Vulnerability Name:

CVE-2012-0060 (CCN-74582)

Assigned:2011-12-07
Published:2012-04-03
Updated:2018-01-18
Summary:RPM before 4.9.1.3 does not properly validate region tags, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an invalid region tag in a package header to the (1) headerLoad, (2) rpmReadSignature, or (3) headerVerify function.
CVSS v3 Severity:9.0 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Changed
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
CVSS v2 Severity:6.8 Medium (CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
7.6 High (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C)
5.6 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
7.6 High (REDHAT CVSS v2 Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C)
5.6 Medium (REDHAT Temporal CVSS v2 Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): High
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-20
CWE-228
CWE-119
CWE-119
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2012-0060

Source: FEDORA
Type: UNKNOWN
FEDORA-2012-5298

Source: FEDORA
Type: UNKNOWN
FEDORA-2012-5420

Source: FEDORA
Type: UNKNOWN
FEDORA-2012-5421

Source: CCN
Type: RHSA-2012-0451
Important: rpm security update

Source: REDHAT
Type: UNKNOWN
RHSA-2012:0451

Source: REDHAT
Type: UNKNOWN
RHSA-2012:0531

Source: CONFIRM
Type: UNKNOWN
http://rpm.org/gitweb?p=rpm.git;a=commitdiff;h=e4eab2bc6d07cfd33f740071de7ddbb2fe2f4190

Source: CONFIRM
Type: UNKNOWN
http://rpm.org/gitweb?p=rpm.git;a=commitdiff;h=f23998251992b8ae25faf5113c42fee2c49c7f29

Source: CONFIRM
Type: UNKNOWN
http://rpm.org/wiki/Releases/4.9.1.3

Source: CCN
Type: SA48651
RPM Package Manager Header Parsing Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
48651

Source: SECUNIA
Type: Vendor Advisory
48716

Source: SECUNIA
Type: Vendor Advisory
49110

Source: MANDRIVA
Type: UNKNOWN
MDVSA-2012:056

Source: CONFIRM
Type: UNKNOWN
http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

Source: OSVDB
Type: UNKNOWN
81010

Source: CCN
Type: OSVDB ID: 81010
Red Hat Package Manager (RPM) Multiple Function Region Tag Parsing Remote Code Execution

Source: CCN
Type: RPM Web site
RPM Package Manager (RPM)

Source: BID
Type: UNKNOWN
52865

Source: CCN
Type: BID-52865
RPM Multiple Denial of Service Vulnerabilities

Source: SECTRACK
Type: UNKNOWN
1026882

Source: UBUNTU
Type: UNKNOWN
USN-1695-1

Source: CCN
Type: Red Hat Bugzilla Bug 744858
CVE-2012-0060 rpm: insufficient validation of region tags

Source: MISC
Type: UNKNOWN
https://bugzilla.redhat.com/show_bug.cgi?id=744858

Source: XF
Type: UNKNOWN
rpm-loadsigverify-code-execution(74582)

Source: XF
Type: UNKNOWN
rpm-loadsigverify-code-execution(74582)

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2012:0588

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2012:0589

Vulnerable Configuration:Configuration 1:
  • cpe:/a:rpm:rpm:1.2:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:1.3:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:1.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:1.4:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:1.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:1.4.2:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:1.4.2/a:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:1.4.3:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:1.4.4:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:1.4.5:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:1.4.6:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:1.4.7:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.0:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.0.9:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.0.10:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.0.11:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.1:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.2:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.2.3:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.2.3.10:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.2.3.11:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.2.4:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.2.5:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.2.6:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.2.7:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.2.8:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.2.9:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.2.10:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.2.11:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.3:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.3.2:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.3.3:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.3.4:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.3.5:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.3.6:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.3.7:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.3.8:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.3.9:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.4.2:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.4.3:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.4.4:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.4.5:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.4.6:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.4.8:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.4.9:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.4.11:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.4.12:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.5:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.5.1:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.5.2:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.5.3:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.5.4:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.5.5:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.5.6:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:2.6.7:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:3.0:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:3.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:3.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:3.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:3.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:3.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:3.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:4.0:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:4.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:4.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:4.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:4.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:4.1:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:4.3.3:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:4.4.2.1:-:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:4.4.2.2:-:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:4.4.2.3:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:4.5.90:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:4.6.0:-:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:4.6.0:rc1:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:4.6.0:rc2:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:4.6.0:rc3:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:4.6.0:rc4:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:4.6.1:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:4.7.0:-:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:4.7.1:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:4.7.2:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:4.8.0:-:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:4.8.1:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:4.9.0:-:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:4.9.0:alpha:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:4.9.0:beta1:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:4.9.0:rc1:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:4.9.1:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:4.9.1.1:*:*:*:*:*:*:*
  • OR cpe:/a:rpm:rpm:*:*:*:*:*:*:*:* (Version <= 4.9.1.2)

