SUSE-SU-2021:3444-1

Details

This update for rpm fixes the following issues:

Security issues fixed:

CVE-2021-3421, CVE-2021-20271, CVE-2021-20266: Multiple header check improvements (bsc#1183543, bsc#1183545, bsc#1183632)
PGP hardening changes (bsc#1185299)
Fixed potential access of freed mem in ndb's glue code (bsc#1179416)

Maintaince issues fixed:

Fixed zstd detection (bsc#1187670)
Added ndb rofs support (bsc#1188548)
Fixed deadlock when multiple rpm processes try tp acquire the database lock (bsc#1183659)

Affected Packages

python-rpm

SUSE Linux Enterprise Micro 5.0SUSE Linux Enterprise Module for Basesystem 15 SP2SUSE Linux Enterprise Module for Python 2 15 SP2

Fixed in:

4.14.1-22.4.1

python3-rpm

SUSE Linux Enterprise Micro 5.0SUSE Linux Enterprise Module for Basesystem 15 SP2

Fixed in:

4.14.1-22.4.1

rpm

SUSE Linux Enterprise Micro 5.0SUSE Linux Enterprise Module for Basesystem 15 SP2SUSE Linux Enterprise Module for Development Tools 15 SP2SUSE Manager Proxy Module 4.1SUSE Manager Server Module 4.1

Fixed in:

4.14.1-22.4.2

rpm-32bit

SUSE Linux Enterprise Module for Basesystem 15 SP2

Fixed in:

4.14.1-22.4.2

rpm-devel

SUSE Linux Enterprise Module for Basesystem 15 SP2

Fixed in:

4.14.1-22.4.2

rpm-build

SUSE Linux Enterprise Module for Development Tools 15 SP2SUSE Manager Proxy Module 4.1SUSE Manager Server Module 4.1