FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

rpm4 -- Multiple Vulnerabilities

Affected packages
rpm4 < 4.18.0

Details

VuXML ID 0c52abde-717b-11ed-98ca-40b034429ecf
Discovery 2022-08-22
Entry 2022-12-01

rpm project reports:

Fix intermediate symlinks not verified (CVE-2021-35939).

Fix subkey binding signatures not checked on PGP public keys (CVE-2021-3521).

Refactor file and directory operations to use fd-based APIs throughout (CVE-2021-35938)

[source]

References

CVE Name CVE-2021-3521
CVE Name CVE-2021-35938
CVE Name CVE-2021-35939

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.