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:5::client:*:*:*:*:*

    • Configuration RedHat 3:
  • cpe:/o:redhat:enterprise_linux:5::client_workstation:*:*:*:*:*

    • Configuration RedHat 4:
  • cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

    • Configuration RedHat 5:
  • cpe:/o:redhat:enterprise_linux:6:*:*:*:*:*:*:*

    • Configuration RedHat 6:
  • cpe:/o:redhat:enterprise_linux:6::client:*:*:*:*:*

    • Configuration RedHat 7:
  • cpe:/o:redhat:enterprise_linux:6::computenode:*:*:*:*:*

    • Configuration RedHat 8:
  • cpe:/o:redhat:enterprise_linux:6::server:*:*:*:*:*

    • Configuration RedHat 9:
  • cpe:/o:redhat:enterprise_linux:6::workstation:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:rpm:rpm:4.8.0:-:*:*:*:*:*:*
  • AND
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client_workstation:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:6:*:server:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:6:*:workstation:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_desktop:6:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_hpc_node:6:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_server_eus:6.1.z:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_eus:5.6.z::server:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_long_life:5.6:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20120060
    V
    		CVE-2012-0060
    2022-05-20
    oval:org.opensuse.security:def:33109
    P
    		Security update for java-1_8_0-ibm (Important) (in QA)
    2022-01-04
    oval:org.opensuse.security:def:33052
    P
    		Security update for openexr (Moderate)
    2021-12-01
    oval:org.opensuse.security:def:29454
    P
    		Security update for clamav (Moderate)
    2021-12-01
    oval:org.opensuse.security:def:30153
    P
    		Security update for java-1_7_0-openjdk (Important)
    2021-11-24
    oval:org.opensuse.security:def:29415
    P
    		Security update for bind (Moderate)
    2021-08-30
    oval:org.opensuse.security:def:30190
    P
    		Security update for samba (Important)
    2021-04-29
    oval:org.opensuse.security:def:29471
    P
    		Security update for bind (Important)
    2021-02-18
    oval:org.opensuse.security:def:28933
    P
    		Security update for the Linux Kernel (Important)
    2021-02-11
    oval:org.opensuse.security:def:32957
    P
    		Security update for postgresql, postgresql12, postgresql13 (Important)
    2021-01-26
    oval:org.opensuse.security:def:29366
    P
    		Security update for dnsmasq (Important)
    2021-01-19
    oval:org.opensuse.security:def:29312
    P
    		Security update for cyrus-sasl (Important)
    2020-12-28
    oval:org.opensuse.security:def:32822
    P
    		Security update for python-cryptography (Moderate)
    2020-12-04
    oval:org.opensuse.security:def:29160
    P
    		Security update for libxml2 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28721
    P
    		Security update for kdirstat
    2020-12-01
    oval:org.opensuse.security:def:33520
    P
    		Security update for squid
    2020-12-01
    oval:org.opensuse.security:def:28733
    P
    		Security update for kvm (Important)
    2020-12-01
    oval:org.opensuse.security:def:34202
    P
    		Security update for perl-Archive-Zip (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:33196
    P
    		libzip1 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32731
    P
    		libsamplerate on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:29515
    P
    		Security update for ImageMagick (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:33409
    P
    		Security update for cobbler (Important)
    2020-12-01
    oval:org.opensuse.security:def:29076
    P
    		Security update for curl (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32743
    P
    		logrotate on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:33497
