|
|
Subscribe / Log in / New account

Scientific Linux alert SLSA-2018:1224-1 (PackageKit)



From:
    	      Scott Reid <svreid@fnal.gov> 


To:
    	      <scientific-linux-errata@listserv.fnal.gov> 


Subject:
    	      Security ERRATA Moderate: PackageKit on SL7.x x86_64 


Date:
    	      Mon, 30 Apr 2018 18:51:31 +0000


Message-ID:
    	      <20180430185131.26096.38046@slpackages.fnal.gov>


Synopsis:          Moderate: PackageKit security update
Advisory ID:       SLSA-2018:1224-1
Issue Date:        2018-04-24
CVE Numbers:       CVE-2018-1106
--

Security Fix(es):

* PackageKit: authentication bypass allows to install signed packages
without administrator privileges (CVE-2018-1106)
--

SL7
  x86_64
    PackageKit-1.1.5-2.sl7_5.x86_64.rpm
    PackageKit-command-not-found-1.1.5-2.sl7_5.x86_64.rpm
    PackageKit-debuginfo-1.1.5-2.sl7_5.i686.rpm
    PackageKit-debuginfo-1.1.5-2.sl7_5.x86_64.rpm
    PackageKit-glib-1.1.5-2.sl7_5.i686.rpm
    PackageKit-glib-1.1.5-2.sl7_5.x86_64.rpm
    PackageKit-gstreamer-plugin-1.1.5-2.sl7_5.x86_64.rpm
    PackageKit-gtk3-module-1.1.5-2.sl7_5.i686.rpm
    PackageKit-gtk3-module-1.1.5-2.sl7_5.x86_64.rpm
    PackageKit-yum-1.1.5-2.sl7_5.x86_64.rpm
    PackageKit-1.1.5-2.sl7_5.i686.rpm
    PackageKit-cron-1.1.5-2.sl7_5.x86_64.rpm
    PackageKit-glib-devel-1.1.5-2.sl7_5.i686.rpm
    PackageKit-glib-devel-1.1.5-2.sl7_5.x86_64.rpm
    PackageKit-yum-plugin-1.1.5-2.sl7_5.x86_64.rpm

- Scientific Linux Development Team
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds