[Bug 551743] New: zypper superflously suggests securoty fix
http://bugzilla.novell.com/show_bug.cgi?id=551743 User lmuelle@novell.com added comment http://bugzilla.novell.com/show_bug.cgi?id=551743#c6763 Summary: zypper superflously suggests securoty fix Classification: openSUSE Product: openSUSE 11.2 Version: RC 2 Platform: Other OS/Version: Other Status: NEW Severity: Minor Priority: P5 - None Component: libzypp AssignedTo: zypp-maintainers@forge.provo.novell.com ReportedBy: lmuelle@novell.com QAContact: qa@suse.de Found By: --- This is a test update for 11.2 RC1. Top of changes: ------------------------------------------------------------ ------- Thu Oct 8 21:54:16 CEST 2009 - lmuelle@suse.de - Update to 3.4.2. + Fix unresolved home path; CVE-2009-2813; (bso#6763); (bnc#539517). + Fix potential denial of service; CVE-2009-2906; (bso#6768); (bnc#543115). while the system in question has cifs-mount in version 3.4.3 installed which includes from the package change log level: [ 8< ] * Thu Oct 08 2009 lmuelle@suse.de - Update to 3.4.2. + Fix unresolved home path; CVE-2009-2813; (bso#6763); (bnc#539517). + Fix potential denial of service; CVE-2009-2906; (bso#6768); (bnc#543115). + Fix potential mount.cifs password leaks; CVE-2009-2948; (bnc#542150). [ 8< ] This happens as soon as you use additional software repositories - in this case network:samba:STABLE from the openSUSE Build Service - which already provide or include a particular fix. Therefore it would be nice to establish a set of rules or define a pattern how to use upstream and bugzilla.novell.com references in the package change log. Then libzypp might be able to detect such an already addressed security issue. The system in question uses the 11.2-test update repo. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
http://bugzilla.novell.com/show_bug.cgi?id=551743
User mls@novell.com added comment
http://bugzilla.novell.com/show_bug.cgi?id=551743#c1
Michael Schröder
http://bugzilla.novell.com/show_bug.cgi?id=551743
User lmuelle@novell.com added comment
http://bugzilla.novell.com/show_bug.cgi?id=551743#c2
Lars Müller
http://bugzilla.novell.com/show_bug.cgi?id=551743
User mls@novell.com added comment
http://bugzilla.novell.com/show_bug.cgi?id=551743#c3
Michael Schröder
http://bugzilla.novell.com/show_bug.cgi?id=551743
User lmuelle@novell.com added comment
http://bugzilla.novell.com/show_bug.cgi?id=551743#c4
Lars Müller
http://bugzilla.novell.com/show_bug.cgi?id=551743
User lmuelle@novell.com added comment
http://bugzilla.novell.com/show_bug.cgi?id=551743#c5
--- Comment #5 from Lars Müller
http://bugzilla.novell.com/show_bug.cgi?id=551743
User mls@novell.com added comment
http://bugzilla.novell.com/show_bug.cgi?id=551743#c6
Michael Schröder
http://bugzilla.novell.com/show_bug.cgi?id=551743
User lmuelle@novell.com added comment
http://bugzilla.novell.com/show_bug.cgi?id=551743#c7
Lars Müller
http://bugzilla.novell.com/show_bug.cgi?id=551743
User mls@novell.com added comment
http://bugzilla.novell.com/show_bug.cgi?id=551743#c8
Michael Schröder
participants (1)
-
bugzilla_noreply@novell.com