Can someone explain to me why a package whose update comment lists
added patch that fixes insufficient environment sanitization issue
(CVE-2010-1646) is not marked as a security bug?
--
Stephen Gallagher
RHCE 804006346421761
Delivering value year after year.
Red Hat ranks #1 in value among
interface it is a security
update:
https://admin.fedoraproject.org/updates/sudo-1.7.2p6-2.fc13
If it is not in some other interface, it usually helps to specify where
it is not.
Regards
Till
pgpDz13VImGcx.pgp
Description: PGP signature
--
devel mailing list
devel@lists.fedoraproject.org
https
?
No, because according to the Bodhi web interface it is a security
update:
https://admin.fedoraproject.org/updates/sudo-1.7.2p6-2.fc13
If it is not in some other interface, it usually helps to specify where
it is not.
Regards
Till
Hmm, then maybe this is a bug in PackageKit. In the Software
On Tue, 2010-06-15 at 07:59 -0400, Stephen Gallagher wrote:
Hmm, then maybe this is a bug in PackageKit. In the Software Update GUI,
it's listed as normal update.
I've seen that a lot over the past few months. Unfortunately, I haven't
investigated to the point of being able to write a useful
On Tue, 15 Jun 2010 08:08:20 -0400
Matt McCutchen m...@mattmccutchen.net wrote:
On Tue, 2010-06-15 at 07:59 -0400, Stephen Gallagher wrote:
Hmm, then maybe this is a bug in PackageKit. In the Software Update
GUI, it's listed as normal update.
I've seen that a lot over the past few months.
Stephen Gallagher wrote:
Hmm, then maybe this is a bug in PackageKit. In the Software Update GUI,
it's listed as normal update.
https://bugzilla.redhat.com/show_bug.cgi?id=574658
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
