CVE-2014-0022

2014-01-26T11:58:11
ID CVE-2014-0022
Type cve
Reporter NVD
Modified 2014-01-27T12:20:03

Description

The installUpdates function in yum-cron/yum-cron.py in yum 3.4.3 and earlier does not properly check the return value of the sigCheckPkg function, which allows remote attackers to bypass the RMP package signing restriction via an unsigned package.