Stephen Gallagher sgallagh at
Tue Jun 15 11:59:20 UTC 2010

On 06/15/2010 07:54 AM, Till Maas wrote:
> On Tue, Jun 15, 2010 at 07:28:40AM -0400, Stephen Gallagher wrote:
>> Can someone explain to me why a package whose update comment lists
>> "added patch that fixes insufficient environment sanitization issue
>> (CVE-2010-1646)" is not marked as a security bug?
> No, because according to the Bodhi web interface it is a security
> update:
> If it is not in some other interface, it usually helps to specify where
> it is not.
> Regards
> Till

Hmm, then maybe this is a bug in PackageKit. In the Software Update GUI, 
it's listed as "normal update".

Stephen Gallagher
RHCE 804006346421761

Delivering value year after year.
Red Hat ranks #1 in value among software vendors.

More information about the devel mailing list