- RPM treated systems which were using Geode processors as compatible with the i686 architecture. Consequently, installation of i686 packages failed on this systems. This compatibility issue has been resolved by setting the architecture to i686, and installation of the i686 architecture packages works as expected.
- Previously, the Japanese version of the rpm(8) manual page contained multiple typos. This update corrects those typos.
- The Python bindings provided by the rpm-python package incorrectly added a new line character at the end of the group tag when retrieving it from a Python program. This bug has been fixed and the tag is now returned unaltered.
- Due to the lack of DWARF 3 and 4 format support, the rpmbuild utility was not able to produce usable debug packages with newer compilers. This update adds the required support for the debugedit utility to RPM, and DWARF 3 and 4 formats are now supported as expected.
- The "freshen" (rpm -F/--freshen) operation did not consider the architecture the packages were built for when selecting update candidates, which caused either misleading error messages or packages being updated to a different architecture inappropriately on multilib systems. RPM now requires an exact architecture match between packages on multilib systems to perform the freshen operation.
- Descriptions of the "--define" and "--eval" parameters were missing in the rpm(8) manual page. This update adds these missing descriptions.
- CVE-2012-0060, CVE-2012-0061, CVE-2012-0815
- Multiple flaws were found in the way RPM parsed package file headers. An attacker could create a specially-crafted RPM package that, when its package header was accessed, or during package signature verification, could cause an application using the RPM library (such as the rpm command line tool, or the yum and up2date package managers) to crash or, potentially, execute arbitrary code.