--- lib/cpio.c.CVE20102059	2010-11-15 19:15:57.000000000 +0530
+++ lib/cpio.c	2010-11-15 19:16:00.000000000 +0530
@@ -339,10 +339,15 @@
     int left = hdr->size;
     int rc = 0;
     struct cpioCallbackInfo cbInfo = { NULL, 0, 0, 0 };
-    struct stat sb;
+    struct stat64 sb;
 
     /* Rename the old file before attempting unlink to avoid EBUSY errors */
-    if (!lstat(hdr->path, &sb)) {
+    if (!lstat64(hdr->path, &sb)) {
+        if (sb.st_mode & (S_ISUID|S_ISGID)) {
+            if (S_ISREG(sb.st_mode) && (sb.st_mode & 06000) != 0) {
+                (void) chmod(hdr->path, sb.st_mode & 0777);
+            }
+        }
 	strcpy(buf, hdr->path);
 	strcat(buf, "-RPMDELETE");
 	if (rename(hdr->path, buf)) {
--- lib/uninstall.c.CVE20102059	2010-11-15 19:16:05.000000000 +0530
+++ lib/uninstall.c	2010-11-15 19:16:08.000000000 +0530
@@ -19,6 +19,7 @@
 {
     int rc = 0;
     char * newfile;
+    struct stat64 sb;
 	
     switch (action) {
 
@@ -46,6 +47,13 @@
 		rc = 1;
 	    }
 	} else {
+            if (!lstat64(file, &sb)) {
+                if (sb.st_mode & (S_ISUID|S_ISGID)) {
+                    if (S_ISREG(sb.st_mode) && (sb.st_mode & 06000) != 0) {
+                        (void) chmod(file, sb.st_mode & 0777);
+                    }
+                }
+            }
 	    if (unlink(file)) {
 		if (errno != ENOENT || !(flags & RPMFILE_MISSINGOK)) {
 		    rpmError(RPMERR_UNLINK,