Hello community, here is the log from the commit of package patchinfo.1926 for openSUSE:12.3:Update checked in at 2013-09-12 12:27:17 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:12.3:Update/patchinfo.1926 (Old) and /work/SRC/openSUSE:12.3:Update/.patchinfo.1926.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "patchinfo.1926" Changes: -------- New Changes file: NO CHANGES FILE!!! New: ---- _patchinfo ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ _patchinfo ++++++ <patchinfo incident="1926"> <packager>mlandres</packager> <issue tracker="bnc" id="828672"></issue> <issue tracker="cve" id="CVE-2013-3704"></issue> <category>security</category> <rating>moderate</rating> <summary>libzypp: security fixes in RPM GPG key import parsing</summary> <description> libzypp was adjusted to enhance the RPM GPG key import/handling to avoid a problem with multiple key blobs. Attackers able to supplying a repository could let the packagemanager show another keys fingerprint while a second one was actually used to sign the repository (CVE-2013-3704). </description> <zypp_restart_needed/> </patchinfo> -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
