LISTSERV - SCIENTIFIC-LINUX-ERRATA Archives

Synopsis:          Moderate: PackageKit security update
Advisory ID:       SLSA-2018:1224-1
Issue Date:        2018-04-24
CVE Numbers:       CVE-2018-1106
--

Security Fix(es):

* PackageKit: authentication bypass allows to install signed packages
without administrator privileges (CVE-2018-1106)
--

SL7
  x86_64
    PackageKit-1.1.5-2.sl7_5.x86_64.rpm
    PackageKit-command-not-found-1.1.5-2.sl7_5.x86_64.rpm
    PackageKit-debuginfo-1.1.5-2.sl7_5.i686.rpm
    PackageKit-debuginfo-1.1.5-2.sl7_5.x86_64.rpm
    PackageKit-glib-1.1.5-2.sl7_5.i686.rpm
    PackageKit-glib-1.1.5-2.sl7_5.x86_64.rpm
    PackageKit-gstreamer-plugin-1.1.5-2.sl7_5.x86_64.rpm
    PackageKit-gtk3-module-1.1.5-2.sl7_5.i686.rpm
    PackageKit-gtk3-module-1.1.5-2.sl7_5.x86_64.rpm
    PackageKit-yum-1.1.5-2.sl7_5.x86_64.rpm
    PackageKit-1.1.5-2.sl7_5.i686.rpm
    PackageKit-cron-1.1.5-2.sl7_5.x86_64.rpm
    PackageKit-glib-devel-1.1.5-2.sl7_5.i686.rpm
    PackageKit-glib-devel-1.1.5-2.sl7_5.x86_64.rpm
    PackageKit-yum-plugin-1.1.5-2.sl7_5.x86_64.rpm

- Scientific Linux Development Team