Mandriva Linux Security Advisory : rpm (MDVSA-2010:180)

A vulnerability has been found and corrected in rpm : lib/fsm.c in RPM 4.8.0 and unspecified 4.7.x and 4.6.x versions, and RPM before 4.4.3, does not properly reset the metadata of an executable file during replacement of the file in an RPM package upgrade, which might allow local users to gain...

CVE-2010-2059

CVE-2010-2059 affects RPM package manager: lib/fsm.c in RPM 4.8.0 and, per the description, unspecified 4.7.x and 4.6.x, and RPM before 4.4.3, may fail to reset executable file metadata during upgrade, potentially allowing local users to gain privileges by creating a hard link to a vulnerable (se...