There was a problem with rpm tests after applying those patches. We will examine this problem and we will probably include these patches in beta release.
Lubos ----- Original Message ----- > From: "Thierry Vignaud" <thierry.vign...@gmail.com> > To: "Florian Festi" <ffe...@redhat.com> > Cc: rpm-maint@lists.rpm.org > Sent: Monday, August 3, 2015 12:19:29 PM > Subject: Re: [Rpm-maint] RPM 4.13.0-alpha released > > On 30 July 2015 at 12:18, Thierry Vignaud <thierry.vign...@gmail.com> wrote: > > rpm-4.13 is stricter about multiple (classic package) triggers: > > "error: line 320: Trigger fired by the same package is already defined > > in spec file: %triggerpostun -- initscripts < 8.88-5" > > > > This is caused by this which worked fine until now: > > > > %triggerpostun -- initscripts <= 4.72 > > (...) > > > > %triggerpostun -- initscripts <= 8.38-2 > > (...) > > > > Here I can safely kill very old triggers. > > But there's obviously real cases where we might want to have two > > similar triggers, only differing by the version that trigger it. > > (eg: fixing a 1st issue when upgrading to distro N to N+2, and fixing > > another one when upgrading from distro N+1 to N+2) > > > > This is due to this commit: > > http://rpm.org/gitweb?p=rpm.git;a=commitdiff;h=3ae1c414f69a0eddbfecd4341dd27c7a5e90e12a > > > > This is breaking existing packages > > Why imposing this limit? > > Why would it be OK for file triggers but not for package triggers? > > Do we really want to enforce at rpm level the fact that some distro > > only support upgrading from version N to version N+1? > > > > I suggest we revert that commit (& adjust > > http://rpm.org/wiki/Releases/4.13.0) > > WDYT? > > Also, is there any reason why the following security patches are not > yet integrated? > > http://pkgs.fedoraproject.org/cgit/rpm.git/tree/rpm.spec?id=977533abf2b72d3828a1bcd7b596f418f8cbd27b#n67 > > # Fix race condidition where unchecked data is exposed in the file system > Patch308: rpm-4.12.0.x-CVE-2013-6435.patch > # Add check against malicious CPIO file name size > Patch309: rpm-4.12.0.x-CVE-2014-8118.patch > > See you > _______________________________________________ > Rpm-maint mailing list > Rpm-maint@lists.rpm.org > http://lists.rpm.org/mailman/listinfo/rpm-maint > _______________________________________________ Rpm-maint mailing list Rpm-maint@lists.rpm.org http://lists.rpm.org/mailman/listinfo/rpm-maint