Overview

File _patchinfo of Package patchinfo.1418

<patchinfo>
  <issue id="804983" tracker="bnc">VUL-0: CVE-2013-1764: PackageKit "update" can downgrade packages</issue>
  <issue id="CVE-2013-1764" tracker="cve">VUL-0: CVE-2013-1764: PackageKit "update" can downgrade packages</issue>
  <category>security</category>
  <rating>moderate</rating>
  <packager>coolo</packager>
  <description>
The PackageKit zypp backend was fixed to only allow patches to be updated. Otherwise
a regular user could install new packages or even downgrade older packages to ones
with security problems. (CVE-2013-1764)
</description>
  <summary>PackageKit: only allow patches for regular updates</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places