sgallagh at redhat.com
Tue Jun 15 11:59:20 UTC 2010
On 06/15/2010 07:54 AM, Till Maas wrote:
> On Tue, Jun 15, 2010 at 07:28:40AM -0400, Stephen Gallagher wrote:
>> Can someone explain to me why a package whose update comment lists
>> "added patch that fixes insufficient environment sanitization issue
>> (CVE-2010-1646)" is not marked as a security bug?
> No, because according to the Bodhi web interface it is a security
> If it is not in some other interface, it usually helps to specify where
> it is not.
Hmm, then maybe this is a bug in PackageKit. In the Software Update GUI,
it's listed as "normal update".
Delivering value year after year.
Red Hat ranks #1 in value among software vendors.
More information about the devel