sudo-1.7.2p6-2.fc13

Stephen Gallagher sgallagh at redhat.com
Tue Jun 15 11:59:20 UTC 2010


On 06/15/2010 07:54 AM, Till Maas wrote:
> On Tue, Jun 15, 2010 at 07:28:40AM -0400, Stephen Gallagher wrote:
>> Can someone explain to me why a package whose update comment lists
>> "added patch that fixes insufficient environment sanitization issue
>> (CVE-2010-1646)" is not marked as a security bug?
>
> No, because according to the Bodhi web interface it is a security
> update:
> https://admin.fedoraproject.org/updates/sudo-1.7.2p6-2.fc13
>
> If it is not in some other interface, it usually helps to specify where
> it is not.
>
> Regards
> Till
>

Hmm, then maybe this is a bug in PackageKit. In the Software Update GUI, 
it's listed as "normal update".

-- 
Stephen Gallagher
RHCE 804006346421761

Delivering value year after year.
Red Hat ranks #1 in value among software vendors.
http://www.redhat.com/promo/vendor/


More information about the devel mailing list