CESA-2018:1224 -- centos 7 PackageKitID: oval:org.secpod.oval:def:204827 | Date: (C)2018-06-01 (M)2022-10-10 |
Class: PATCH | Family: unix |
PackageKit is a D-Bus abstraction layer that allows the session user to manage packages in a secure way using a cross-distribution, cross-architecture API. Security Fix: * PackageKit: authentication bypass allows to install signed packages without administrator privileges For more details about the security issue, including the impact, a CVSS score, and other related information, refer to the CVE page listed in the References section. Red Hat would like to thank Matthias Gerstner for reporting this issue.