b5SHA-256: 7472a905df6cd447122c089f1221c7563a1f962db91d0c98824e8b2f3454b4bf
 
Red Hat Enterprise Linux HPC Node (v. 7)

SRPMS:
rpm-4.11.1-18.el7_0.src.rpm
    MD5: a8e6e36adae43f219c67b9fa6d6ab84aSHA-256: f1f083b6c13db9035257dd23336ef459611176853f5254042a92a176852a1dc3
 
x86_64:
rpm-4.11.1-18.el7_0.x86_64.rpm
    MD5: 7e994a20104aadf547db309324df7befSHA-256: 17cb345a067c64b43698a0b27933458c5756dc70e4b30a97bc56aa7ebb3fee04
rpm-apidocs-4.11.1-18.el7_0.noarch.rpm
    MD5: f891e13a6f4458a8bb215270804d56d7SHA-256: 8c08ed3dd2d33847aa9ba841903b82bad4745c55e6893edec166abfd8a7400c6
rpm-build-4.11.1-18.el7_0.x86_64.rpm
    MD5: 9e0db09d3554e810cd5bdc4dddc170d4SHA-256: a1d1052e69a8b2b60347fc1b77c4524f3fb8ab5e9ff56b265fe1da2e26e74f01
rpm-build-libs-4.11.1-18.el7_0.i686.rpm
    MD5: 8d6b49ac9fc038ae68212e75e08f39afSHA-256: 0b994e39031836abc8dc057739cb0cd4e9cf6a836e0582004c046bd3b0f524b9
rpm-build-libs-4.11.1-18.el7_0.x86_64.rpm
    MD5: c9bdbc45ac41f4074ce803da5ca1a6e4SHA-256: bde6e05a60fe734d83d6806e26edc94ac5070db907489edb4cbddb14fa3bf0ff
rpm-cron-4.11.1-18.el7_0.noarch.rpm
    MD5: c0fcc2c4c7c9c26cf7458e30db661335SHA-256: 433a2e96baaa44fe1aeb233f6dcdd998927aac6dbf13025cee8129337006c738
rpm-debuginfo-4.11.1-18.el7_0.i686.rpm
    MD5: 5dfa0f032c2b85fabbbeb0e6351bf60fSHA-256: 4ea45b0fe6eeeb53985260f903e5df18e9ab7c3d9d5ac7025fa7eaf04c42eec5
rpm-debuginfo-4.11.1-18.el7_0.x86_64.rpm
    MD5: 580df1ed0dc8499014f37c73d5a2574eSHA-256: 4382258daaa1cbf290a857c879dc952ba8ab778ab37e0b45b6cd72f9c7f4ca63
rpm-devel-4.11.1-18.el7_0.i686.rpm
    MD5: 094cf336c9275cce26046e2f1228bab9SHA-256: f5b42a453649fda8262a97e53bb4e1df51ccced134ce41e9661fcdf8ae34972c
rpm-devel-4.11.1-18.el7_0.x86_64.rpm
    MD5: 41d75d120939f295d88f4193b62d8b99SHA-256: 76e6ffa1977feed6eb70b75d46c32773d774c93805fbcfc6bbdf7d79d937923e
rpm-libs-4.11.1-18.el7_0.i686.rpm
    MD5: 038aa6078aa1fa398221999f2e5de026SHA-256: d9c3a4bbf369968a734d691f2747ea4e8f229289680a11997ea65013e3b5c643
rpm-libs-4.11.1-18.el7_0.x86_64.rpm
    MD5: 9e42a46e66393236e0f53be5c622835dSHA-256: 71949a9cf5be517d8e3b94c7ba14bdf944b7cbac473b5457cf4ce6ad7df742c7
rpm-python-4.11.1-18.el7_0.x86_64.rpm
    MD5: 4559c3e5182ce2ce24bc45d12d1820e0SHA-256: 984d7b6d2b2724ad452aa8259fce4ffd6b469acb20943933d37e3e8b7c501dc9
rpm-sign-4.11.1-18.el7_0.x86_64.rpm
    MD5: 3fe151607b591c9d351cc9bae3b171b5SHA-256: 7472a905df6cd447122c089f1221c7563a1f962db91d0c98824e8b2f3454b4bf
 
