Overview Details

File _patchinfo of Package patchinfo

<patchinfo incident="16454">
  <issue tracker="bnc" id="1182321">VUL-0: CVE-2021-31998: inn: %post calls user owned file, LPE to root</issue>
  <issue tracker="cve" id="2021-31998"/>
  <packager>mlschroe</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for inn</summary>
  <description>This update for inn fixes the following issues:

- CVE-2021-31998: change user to news before calling innupgrade to avoid a "inn" to "root" privilege escalation [boo#1182321] 
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places