Security fixes
* Fix several out of bounds reads in the OpenPGP parser
* Fix handling of OpenPGP reserved tag (should be rejected)
* Fix various crashes from malformed packages with invalid tags
General bugfixes
* Fix %transfiletriggerpostun nondeterministic behavior
* Fix rpmdb cleanup on signal (regression introduced in 4.13.0)
Package building
* Fix debuginfo GDB index generation (regression introduced in 4.13.0)
* Fix malformed packages being generated around 4GB size boundary (regression introduced in 4.12.0)
* Fix special %doc/%license directory inheriting default file permissions (regression introduced in 4.13.0)
Build process
* Fix API documentation generation with Doxygen >= 1.8.8
Changelog:
Summary of changes from RPM 4.12.0
Package building
Fix RPMTAG_ARCHIVESIZE / RPMTAG_LONGARCHIVESIZE generation (RhBug:1142949)
Reduce double separator in dependency EVR error into a warning (RhBug:1065563)
Build process
Add testcase for RhBug:1142949
Summary of changes from RPM 4.11.2
General bugfixes and enhancements
New --nopretrans and --noposttrans disabler switches (previously tied to --nopre/--nopost)
New --noplugins switch to disable all plugins
New --reinstall mode which can handle changing file policies (RhBug:966715)
New --exportdb and --importdb switches in rpmdb(8)
New --recommends, --suggests, --supplements and --enhances query aliases for querying weak dependencies
New optional payload format to support large (> 4GB) files within packages (ticket #41)
New rpm2archive utility for converting rpm payload to tar archives
Fix curl globbing being enabled on remote retrieval (RhBug:1076277)
Fix $1 argument to %pretrans, %posttrans and %verifyscript to behave like all other scripts
Fix mixed binary + source rpm installation progress (RhBug:984724)
Fix file actions sometimes carrying state across multiple rpmtsRun() calls (RhBug:1076552)
Fix duplicate usernames causing false positives on verification (ticket #872)
Fix ordering to prefer self-provides on ordering when appropriate (RhBug:1111349)
Fix a double-free on unpadded signature header
Add support for "new" architectures:
m68k (again)
Sparc Niagara (detection)
ARM v6 and v7 (hardware FPU detection)
Documentation, translation updates
Package building
New warnings on invalid / dubious spec constructs:
Detect multiple %files sections per package
Detect empty %files -f manifest files
Detect multiple %changelog sections per spec
Detect duplicate Group, Summary, Description, Distribution, Vendor, License and Packager tags per package (ticket #27)
Add support for specifying weak dependencies (Recommends, Suggests, Supplements and Enhances) tags in spec
Add support for automatic generation of weak dependencies (RhBug:1117912)
New %{load:<path>} macro to load custom macro files (from eg spec)
New %_smp_ncpus_max macro to configure CPU limit for parallel builds (related to RhBug:669638)
New %make_build macro for hiding parallel-build magic from specs (ticket #115)
New %_rundir macro for referring to /run (formerly /var/run) directory
New %__gpg_reserved_space macro allows preallocating space for signatures which allows very fast package signing
Add support for detecting and warning on macro scoping violations (RhBug:552944) when %trace is active
Add support for %autosetup -S git_am variant (RhBug:???)
Fix parametrized macros eating newlines (RhBug:1045723)
Fix around macro scoping problems in %autosetup (RhBug:???)
Fix ELF soname dependencies getting generated for non-library DSO's too (RhBug:???)
Fix garbage sonames sometimes getting added as dependencies (ticket #158)
Fix various issues in dependency generator
Fix libtool dependency generation with libtool >= 2.4.2 version
Fix external dependency generator to use the same generators as internal one by default
Fix crash on missing name-argument to %package (RhBug:1123722)
Fix non-canonical path usage for matching in debugedit (RhBug:1077148)
Fix PPC ABI change in default configuration (RhBug:1085127)
Removed features
Remove support for %_noPayloadPrefix (rpm < 3.0.5 compatibility)
Remove experimental support for "collections", added in 4.9.0
API changes
New rpmtxnBegin() and rpmtxnEnd() to permit clients to control transaction locking
New rpmtsImportHeader() to permit importing "detached" headers into rpmdb
New rpmtsAddReinstallElement() function for reinstalling packages
New rpmdbIndexIteratorNextTd() provides a nicer iterator interface to rpmdb indexes
New file info set iterator functions: rpmfiFLinks(), rpmfiFindFN(), rpmfiStat()...
New file info set iterator functions for accessing original paths from relocated packages: rpmfiOFN(), rpmfiOBN(), rpmfiODN(), rpmfiFindOFN()
New archive API on top of file info iterators: (FIXME: describe...)
New "rpmfiles" object + related API for random access to file info sets
Many new file info set iteration modes (FIXME: describe...)
