openSUSE Build Service

File _patchinfo of Package patchinfo

<patchinfo incident="3337">
  <issue id="892431" tracker="bnc" />
  <issue id="908128" tracker="bnc">VUL-0: CVE-2014-8118: rpm: integer overflow leading to stack-based overflow</issue>
  <issue id="906803" tracker="bnc">VUL-1: CVE-2013-6435: rpm: Skipping rpm verification race</issue>
  <issue id="CVE-2014-8118" tracker="cve" />
  <issue id="CVE-2013-6435" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>mlschroe</packager>
  <description>This rpm update fixes the following security and non security issues:

- honor --noglob in install mode [bnc#892431]
- check for bad invalid name sizes [bnc#908128] [CVE-2014-8118]
- create files with mode 0 [bnc#906803] [CVE-2013-6435]

This update also includes version updates of rpm-python and python3-rpm.
</description>
  <summary>Security update for python3-rpm, rpm, rpm-python</summary>
</patchinfo>

Places

File _patchinfo of Package patchinfo

Places