RPM, one of the oldest and most widely used package management systems in Linux, the backbone of distributions like RHEL, Fedora, openSUSE, and others, has released version 6.0.1, a focused bugfix update addressing several regressions introduced in RPM 6.0 earlier this year.
The update resolves multiple issues affecting the reliability of package installation and upgrades. A regression in FILEDEPENDSX tag handling is corrected, along with a fingerprinting crash and a long-standing problem where file triggers could run twice during upgrades, thus restoring expected behavior for complex transactions.
Signature verification is another area receiving corrections. The release fixes rpmkeys failures when deleting keys by full fingerprint, addresses NOTTRUSTED signature handling that previously caused unexpected verification errors, and improves signature sorting in output. Error handling on keystore load is also tightened.
The build system benefits from several fixes as well, including resolving issues when building without Sequoia support, addressing compilation problems on AIX, and silencing CMake 3.31 normalized path warnings. Plus, vendors can now pass additional options to find-debuginfo, improving flexibility in build pipelines.
Lastly, RPM 6.0.1 also includes documentation improvements, with updated man pages and corrections across various sections.
For more information, see the release notes.
