From Fedora Project Wiki
(Change approved by FESCo)
m (Link to rendered manual)
 
(One intermediate revision by one other user not shown)
Line 24: Line 24:
* [https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/thread/VRF6MT6BIXCEODH73KPD3PXIPHCDLALO/ devel thread]
* [https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/thread/VRF6MT6BIXCEODH73KPD3PXIPHCDLALO/ devel thread]
* FESCo issue: [https://pagure.io/fesco/issue/2781 #2781]
* FESCo issue: [https://pagure.io/fesco/issue/2781 #2781]
* Tracker bug: <will be assigned by the Wrangler>
* Tracker bug: [https://bugzilla.redhat.com/show_bug.cgi?id=2079029 #2079029]
* Release notes tracker: <will be assigned by the Wrangler>
* Release notes tracker: [https://pagure.io/fedora-docs/release-notes/issue/823 #823]


== Detailed Description ==
== Detailed Description ==
Line 79: Line 79:


== Documentation ==
== Documentation ==
Work-in-progress release notes at https://rpm.org/wiki/Releases/4.18.0 and reference manual at https://github.com/rpm-software-management/rpm/blob/master/doc/manual/index.md
Work-in-progress release notes at https://rpm.org/wiki/Releases/4.18.0 and reference manual at  
https://rpm-software-management.github.io/rpm/manual/


== Release Notes ==
== Release Notes ==
https://rpm.org/wiki/Releases/4.18.0
https://rpm.org/wiki/Releases/4.18.0

Latest revision as of 06:26, 29 June 2022

RPM 4.18

Summary

Update RPM to the 4.18 release.

Owner

Current status

Detailed Description

RPM 4.18 contains various improvements over previous versions, but in particular this release addresses a whole class of symlink handling related security issues, some with CVE's, from 2021. Other notable improvements include

  • A more intuitive conditional builds macro %bcond
  • A more robust and secure --restore functionality
  • Long-standing %patch quirks fixed
  • Weak dependencies accept qualifiers like meta and pre now
  • New interactive shell for working with macros (rpmspec --shell) and embedded Lua (rpmlua)
  • New %conf spec section for build configuration
  • New rpmuncompress cli tool simplifies unpacking multiple sources
  • Numerous macro improvements and fixes
  • Numerous OpenPGP parser correctness and security fixes


Benefit to Fedora

The main benefits of this release are increased security and packaging experience improvements, see above for details.

Scope

  • Proposal owners:
    • Rebase RPM
    • Assist with dealing with incompatibilities
  • Other developers:
    • Test new release, report issues and bugs
  • Policies and guidelines: N/A (not needed for this Change). Utilizing new rpm features is subject to packaging guidelines but othe
  • Trademark approval: N/A (not needed for this Change)
  • Alignment with Objectives: N/A (no relation to current objectives)

Upgrade/compatibility impact

There are no noteworthy compatibility issues with this release.

How To Test

Rpm receives a thorough and constant testing via every single package build, system installs and updates. New features can be tested specifically as per their documentation.

User Experience

There are no major differences in the normal user experience.

Dependencies

  • No new dependencies are introduced in this release
  • Other changes are known to be affected
  • Library soname will not change so no rebuilds are required

Contingency Plan

  • Contingency mechanism: Revert back to RPM 4.17
  • Contingency deadline: Beta freeze
  • Blocks release? No

Documentation

Work-in-progress release notes at https://rpm.org/wiki/Releases/4.18.0 and reference manual at https://rpm-software-management.github.io/rpm/manual/

Release Notes

https://rpm.org/wiki/Releases/4.18.0