On Sat, 29 Jan 2022 02:36:32 +0100, Stefan Seyfried wrote:
rpm -q --changelog polkit
the newest entries of polkit.changes (either a fixed time interval or after a cut-off date configured somewhere, I'm not sure) are embedded into the RPM.
If you want to know before installing if it is worth the hassle, you can do
zypper up --download-only polkit rpm -qp --changelog /var/cache/zypp/<....>/polkit-<xxx.yyy>.<arch>.rpm
Yes, it's not easily available before installation, but at least you know that's what will be installed. If you look into OBS, you still are not 100% sure that's what you get from your local mirror ;-)
Not bad options either. The biggest thing for me wasn't so much (in this instance) not wondering if it was worth the hassle, but whether or not the CVE was patched or if I was going to have to mitigate in some other way post-update. Suffice to say, I've learned a lot from this thread about how to find the changelogs (which I've never really worried about before for some reason). -- Jim Henderson Please keep on-topic replies on the list so everyone benefits