Sicherheit: Mangelnde Prüfung von Signaturen in rpm-ostree
Aktuelle Meldungen Distributionen
Name: Mangelnde Prüfung von Signaturen in rpm-ostree
ID: FEDORA-2017-003fa5648c
Distribution: Fedora
Plattformen: Fedora 25
Datum: Di, 21. März 2017, 09:25
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2623
Applikationen: rpm-ostree


Name        : rpm-ostree
Product : Fedora 25
Version : 2017.3
Release : 2.fc25
URL : https://github.com/projectatomic/rpm-ostree
Summary : Hybrid image/package system
Description :
rpm-ostree is a hybrid image/package system. It supports
"composing" packages on a build server into an OSTree repository,
which can then be replicated by client systems with atomic upgrades.
Additionally, unlike many "pure" image systems, with rpm-ostree
each client system can layer on additional packages, providing
a "best of both worlds" approach.

Update Information:

https://github.com/projectatomic/rpm-ostree/releases/tag/v2017.3 This release
includes a fix for
[CVE-2017-2623](https://bugzilla.redhat.com/show_bug.cgi?id=1422157). There are
a few new features, such as `systemctl reload rpm-ostreed` now being supported.
Some bugfixes such as memory leak fixes. Besides that, there's a lot of
refactoring going on in preparation for work on local RPM installation.

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade rpm-ostree' at the command line.
For more information, refer to the dnf documentation available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Pro-Linux @Facebook
Neue Nachrichten