New rpmteFiles() to return transaction element file info set, to be used instead of rpmteFI()
New rpmdsTagF(), rpmdsTagEVR(), rpmdsD(), rpmdsPutToHeader(), rpmdsTi(), rpmdsTagTi() and rpmdsSinglePoolTix() methods to rpmds objects
Internal improvements and cleanups
Lots of cleanups all over the codebase
Former "file state manager" eliminated and rewritten
"Package state manager" largely eliminated
File IO subsystem sanity & improvements
Berkeley DB dependencies isolated to backend code
File info sets are finally properly opaque
Handle trigger indexes within rpmds objects
Partial thread-safety by added locks/mutexes (FIXME: describe...)
Configuration and macros
Logging
Keyrings and keys
...
Fix symlink timestamp on install on systems which support it
Fix problematic license on internal mergesort() implementation (removed)
Fix rpm dependency on libselinux (moved to a plugin)
Fix installation to always use header, not payload metadata
Fix global macro state side-effects from rpmInstallSourcePackage()
Fix oversized stack allocation on verify (RhBug:1106594)
Fix buffer overflows on malformed macro define/undefine (RhBug:1087000)
Optimize package generation and signing considerably
Optimize file requires processing
Optimize installed dependency processing
Plugins
A new plugin system, internal-only for now (FIXME: describe...)
Plugins included in this release:
systemd_inhibit plugin - preventing shutdown while transaction is in progress (RhBug:1109927)
selinux plugin - basic SELinux support, previously in librpm directly
syslog - example plugin for logging rpm activity to syslog
Python bindings
Database index iteration returns proper types for non-strings
New rpm.fi methods: FLinks(), FindFN(), OFN()...
New fi.FLinks() method added
New rpm.files object + related API for random access to file info sets
New rpm.archive object + related API for manipulating package payloads
New te.Files() method added
New addReinstall() method in transaction set objects (related to RhBug:966715, RhBug:1071854...)
New rpm.strpool object for utilizing shared string pool with eg rpm.fi and rpm.ds objects
New rpm.header_magic constant exported
Fix several Python 3 compatibility issues (RhBug:1064758
Fix build- and sign-module initialization (RhBug:1064758)
Fix sign-module missing module methods
Fix incompatible module name usage (foomodule.so vs foo.so)
Fix misc Python 2 vs 3 API difference issues
... FIXME:this list is very incomplete
Lua interface
New rpm.load() function for loading macro files
Build process
New test-cases for various issues
Fix dist tarballs to use PAX format to overcome UID/GID limitations
Fix in-tree python binding build with setup.py (related to RhBug:531543)
Fix librpmsign library to follow same versioning as other rpm libraries for consistency's sake
Summary of changes from RPM 4.11.1
General bugfixes and enhancements
Fix removed symlinks affecting fingerprinting (RhBug:???)
Fix bogus dependency check errors from installed packages with self-obsoletes and -conflicts
Fix bogus header growth on export in some circumstances, such as install (RhBug:953719)
Fix byteorder for 64bit tags on big-endian systems (RhBug:1012946)
Fix signature generation using RPMSIGTAG_LONGSIZE when not needed (RhBug:1012595)
Fix segfault executing a -p <lua> scriptlet without a body (RhBug:1004062)
Fix failure to install relocated package with unowned directories (RhBug:1001553)
Fix scriptlets in relocatable packages not always executing with $RPM_INSTALL_PREFIX* defined (RhBug:979443)
Fix RPMTAG_NOSOURCE and RPMTAG_NOPATCH tags defined as non-arrays (RhBug:991329)
Fix a possible loophole in file triplet sanity-checking
Fix name service initialization where passwd and group service differs from host (ticket #157)
Add support for ppc64le architecture
Package building
Fix double-free on %caps() wildcard %files entry (RhBug:956190)
Fix sub-package names not getting sanity-checked (RhBug:1039520)
Fix invalid separators in EVR passing sanity checking
Fix some invalid characters in dependency range operators passing sanity checking
Fix autogenerated dependencies bypassing sanity-checking (related to RhBug:503846)
Fix python libdirs in non-root prefix not getting bytecompiled (RhBug:868332)
Fix (remove) bogus __find_requires|provides macro definitions in macros.perl (RhBug:1043149)
Fix (really) debugedit choking on .debug_gdb_scripts section (SuseBug:818502)
Fix %autosetup git patch application to handle file additions (RhBug:1059285)
Add automatic generation for appdata() and application() provides
Add support for (quoted) whitespace in automatically generated dependencies (RhBug:503846)
Python bindings
Fix mode and flags not honored when reopening a file descriptor as rpm.fd
Fix RPMFILE_ICON and RPMFILE_SPECFILE constants missing
Fix rpm.dsSingle() swapped arguments (regession introduced in rpm 4.8.0)
Fix Python 3 compatibility issues in rpm.TransactionSet class
Fix module import succeeding on rpm initialization failure
Add .open() class-method to rpm.fd
Add open-mode and -flags to rpm.fd as properties
Add support for reopening an rpm.fd file descriptor
Add accessor for spec %check section
Add bindings for rpm stringpool
Add support for shared stringpool with rpm.fi and rpm.ds objects (optional pool argument to constructor)
Internal improvements and cleanups
Fix minor memory leak in %files parsing
Fix rpmstrPoolRehash() missing last id
Fix string pool artifacts (unreliable rpmstrPoolNumStr(), empty strings showing up on rehash etc) caused by dummy entries
Fix unnecessary /proc dependency if getauxval(3) is available
Fix various minor issues in beecrypt crypto backend
Fix possible mishandling of handing environment open on EACCESS and EROFS returns
Optimize / cleanup %attr() and %defattr() string storage
Optimize dependency set management in file classifier
Optimize MPI length validation
Optimize beecrypt crypto backend
Build process
Add upport 7za and 7z as alternatives to 7-zip
Fix an include portability issue
Add several new test-cases
Do it for all packages that
* mention perl, or
* have a directory name starting with p5-*, or
* depend on a package starting with p5-
like last time, for 5.18, where this didn't lead to complaints.
