Release | Version |
---|---|
stretch | 4.12.0.2+dfsg1-2 |
buster | 4.14.2.1+dfsg1-1 |
bullseye | 4.16.1.2+dfsg1-0.4 |
sid | 4.16.1.2+dfsg1-0.6 |
Bug | stretch | buster | bullseye | sid | Description |
---|---|---|---|---|---|
CVE-2021-20271 | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable | A flaw was found in RPM's signature check functionality when reading a ... |
CVE-2021-20266 | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable | |
CVE-2021-20249 | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable | |
CVE-2021-20248 | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable | |
CVE-2021-3421 | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable |
Bug | stretch | buster | bullseye | sid | Description |
---|---|---|---|---|---|
CVE-2017-7501 | vulnerable | vulnerable | vulnerable | vulnerable | It was found that versions of rpm before 4.13.0.2 use temporary files ... |
CVE-2017-7500 | vulnerable | vulnerable | vulnerable | vulnerable | It was found that rpm did not properly handle RPM installations when a ... |
CVE-2010-2199 | vulnerable | vulnerable | vulnerable | vulnerable | lib/fsm.c in RPM 4.8.0 and earlier does not properly reset the metadat ... |
CVE-2010-2198 | vulnerable | vulnerable | vulnerable | vulnerable | lib/fsm.c in RPM 4.8.0 and earlier does not properly reset the metadat ... |
Bug | Description |
---|---|
CVE-2014-8118 | Integer overflow in RPM 4.12 and earlier allows remote attackers to ex ... |
CVE-2013-6435 | Race condition in RPM 4.11.1 and earlier allows remote attackers to ex ... |
CVE-2012-6088 | The rpmpkgRead function in lib/package.c in RPM 4.10.x before 4.10.2 d ... |
CVE-2012-0815 | The headerVerifyInfo function in lib/header.c in RPM before 4.9.1.3 al ... |
CVE-2012-0061 | The headerLoad function in lib/header.c in RPM before 4.9.1.3 does not ... |
CVE-2012-0060 | RPM before 4.9.1.3 does not properly validate region tags, which allow ... |
CVE-2011-3378 | RPM 4.4.x through 4.9.x, probably before 4.9.1.2, allows remote attack ... |
CVE-2010-2197 | rpmbuild in RPM 4.8.0 and earlier does not properly parse the syntax o ... |
CVE-2010-2059 | lib/fsm.c in RPM 4.8.0 and unspecified 4.7.x and 4.6.x versions, and R ... |
CVE-2006-5466 | Heap-based buffer overflow in the showQueryPackage function in librpm ... |
CVE-2005-4889 | lib/fsm.c in RPM before 4.4.3 does not properly reset the metadata of ... |
CVE-2005-2096 | zlib 1.2 and later versions allows remote attackers to cause a denial ... |
DSA / DLA | Description |
---|---|
DLA-140-1 | rpm - security update |
DSA-3129-1 | rpm - security update |