Overview

File _patchinfo of Package patchinfo.27323

<patchinfo incident="27323">
  <issue tracker="bnc" id="1181400">AUDIT-TASK: Evaluate systemd hardenings and get more services to use them</issue>
  <issue tracker="bnc" id="1206836">VUL-0: CVE-2023-22643: EMBARGOED: libzypp-plugin-appdata: potential arbitrary code execution via shell injection due to `os.system` calls</issue>
  <issue tracker="cve" id="2023-22643"/>
  <packager>dimstar_suse</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for libzypp-plugin-appdata</summary>
  <description>This update for libzypp-plugin-appdata fixes the following issues:

- CVE-2023-22643: Fixed potential shell injection related to malicious repo names (bsc#1206836).
- Added hardening to systemd service (bsc#1181400). 
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places