Security update for rpm
This update for rpm fixes the following issues:
This security vulnerability was fixed:
- CVE-2017-7500: Fixed symlink attacks during RPM installation (bsc#943457)
This update was imported from the SUSE:SLE-15:Update update project.
-
Submitted by
Michael Schröder (mlschroe)
Fixed bugs
bnc#943457
VUL-1: CVE-2017-7500 CVE-2017-7501: rpm: user owned subdirectories in rpm packages can lead user to root escalation
bnc#1094735
Leap 15: sle_version missing from suse_macros
bnc#1095148
virtualbox KMPs cant be used with the latest kernel release