Synopsis: Moderate: PackageKit security update Advisory ID: SLSA-2018:1224-1 Issue Date: 2018-04-24 CVE Numbers: CVE-2018-1106 -- Security Fix(es): * PackageKit: authentication bypass allows to install signed packages without administrator privileges (CVE-2018-1106) -- SL7 x86_64 PackageKit-1.1.5-2.sl7_5.x86_64.rpm PackageKit-command-not-found-1.1.5-2.sl7_5.x86_64.rpm PackageKit-debuginfo-1.1.5-2.sl7_5.i686.rpm PackageKit-debuginfo-1.1.5-2.sl7_5.x86_64.rpm PackageKit-glib-1.1.5-2.sl7_5.i686.rpm PackageKit-glib-1.1.5-2.sl7_5.x86_64.rpm PackageKit-gstreamer-plugin-1.1.5-2.sl7_5.x86_64.rpm PackageKit-gtk3-module-1.1.5-2.sl7_5.i686.rpm PackageKit-gtk3-module-1.1.5-2.sl7_5.x86_64.rpm PackageKit-yum-1.1.5-2.sl7_5.x86_64.rpm PackageKit-1.1.5-2.sl7_5.i686.rpm PackageKit-cron-1.1.5-2.sl7_5.x86_64.rpm PackageKit-glib-devel-1.1.5-2.sl7_5.i686.rpm PackageKit-glib-devel-1.1.5-2.sl7_5.x86_64.rpm PackageKit-yum-plugin-1.1.5-2.sl7_5.x86_64.rpm - Scientific Linux Development Team