Fedora 21 Security Update: rpm-4.12.0.1-4.fc21

Resolved Bugs
1172125 – CVE-2014-8118 CVE-2013-6435 rpm: various flaws [fedora-all]
1039811 – CVE-2013-6435 rpm: race condition during the installation process
1168715 – CVE-2014-8118 rpm: integer overflow and stack overflow in CPIO header parsing<br
– Add check against malicious CPIO file name size
– Fix race condidition where unchecked data is exposed in the file system

Leave a Reply