Let me know if you have any this time.
* Add -fno-stack-protector to CFLAGS to fix link error for SunOS.
* Patch configure.ac and regenerate the related stuff.
* Buildlink sysutils/file for libmagic.
* Detect dirfd, setprogname and htonll in configure script.
* Create PLIST for NetBSD and SunOS.
library dependencies, e.g. libiconv.so. Set BROKEN_GETTEXT_DETECTION=yes
to force LIBS to include -lintl and the right depenendent libraries
to work around this bug. This is acceptable since every executable
in misc/rpm is linked to -lintl anyway. This fixes PR pkg/33708.
INSTALL/DEINSTALL script creation within pkgsrc.
If an INSTALL or DEINSTALL script is found in the package directory,
it is automatically used as a template for the pkginstall-generated
scripts. If instead, they should be used simply as the full scripts,
then the package Makefile should set INSTALL_SRC or DEINSTALL_SRC
explicitly, e.g.:
INSTALL_SRC= ${PKGDIR}/INSTALL
DEINSTALL_SRC= # emtpy
As part of the restructuring of the pkginstall framework internals,
we now *always* generate temporary INSTALL or DEINSTALL scripts. By
comparing these temporary scripts with minimal INSTALL/DEINSTALL
scripts formed from only the base templates, we determine whether or
not the INSTALL/DEINSTALL scripts are actually needed by the package
(see the generate-install-scripts target in bsd.pkginstall.mk).
In addition, more variables in the framework have been made private.
The *_EXTRA_TMPL variables have been renamed to *_TEMPLATE, which are
more sensible names given the very few exported variables in this
framework. The only public variables relating to the templates are:
INSTALL_SRC INSTALL_TEMPLATE
DEINSTALL_SRC DEINSTALL_TEMPLATE
HEADER_TEMPLATE
The packages in pkgsrc have been modified to reflect the changes in
the pkginstall framework.
* Add a db1.builtin.mk file that detects whether DB-1.85 functionality
exists in the base system, and remove the distinction between
"native" and the other Berkeley DB packages -- we now refer to
db[1234]. This paves the way for any future databases/db1 package.
* USE_DB185 shouldn't need to be set by any packages -- its correct
value is now automatically determined by bdb.buildlink3.mk depending
on whether we explicitly request db1 or not. By default, if you
include bdb.buildlink3.mk, you want DB-1.85 functionality and
USE_DB185 defaults to "yes", but if you explicitly remove db1 from
the list of acceptable DBs, then USE_DB185 defaults to "no".
* Set BDB_LIBS to the library options needed to link against the DB
library when bdb.buildlink3.mk is included.
* We only add the DB library to the linker command automatically if
we want DB-1.85 functionality; otherwise assume that the package
configure process can figure out how to probe for the correct
headers and libraries.
Edit package Makefiles to nuke redundant settings of USE_DB185.
in the process. (More information on tech-pkg.)
Bump PKGREVISION and BUILDLINK_DEPENDS of all packages using libtool and
installing .la files.
Bump PKGREVISION (only) of all packages depending directly on the above
via a buildlink3 include.
alloca is available without explicitly pulling it in. use the devel/popt
pkg instead and fix PKGLOCALEDIR handling while I'm here.
fixes install on Solaris.
USE_PKGINSTALL is "YES". bsd.pkg.install.mk will no longer automatically
pick up a INSTALL/DEINSTALL script in the package directory and assume that
you want it for the corresponding *_EXTRA_TMPL variable.