*** This bug is a security vulnerability ***
Public security bug reported:
Binary package hint: kpackagekit
- kpackagekit 0.4-0ubuntu6
- libpackagekit-glib11 0.3.14-0ubuntu4
- libpackagekit-qt11 0.3.14-0ubuntu4
- packagekit 0.3.14-0ubuntu4
- packagekit-backend-apt 0.3.14-0ubuntu4
- python-packagekit 0.3.14-0ubuntu4
I installed jaunty jackalope "KUbuntu-4.2" and there where no
authoritation for query the updates via:
-->system-settings -> Add and Remove Software -> Software Updates ->
"Refresh"
Every user could initiate the update-function without input the root-
password, if you take the way
-->system-settings -> Add and Remove Software -> Software Updates ->
"Apply all available updates"
on the other hand, if I initiate the update-function via the panel icon
of the update-manager, the root-password was mandatory to install the
updates.
These has been tested with i386- as well as amd64-infrastructure.
** Affects: kpackagekit (Ubuntu)
Importance: Undecided
Status: New
** Visibility changed to: Public
--
[jaunty] (k)packagekit without authoritation
https://bugs.launchpad.net/bugs/357528
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
