[Mageia-dev] Regular users installing updates through packagekit or rpmdrake
David Walser
luigiwalser at yahoo.com
Mon Mar 4 22:38:45 CET 2013
OpenSuSE issued an advisory for PackageKit, because when systems were configured to allow regular users to install security updates, they also had the ability to install *older* updates than the newest, reintroducing security issues into the system.
Does PackageKit in Mageia, or even our own rpmdrake tool which can be configured to allow users to install updates, have an issue with this?
References:
http://lists.opensuse.org/opensuse-updates/2013-03/msg00006.html
https://bugzilla.novell.com/show_bug.cgi?id=804983
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1764
More information about the Mageia-dev
mailing list