PackageKit: only allow patches for regular updates
The PackageKit zypp backend was fixed to only allow patches to be updated. Otherwise
a regular user could install new packages or even downgrade older packages to ones
with security problems. (CVE-2013-1764)
-
Submitted by
Stephan Kulow (coolo)
Fixed bugs
bnc#804983
VUL-0: CVE-2013-1764: PackageKit "update" can downgrade packages
CVE-CVE-2013-1764
VUL-0: CVE-2013-1764: PackageKit "update" can downgrade packages
