Mailinglist Archive: opensuse-bugs (10137 mails)
| < Previous | Next > |
[Bug 551743] New: zypper superflously suggests securoty fix
- From: bugzilla_noreply@xxxxxxxxxx
- Date: Sun, 1 Nov 2009 12:44:34 -0700
- Message-id: <bug-551743-21960@xxxxxxxxxxxxxxxxxxxxxxxx/>
http://bugzilla.novell.com/show_bug.cgi?id=551743
User lmuelle@xxxxxxxxxx added comment
http://bugzilla.novell.com/show_bug.cgi?id=551743#c6763
Summary: zypper superflously suggests securoty fix
Classification: openSUSE
Product: openSUSE 11.2
Version: RC 2
Platform: Other
OS/Version: Other
Status: NEW
Severity: Minor
Priority: P5 - None
Component: libzypp
AssignedTo: zypp-maintainers@xxxxxxxxxxxxxxxxxxxxxx
ReportedBy: lmuelle@xxxxxxxxxx
QAContact: qa@xxxxxxx
Found By: ---
This is a test update for 11.2 RC1. Top of changes:
------------------------------------------------------------
------- Thu Oct 8 21:54:16 CEST 2009 - lmuelle@xxxxxxx
- Update to 3.4.2.
+ Fix unresolved home path; CVE-2009-2813; (bso#6763);
(bnc#539517).
+ Fix potential denial of service; CVE-2009-2906;
(bso#6768); (bnc#543115).
while the system in question has cifs-mount in version 3.4.3 installed which
includes from the package change log level:
[ 8< ]
* Thu Oct 08 2009 lmuelle@xxxxxxx
- Update to 3.4.2.
+ Fix unresolved home path; CVE-2009-2813; (bso#6763); (bnc#539517).
+ Fix potential denial of service; CVE-2009-2906; (bso#6768); (bnc#543115).
+ Fix potential mount.cifs password leaks; CVE-2009-2948; (bnc#542150).
[ 8< ]
This happens as soon as you use additional software repositories - in this case
network:samba:STABLE from the openSUSE Build Service - which already provide or
include a particular fix.
Therefore it would be nice to establish a set of rules or define a pattern how
to use upstream and bugzilla.novell.com references in the package change log.
Then libzypp might be able to detect such an already addressed security issue.
The system in question uses the 11.2-test update repo.
--
Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
User lmuelle@xxxxxxxxxx added comment
http://bugzilla.novell.com/show_bug.cgi?id=551743#c6763
Summary: zypper superflously suggests securoty fix
Classification: openSUSE
Product: openSUSE 11.2
Version: RC 2
Platform: Other
OS/Version: Other
Status: NEW
Severity: Minor
Priority: P5 - None
Component: libzypp
AssignedTo: zypp-maintainers@xxxxxxxxxxxxxxxxxxxxxx
ReportedBy: lmuelle@xxxxxxxxxx
QAContact: qa@xxxxxxx
Found By: ---
This is a test update for 11.2 RC1. Top of changes:
------------------------------------------------------------
------- Thu Oct 8 21:54:16 CEST 2009 - lmuelle@xxxxxxx
- Update to 3.4.2.
+ Fix unresolved home path; CVE-2009-2813; (bso#6763);
(bnc#539517).
+ Fix potential denial of service; CVE-2009-2906;
(bso#6768); (bnc#543115).
while the system in question has cifs-mount in version 3.4.3 installed which
includes from the package change log level:
[ 8< ]
* Thu Oct 08 2009 lmuelle@xxxxxxx
- Update to 3.4.2.
+ Fix unresolved home path; CVE-2009-2813; (bso#6763); (bnc#539517).
+ Fix potential denial of service; CVE-2009-2906; (bso#6768); (bnc#543115).
+ Fix potential mount.cifs password leaks; CVE-2009-2948; (bnc#542150).
[ 8< ]
This happens as soon as you use additional software repositories - in this case
network:samba:STABLE from the openSUSE Build Service - which already provide or
include a particular fix.
Therefore it would be nice to establish a set of rules or define a pattern how
to use upstream and bugzilla.novell.com references in the package change log.
Then libzypp might be able to detect such an already addressed security issue.
The system in question uses the 11.2-test update repo.
--
Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
| < Previous | Next > |