PackageKit-1.1.5-2.0.1.el7.AXS7
エラータID: AXSA:2018-3051:01
PackageKit is a D-Bus abstraction layer that allows the session user to manage packages in a secure way using a cross-distribution, cross-architecture API.
Security Fix(es):
* PackageKit: authentication bypass allows to install signed packages without administrator privileges (CVE-2018-1106)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Asianux would like to thank Matthias Gerstner (SUSE) for reporting this issue.
CVE-2018-1106
An authentication bypass flaw has been found in PackageKit before 1.1.10 that allows users without administrator privileges to install signed packages. A local attacker can use this vulnerability to install vulnerable packages to further compromise a system.
Update packages.
An authentication bypass flaw has been found in PackageKit before 1.1.10 that allows users without administrator privileges to install signed packages. A local attacker can use this vulnerability to install vulnerable packages to further compromise a system.
N/A
SRPMS
- PackageKit-1.1.5-2.0.1.el7.AXS7.src.rpm
MD5: af1e057862224c31ea9320b5927b3344
SHA-256: 88f1f129fc81848a7e4bb1adfcd487737f7722621a10feaf7a0f36a0c7ced6de
Size: 1.37 MB
Asianux Server 7 for x86_64
- PackageKit-1.1.5-2.0.1.el7.AXS7.x86_64.rpm
MD5: a6322fe1d605449775be629f26812ce4
SHA-256: 7bb636a8db1336444a3359b0ee4a9f941d4c60090ac1eb57e6bbb29e9189a493
Size: 581.80 kB - PackageKit-command-not-found-1.1.5-2.0.1.el7.AXS7.x86_64.rpm
MD5: cf9c221c31ea962431ebc09eeafe8552
SHA-256: 173521f5217ad7345093e6f155430e2a99088823e09d2fcb650ad0449cbeb8db
Size: 19.77 kB - PackageKit-glib-1.1.5-2.0.1.el7.AXS7.x86_64.rpm
MD5: 9df44843152f93d34dd1d2cba057163c
SHA-256: ad89bcd9bef20500844fb0f5f038513b9640770240f15648cbd5f6b72a59eded
Size: 126.19 kB - PackageKit-gstreamer-plugin-1.1.5-2.0.1.el7.AXS7.x86_64.rpm
MD5: f1f94786b6ae7b41a8d30ae2423a57c0
SHA-256: bf66b6518e0e8ae74e529ae07d16b4d314b92fc43935a917003ea483c4003993
Size: 10.70 kB - PackageKit-gtk3-module-1.1.5-2.0.1.el7.AXS7.x86_64.rpm
MD5: 1732977ffb07ab471971955a73b3a43f
SHA-256: 146ccea494fa08a9732474bd65cbea610f889e82296f15243c638ace02d97a02
Size: 11.33 kB - PackageKit-yum-1.1.5-2.0.1.el7.AXS7.x86_64.rpm
MD5: b3704b1a684a6493a11d20dc2988f720
SHA-256: 70dfc20f4febb1680ae839e1ae7cfa0ff456902247dea20f3f91f3e33a11dd00
Size: 74.27 kB - PackageKit-glib-1.1.5-2.0.1.el7.AXS7.i686.rpm
MD5: e48818f963b53c9450358d1557d7193c
SHA-256: 2e712ad31714812a1058862cc2da503dc49562d9153814cff361069fdec349c2
Size: 120.86 kB - PackageKit-gtk3-module-1.1.5-2.0.1.el7.AXS7.i686.rpm
MD5: 1240d6ef2a4cb20dfbadb737e080ddfa
SHA-256: 10da12575499d4833b118106417b56defe097aefb7fd4fc1e313cedeaad56f44
Size: 11.17 kB