Red Hat Enterprise Linux Server (v. 7)

SRPMS:
rpm-4.11.1-18.el7_0.src.rpm
    MD5: a8e6e36adae43f219c67b9fa6d6ab84aSHA-256: f1f083b6c13db9035257dd23336ef459611176853f5254042a92a176852a1dc3
 
PPC:
rpm-4.11.1-18.el7_0.ppc64.rpm
    MD5: 460aae339f1c00b1438157ee182d1301SHA-256: 7a47eec5907a52ee5cf06da9dce5034e70b810c8b1decce0ff822c6f82c8713e
rpm-apidocs-4.11.1-18.el7_0.noarch.rpm
    MD5: f891e13a6f4458a8bb215270804d56d7SHA-256: 8c08ed3dd2d33847aa9ba841903b82bad4745c55e6893edec166abfd8a7400c6
rpm-build-4.11.1-18.el7_0.ppc64.rpm
    MD5: 2d0494bfbfc183b324d110a47fa0d63eSHA-256: 0ee3463e13e5b300f12430570893b4cab0dccf909041a28e2495039d2c18373c
rpm-build-libs-4.11.1-18.el7_0.ppc.rpm
    MD5: 4e1528af2b71e3e70749e7dce426349aSHA-256: bbcefdca96aa89a12abed126211d6a7142357f781d5b334a92af8a1ad5818464
rpm-build-libs-4.11.1-18.el7_0.ppc64.rpm
    MD5: d06c714f8a6c4d407b31678523a17f0dSHA-256: 2afdfd6939f2e07ea1914ed1c5d6cca0e052c675d1402543fb2397349fabe86d
rpm-cron-4.11.1-18.el7_0.noarch.rpm
    MD5: c0fcc2c4c7c9c26cf7458e30db661335SHA-256: 433a2e96baaa44fe1aeb233f6dcdd998927aac6dbf13025cee8129337006c738
rpm-debuginfo-4.11.1-18.el7_0.ppc.rpm
    MD5: f250f82e84d186d20885615bd071e07eSHA-256: 87cad6b0435a5da395a9f6f5420dbfcfb6984a347684531df352f014a7a73c70
rpm-debuginfo-4.11.1-18.el7_0.ppc64.rpm
    MD5: b26a37ebbfb3a869b7006954e4dbb6a8SHA-256: ae16b9240a8ba87e3dedf80ac5e7bdbce79e17198659c6992f6ec8c98fd90e22
rpm-devel-4.11.1-18.el7_0.ppc.rpm
    MD5: 3b40d49d60ce9828f415b26f4c385118SHA-256: e95adf52f1f55446365087b135eb366821a25ca464ad28b24abac3afb2f0f2a6
rpm-devel-4.11.1-18.el7_0.ppc64.rpm
    MD5: 2dfae558ff462a7baeb6054a01881615SHA-256: b635bb5da8c63f3509218809961893f35c05c0375aff403153cc098425ca8271
rpm-libs-4.11.1-18.el7_0.ppc.rpm
    MD5: e554edc1fd0e9ff1c789d974d44da29cSHA-256: 6bfb3c146c926458173ca43256b8f3f5322b92dc95e7f9bcecead2452eea058e
rpm-libs-4.11.1-18.el7_0.ppc64.rpm
    MD5: 8be51075400e09d79db7887186748646SHA-256: 101940df1eb4e7e3d0c4c21a08475b6e005294c8949f359c68df715b783a43bc
rpm-python-4.11.1-18.el7_0.ppc64.rpm
    MD5: e1700786eaa793b8ac4f64dbc3001e74SHA-256: 0e30416a1ed8af94978775a3c0380dcbfdae5fa3cdf503976a45a72725e775fe
rpm-sign-4.11.1-18.el7_0.ppc64.rpm
    MD5: 090230a87ae7ee3d9f9e43ba2cd97396SHA-256: 0d01fc7fc7b6da17f5d91292fc03ed875c3865e29ce43569ea42e255bde00029
 
