Hello community,
here is the log from the commit of package patchinfo.13321 for
openSUSE:Leap:15.2:Update checked in at 2020-07-19 20:25:49
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Leap:15.2:Update/patchinfo.13321 (Old)
and /work/SRC/openSUSE:Leap:15.2:Update/.patchinfo.13321.new.3592 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "patchinfo.13321"
Sun Jul 19 20:25:49 2020 rev:1 rq:821337 version:unknown
Changes:
--------
New Changes file:
NO CHANGES FILE!!!
New:
----
_patchinfo
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ _patchinfo ++++++
<patchinfo incident="13321">
<issue tracker="bnc" id="1169978">Partner-L3: google-compute-engine-* package
update fails (need "systemctl try-restart" in postinstall?)</issue>
<issue tracker="bnc" id="1173258">VUL-0:
CVE-2020-8903,CVE-2020-8907,CVE-2020-8933: privilege escalation in
guest-oslogin</issue>
<issue tracker="cve" id="2020-8933"/>
<issue tracker="cve" id="2020-8903"/>
<issue tracker="cve" id="2020-8907"/>
<packager>glaubitz</packager>
<rating>important</rating>
<category>security</category>
<summary>Security update for google-compute-engine</summary>
<description>This update for google-compute-engine fixes the following issues:
- Don't enable and start google-network-daemon.service when it's
already installed (bsc#1169978)
+ Do not add the created user to the adm (CVE-2020-8903),
docker (CVE-2020-8907), or lxd (CVE-2020-8933) groups
if they exist (bsc#1173258)</description>
</patchinfo>
