From 1be510f9529cb082f802408b472a77d074b394c0 Mon Sep 17 00:00:00 2001 From: Nicolas Vigier Date: Sun, 14 Apr 2013 13:46:12 +0000 Subject: Add zarb MLs html archives --- zarb-ml/mageia-dev/2013-March/023280.html | 78 +++++++++++++++++++++++++++++++ 1 file changed, 78 insertions(+) create mode 100644 zarb-ml/mageia-dev/2013-March/023280.html (limited to 'zarb-ml/mageia-dev/2013-March/023280.html') diff --git a/zarb-ml/mageia-dev/2013-March/023280.html b/zarb-ml/mageia-dev/2013-March/023280.html new file mode 100644 index 000000000..59fc323c2 --- /dev/null +++ b/zarb-ml/mageia-dev/2013-March/023280.html @@ -0,0 +1,78 @@ + + + + [Mageia-dev] Regular users installing updates through packagekit or rpmdrake + + + + + + + + + +

[Mageia-dev] Regular users installing updates through packagekit or rpmdrake

+ David Walser + luigiwalser at yahoo.com +
+ Mon Mar 4 22:38:45 CET 2013 +

+
+ +
OpenSuSE issued an advisory for PackageKit, because when systems were configured to allow regular users to install security updates, they also had the ability to install *older* updates than the newest, reintroducing security issues into the system.
+
+Does PackageKit in Mageia, or even our own rpmdrake tool which can be configured to allow users to install updates, have an issue with this?
+
+References:
+http://lists.opensuse.org/opensuse-updates/2013-03/msg00006.html
+https://bugzilla.novell.com/show_bug.cgi?id=804983
+http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1764
+
+ + + + + + + + + + + + + + + + + +
+

+ +
+More information about the Mageia-dev +mailing list
+ -- cgit v1.2.1