s390x:
rpm-4.11.1-18.el7_0.s390x.rpm
    MD5: a036f7465f0c532a45fe05384241cec9SHA-256: c6c5cf954e1eb1a1b062e336ec184dbb546148c5541c36962cf4e9e090ee06ad
rpm-apidocs-4.11.1-18.el7_0.noarch.rpm
    MD5: f891e13a6f4458a8bb215270804d56d7SHA-256: 8c08ed3dd2d33847aa9ba841903b82bad4745c55e6893edec166abfd8a7400c6
rpm-build-4.11.1-18.el7_0.s390x.rpm
    MD5: 4043f5c199cb36d9822c6ad05d07e4c8SHA-256: 5c7fcb706eb35b0c3a19130eb8d0af0523159c846934c3254277bd6b42d29c3e
rpm-build-libs-4.11.1-18.el7_0.s390.rpm
    MD5: e2d1f34a9eb888241019cc4001a737bbSHA-256: 75f2940f0b33e0474270133fab3bdea7f6b24739f85b6d92b7867ed3c99cc0d0
rpm-build-libs-4.11.1-18.el7_0.s390x.rpm
    MD5: b60a6ea0bb98251830d666c7f68af91cSHA-256: 6e60c36780596e3779275286f97386eee600a6edc7a735914e6a496e0159498f
rpm-cron-4.11.1-18.el7_0.noarch.rpm
    MD5: c0fcc2c4c7c9c26cf7458e30db661335SHA-256: 433a2e96baaa44fe1aeb233f6dcdd998927aac6dbf13025cee8129337006c738
rpm-debuginfo-4.11.1-18.el7_0.s390.rpm
    MD5: b8653703ab1993fdd1c127fb221f940fSHA-256: 1ac982027afb4cbfea5491274719b78a882949c69ac1a9fd24aa48c02fe9a424
rpm-debuginfo-4.11.1-18.el7_0.s390x.rpm
    MD5: 0a0832ed047ec391f818d5e7a4479bfdSHA-256: 9a23e3feea172073bab99611800803cf87e3cac0150e705a40b8229a38943284
rpm-devel-4.11.1-18.el7_0.s390.rpm
    MD5: d18a9ccf58908eeb903795f2b9be667eSHA-256: 9e96f662d1f5205aae728883f235e922e8fb6abaa9b96d9efb1b0b2cd767007c
rpm-devel-4.11.1-18.el7_0.s390x.rpm
    MD5: 39cbb1f38bd8a29e521e3097faf9bb28SHA-256: 13399f2ec3e10626f83448b7a122bee872fa7584837f1c6e5383363b67889b0c
rpm-libs-4.11.1-18.el7_0.s390.rpm
    MD5: 1c4ecc272b019e90fb97fe012bde0bfcSHA-256: 7aa42308f1a4f402995690798fb11cbc0c61e5915406c26136823fd7d733db44
rpm-libs-4.11.1-18.el7_0.s390x.rpm
    MD5: ac020a6730b9baf255e21c64d52d9b06SHA-256: 169fe9f218d49e4ae00fe828b0c9ff93840edf35fc224df9db517deb3ca31b60
rpm-python-4.11.1-18.el7_0.s390x.rpm
    MD5: 54a82206bb69dd2d008e0053f0319406SHA-256: 39dd336cc0f7b412d9ffb7e1fde07304394837089d5e464ac39b9b36bf5db301
rpm-sign-4.11.1-18.el7_0.s390x.rpm
    MD5: 537b6bcf7f4e3cd577a676b493a8de4dSHA-256: a1f536e736b8758953a8d6899c2869fbe017fb9391acb98134afe8a5140a1baa
 
x86_64:
rpm-4.11.1-18.el7_0.x86_64.rpm
    MD5: 7e994a20104aadf547db309324df7befSHA-256: 17cb345a067c64b43698a0b27933458c5756dc70e4b30a97bc56aa7ebb3fee04
rpm-apidocs-4.11.1-18.el7_0.noarch.rpm
    MD5: f891e13a6f4458a8bb215270804d56d7SHA-256: 8c08ed3dd2d33847aa9ba841903b82bad4745c55e6893edec166abfd8a7400c6
rpm-build-4.11.1-18.el7_0.x86_64.rpm
    MD5: 9e0db09d3554e810cd5bdc4dddc170d4SHA-256: a1d1052e69a8b2b60347fc1b77c4524f3fb8ab5e9ff56b265fe1da2e26e74f01
rpm-build-libs-4.11.1-18.el7_0.i686.rpm
    MD5: 8d6b49ac9fc038ae68212e75e08f39afSHA-256: 0b994e39031836abc8dc057739cb0cd4e9cf6a836e0582004c046bd3b0f524b9
rpm-build-libs-4.11.1-18.el7_0.x86_64.rpm
    MD5: c9bdbc45ac41f4074ce803da5ca1a6e4SHA-256: bde6e05a60fe734d83d6806e26edc94ac5070db907489edb4cbddb14fa3bf0ff
rpm-cron-4.11.1-18.el7_0.noarch.rpm
    MD5: c0fcc2c4c7c9c26cf7458e30db661335SHA-256: 433a2e96baaa44fe1aeb233f6dcdd998927aac6dbf13025cee8129337006c738
rpm-debuginfo-4.11.1-18.el7_0.i686.rpm
    MD5: 5dfa0f032c2b85fabbbeb0e6351bf60fSHA-256: 4ea45b0fe6eeeb53985260f903e5df18e9ab7c3d9d5ac7025fa7eaf04c42eec5
rpm-debuginfo-4.11.1-18.el7_0.x86_64.rpm
    MD5: 580df1ed0dc8499014f37c73d5a2574eSHA-256: 4382258daaa1cbf290a857c879dc952ba8ab778ab37e0b45b6cd72f9c7f4ca63
rpm-devel-4.11.1-18.el7_0.i686.rpm
    MD5: 094cf336c9275cce26046e2f1228bab9SHA-256: f5b42a453649fda8262a97e53bb4e1df51ccced134ce41e9661fcdf8ae34972c
rpm-devel-4.11.1-18.el7_0.x86_64.rpm
    MD5: 41d75d120939f295d88f4193b62d8b99SHA-256: 76e6ffa1977feed6eb70b75d46c32773d774c93805fbcfc6bbdf7d79d937923e
rpm-libs-4.11.1-18.el7_0.i686.rpm
    MD5: 038aa6078aa1fa398221999f2e5de026SHA-256: d9c3a4bbf369968a734d691f2747ea4e8f229289680a11997ea65013e3b5c643
rpm-libs-4.11.1-18.el7_0.x86_64.rpm
    MD5: 9e42a46e66393236e0f53be5c622835dSHA-256: 71949a9cf5be517d8e3b94c7ba14bdf944b7cbac473b5457cf4ce6ad7df742c7
rpm-python-4.11.1-18.el7_0.x86_64.rpm
    MD5: 4559c3e5182ce2ce24bc45d12d1820e0SHA-256: 984d7b6d2b2724ad452aa8259fce4ffd6b469acb20943933d37e3e8b7c501dc9
rpm-sign-4.11.1-18.el7_0.x86_64.rpm
    MD5: 3fe151607b591c9d351cc9bae3b171b5SHA-256: 7472a905df6cd447122c089f1221c7563a1f962db91d0c98824e8b2f3454b4bf
 
Red Hat Enterprise Linux Workstation (v. 7)

