https://fedoraproject.org/wiki/Changes/RPM-4.18 == Summary == Update RPM to the [https://rpm.org/wiki/Releases/4.18.0 4.18] release. == Owner == * Name: [[User:pmatilai|Panu Matilainen]] * Email: pmatilai@xxxxxxxxxx == Detailed Description == RPM 4.18 contains various improvements over previous versions, but in particular this release addresses a whole class of symlink handling related security issues, some with CVE's, from 2021. Other notable improvements include * A more intuitive conditional builds macro `%bcond` * A more robust and secure `--restore` functionality * Long-standing `%patch` quirks fixed * Weak dependencies accept qualifiers like `meta` and `pre` now * New interactive shell for working with macros (`rpmspec --shell`) and embedded Lua (`rpmlua`) * New `%conf` spec section for build configuration * New `rpmuncompress` cli tool simplifies unpacking multiple sources * Numerous macro improvements and fixes * Numerous OpenPGP parser correctness and security fixes == Benefit to Fedora == The main benefits of this release are increased security and packaging experience improvements, see above for details. == Scope == * Proposal owners: ** Rebase RPM ** Assist with dealing with incompatibilities * Other developers: ** Test new release, report issues and bugs * Release engineering: [https://pagure.io/releng/issue/10742 #10742] * Policies and guidelines: N/A (not needed for this Change). Utilizing new rpm features is subject to packaging guidelines but othe * Trademark approval: N/A (not needed for this Change) * Alignment with Objectives: N/A (no relation to current objectives) == Upgrade/compatibility impact == There are no noteworthy compatibility issues with this release. == How To Test == Rpm receives a thorough and constant testing via every single package build, system installs and updates. New features can be tested specifically as per their documentation. == User Experience == There are no major differences in the normal user experience. == Dependencies == * No new dependencies are introduced in this release * Other changes are known to be affected * Library soname will not change so no rebuilds are required == Contingency Plan == * Contingency mechanism: Revert back to RPM 4.17 * Contingency deadline: Beta freeze * Blocks release? No == Documentation == Work-in-progress release notes at https://rpm.org/wiki/Releases/4.18.0 and reference manual at https://github.com/rpm-software-management/rpm/blob/master/doc/manual/index.md == Release Notes == https://rpm.org/wiki/Releases/4.18.0 -- Ben Cotton He / Him / His Fedora Program Manager Red Hat TZ=America/Indiana/Indianapolis _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
