Mandriva Update for rpm MDVSA-2012:056 (rpm)

Solution
Please Install the Updated Packages.
Insight
Multiple flaws were found in the way RPM parsed package file headers. An attacker could create a specially-crafted RPM package that, when its package header was accessed, or during package signature verification, could cause an application using the RPM library to crash or, potentially, execute arbitrary code (CVE-2012-0060, CVE-2012-0061, CVE-2012-0815). The updated packages have been patched to correct this issue.
Affected
rpm on Mandriva Enterprise Server 5.2, Mandriva Linux 2010.1