SRPMS:
rpm-4.11.1-18.el7_0.src.rpm
    MD5: a8e6e36adae43f219c67b9fa6d6ab84aSHA-256: f1f083b6c13db9035257dd23336ef459611176853f5254042a92a176852a1dc3
 
x86_64:
rpm-4.11.1-18.el7_0.x86_64.rpm
    MD5: 7e994a20104aadf547db309324df7befSHA-256: 17cb345a067c64b43698a0b27933458c5756dc70e4b30a97bc56aa7ebb3fee04
rpm-apidocs-4.11.1-18.el7_0.noarch.rpm
    MD5: f891e13a6f4458a8bb215270804d56d7SHA-256: 8c08ed3dd2d33847aa9ba841903b82bad4745c55e6893edec166abfd8a7400c6
rpm-build-4.11.1-18.el7_0.x86_64.rpm
    MD5: 9e0db09d3554e810cd5bdc4dddc170d4SHA-256: a1d1052e69a8b2b60347fc1b77c4524f3fb8ab5e9ff56b265fe1da2e26e74f01
rpm-build-libs-4.11.1-18.el7_0.i686.rpm
    MD5: 8d6b49ac9fc038ae68212e75e08f39afSHA-256: 0b994e39031836abc8dc057739cb0cd4e9cf6a836e0582004c046bd3b0f524b9
rpm-build-libs-4.11.1-18.el7_0.x86_64.rpm
    MD5: c9bdbc45ac41f4074ce803da5ca1a6e4SHA-256: bde6e05a60fe734d83d6806e26edc94ac5070db907489edb4cbddb14fa3bf0ff
rpm-cron-4.11.1-18.el7_0.noarch.rpm
    MD5: c0fcc2c4c7c9c26cf7458e30db661335SHA-256: 433a2e96baaa44fe1aeb233f6dcdd998927aac6dbf13025cee8129337006c738
rpm-debuginfo-4.11.1-18.el7_0.i686.rpm
    MD5: 5dfa0f032c2b85fabbbeb0e6351bf60fSHA-256: 4ea45b0fe6eeeb53985260f903e5df18e9ab7c3d9d5ac7025fa7eaf04c42eec5
rpm-debuginfo-4.11.1-18.el7_0.x86_64.rpm
    MD5: 580df1ed0dc8499014f37c73d5a2574eSHA-256: 4382258daaa1cbf290a857c879dc952ba8ab778ab37e0b45b6cd72f9c7f4ca63
rpm-devel-4.11.1-18.el7_0.i686.rpm
    MD5: 094cf336c9275cce26046e2f1228bab9SHA-256: f5b42a453649fda8262a97e53bb4e1df51ccced134ce41e9661fcdf8ae34972c
rpm-devel-4.11.1-18.el7_0.x86_64.rpm
    MD5: 41d75d120939f295d88f4193b62d8b99SHA-256: 76e6ffa1977feed6eb70b75d46c32773d774c93805fbcfc6bbdf7d79d937923e
rpm-libs-4.11.1-18.el7_0.i686.rpm
    MD5: 038aa6078aa1fa398221999f2e5de026SHA-256: d9c3a4bbf369968a734d691f2747ea4e8f229289680a11997ea65013e3b5c643
rpm-libs-4.11.1-18.el7_0.x86_64.rpm
    MD5: 9e42a46e66393236e0f53be5c622835dSHA-256: 71949a9cf5be517d8e3b94c7ba14bdf944b7cbac473b5457cf4ce6ad7df742c7
rpm-python-4.11.1-18.el7_0.x86_64.rpm
    MD5: 4559c3e5182ce2ce24bc45d12d1820e0SHA-256: 984d7b6d2b2724ad452aa8259fce4ffd6b469acb20943933d37e3e8b7c501dc9
rpm-sign-4.11.1-18.el7_0.x86_64.rpm
    MD5: 3fe151607b591c9d351cc9bae3b171b5SHA-256: 7472a905df6cd447122c089f1221c7563a1f962db91d0c98824e8b2f3454b4bf
 
(The unlinked packages above are only available from the Red Hat Network)
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from:

Leave a Reply