A rpm security update has been released for openSUSE Leap 15.3.

openSUSE-SU-2021:3445-1: important: Security update for rpm

openSUSE Security Update: Security update for rpm
______________________________________________________________________________

Announcement ID: openSUSE-SU-2021:3445-1
Rating: important
References: #1183659 #1185299 #1187670 #1188548
Affected Products:
openSUSE Leap 15.3
______________________________________________________________________________

An update that contains security fixes can now be installed.

Description:

This update for rpm fixes the following issues:

Security issues fixed:

- PGP hardening changes (bsc#1185299)

Maintaince issues fixed:

- Fixed zstd detection (bsc#1187670)
- Added ndb rofs support (bsc#1188548)
- Fixed deadlock when multiple rpm processes try tp acquire the database
lock (bsc#1183659)

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.3:

zypper in -t patch openSUSE-SLE-15.3-2021-3445=1


Package List:

- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):

python-rpm-debugsource-4.14.3-40.1
python2-rpm-4.14.3-40.1
python2-rpm-debuginfo-4.14.3-40.1
python3-rpm-4.14.3-40.1
python3-rpm-debuginfo-4.14.3-40.1
rpm-4.14.3-40.1
rpm-build-4.14.3-40.1
rpm-build-debuginfo-4.14.3-40.1
rpm-debuginfo-4.14.3-40.1
rpm-debugsource-4.14.3-40.1
rpm-devel-4.14.3-40.1
rpm-ndb-4.14.3-40.1
rpm-ndb-debuginfo-4.14.3-40.1
rpm-ndb-debugsource-4.14.3-40.1

- openSUSE Leap 15.3 (x86_64):

rpm-32bit-4.14.3-40.1
rpm-32bit-debuginfo-4.14.3-40.1
rpm-ndb-32bit-4.14.3-40.1
rpm-ndb-32bit-debuginfo-4.14.3-40.1

References:

  https://bugzilla.suse.com/1183659
  https://bugzilla.suse.com/1185299
  https://bugzilla.suse.com/1187670
  https://bugzilla.suse.com/1188548