rpm (SL7)

Synopsis: Moderate: rpm security update
Advisory ID: SLSA-2021:4785-1
Issue Date: 2021-11-24
CVE Numbers: CVE-2021-20271

Security Fix(es):

* rpm: Signature checks bypass via corrupted rpm package (CVE-2021-20271)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE

SL7
x86_64
rpm-4.11.3-48.el7_9.x86_64.rpm
rpm-build-4.11.3-48.el7_9.x86_64.rpm
rpm-build-libs-4.11.3-48.el7_9.i686.rpm
rpm-build-libs-4.11.3-48.el7_9.x86_64.rpm
rpm-debuginfo-4.11.3-48.el7_9.i686.rpm
rpm-debuginfo-4.11.3-48.el7_9.x86_64.rpm
rpm-libs-4.11.3-48.el7_9.i686.rpm
rpm-libs-4.11.3-48.el7_9.x86_64.rpm
rpm-python-4.11.3-48.el7_9.x86_64.rpm
rpm-devel-4.11.3-48.el7_9.i686.rpm
rpm-devel-4.11.3-48.el7_9.x86_64.rpm
rpm-plugin-systemd-inhibit-4.11.3-48.el7_9.x86_64.rpm
rpm-sign-4.11.3-48.el7_9.x86_64.rpm
noarch
rpm-apidocs-4.11.3-48.el7_9.noarch.rpm
rpm-cron-4.11.3-48.el7_9.noarch.rpm

– Scientific Linux Development Team