    P
    		Security update for lvm2, lvm2-clvm, lvm2-clvm-debuginfo, lvm2-clvm-debugsource, lvm2-debuginfo, lvm2-debugsource
    2020-12-01
    oval:org.opensuse.security:def:28722
    P
    		Security update for Linux kernel
    2020-12-01
    oval:org.opensuse.security:def:33564
    P
    		Security update for ImageMagick (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:28802
    P
    		Security update for openssl (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:34242
    P
    		Security update for RPM
    2020-12-01
    oval:org.opensuse.security:def:33352
    P
    		Security update for openssl (Important)
    2020-12-01
    oval:org.opensuse.security:def:29019
    P
    		Security update for pacemaker (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32732
    P
    		libsndfile on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:33458
    P
    		Security update for iSCSI
    2020-12-01
    oval:org.mitre.oval:def:17842
    P
    		USN-1695-1 -- rpm vulnerabilities
    2014-06-30
    oval:org.mitre.oval:def:23758
    P
    		ELSA-2012:0451: rpm security update (Important)
    2014-05-26
    oval:org.mitre.oval:def:20938
    P
    		RHSA-2012:0451: rpm security update (Important)
    2014-02-24
    oval:org.mitre.oval:def:20408
    V
    		VMware vSphere and vCOps updates to third party libraries
    2014-01-20
    oval:com.ubuntu.precise:def:20120060000
    V
    		CVE-2012-0060 on Ubuntu 12.04 LTS (precise) - low.
    2012-06-04
    oval:com.redhat.rhsa:def:20120451
    P
    		RHSA-2012:0451: rpm security update (Important)
    2012-04-03
    BACK
    rpm rpm 1.2
    rpm rpm 1.3
    rpm rpm 1.3.1
    rpm rpm 1.4
    rpm rpm 1.4.1
    rpm rpm 1.4.2
    rpm rpm 1.4.2/a
    rpm rpm 1.4.3
    rpm rpm 1.4.4
    rpm rpm 1.4.5
    rpm rpm 1.4.6
    rpm rpm 1.4.7
    rpm rpm 2.0
    rpm rpm 2.0.1
    rpm rpm 2.0.2
    rpm rpm 2.0.3
    rpm rpm 2.0.4
    rpm rpm 2.0.5
    rpm rpm 2.0.6
    rpm rpm 2.0.7
    rpm rpm 2.0.8
    rpm rpm 2.0.9
    rpm rpm 2.0.10
    rpm rpm 2.0.11
    rpm rpm 2.1
    rpm rpm 2.1.1
    rpm rpm 2.1.2
    rpm rpm 2.2
    rpm rpm 2.2.1
    rpm rpm 2.2.2
    rpm rpm 2.2.3
    rpm rpm 2.2.3.10
    rpm rpm 2.2.3.11
    rpm rpm 2.2.4
    rpm rpm 2.2.5
    rpm rpm 2.2.6
    rpm rpm 2.2.7
    rpm rpm 2.2.8
    rpm rpm 2.2.9
    rpm rpm 2.2.10
    rpm rpm 2.2.11
    rpm rpm 2.3
    rpm rpm 2.3.1
    rpm rpm 2.3.2
    rpm rpm 2.3.3
    rpm rpm 2.3.4
    rpm rpm 2.3.5
    rpm rpm 2.3.6
    rpm rpm 2.3.7
    rpm rpm 2.3.8
    rpm rpm 2.3.9
    rpm rpm 2.4.1
    rpm rpm 2.4.2
    rpm rpm 2.4.3
    rpm rpm 2.4.4
    rpm rpm 2.4.5
    rpm rpm 2.4.6
    rpm rpm 2.4.8
    rpm rpm 2.4.9
    rpm rpm 2.4.11
    rpm rpm 2.4.12
    rpm rpm 2.5
    rpm rpm 2.5.1
    rpm rpm 2.5.2
    rpm rpm 2.5.3
    rpm rpm 2.5.4
    rpm rpm 2.5.5
    rpm rpm 2.5.6
    rpm rpm 2.6.7
    rpm rpm 3.0
    rpm rpm 3.0.1
    rpm rpm 3.0.2
    rpm rpm 3.0.3
    rpm rpm 3.0.4
    rpm rpm 3.0.5
    rpm rpm 3.0.6
    rpm rpm 4.0.
    rpm rpm 4.0.1
    rpm rpm 4.0.2
    rpm rpm 4.0.3
    rpm rpm 4.0.4
    rpm rpm 4.1
    rpm rpm 4.3.3
    rpm rpm 4.4.2.1
    rpm rpm 4.4.2.2
    rpm rpm 4.4.2.3
    rpm rpm 4.5.90
    rpm rpm 4.6.0
    rpm rpm 4.6.0 rc1
    rpm rpm 4.6.0 rc2
    rpm rpm 4.6.0 rc3
    rpm rpm 4.6.0 rc4
    rpm rpm 4.6.1
    rpm rpm 4.7.0
    rpm rpm 4.7.1
    rpm rpm 4.7.2
    rpm rpm 4.8.0
    rpm rpm 4.8.1
    rpm rpm 4.9.0
    rpm rpm 4.9.0 alpha
    rpm rpm 4.9.0 beta1
    rpm rpm 4.9.0 rc1
    rpm rpm 4.9.1
    rpm rpm 4.9.1.1
    rpm rpm *
    rpm rpm 4.8.0
    redhat enterprise linux 5
    redhat enterprise linux 5
    redhat enterprise linux 5
    redhat enterprise linux 6
    redhat enterprise linux 6
    redhat enterprise linux desktop 6
    redhat enterprise linux hpc node 6
    redhat enterprise linux server eus 6.1.z
    redhat enterprise linux eus 5.6.z
    redhat enterprise linux long life 5.6