[SECURITY] Fedora 27 Update: PackageKit-1.1.10-1.fc27

PackageKit is a D-Bus abstraction layer that allows the session user to manage packages in a secure way using a cross-distro, cross-architecture API...

[SECURITY] Fedora 28 Update: PackageKit-1.1.10-1.fc28

PackageKit is a D-Bus abstraction layer that allows the session user to manage packages in a secure way using a cross-distro, cross-architecture API...

Amazon Linux 2 : PackageKit (ALAS-2018-1006)

Authentication bypass allows to install signed packages without administrator privileges An authentication bypass flaw has been found in PackageKit that allows users without administrator privileges to install signed packages. A local attacker can use this vulnerability to install vulnerable...

Medium: PackageKit

Issue Overview: Authentication bypass allows to install signed packages without administrator privileges An authentication bypass flaw has been found in PackageKit that allows users without administrator privileges to install signed packages. A local attacker can use this vulnerability to install...

Ubuntu 17.10 : PackageKit vulnerability (USN-3634-1)

Matthias Gerstner discovered that PackageKit incorrectly handled authentication. A local attacker could possibly use this issue to install arbitrary packages and escalate privileges. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security...

Ubuntu: Security Advisory (USN-3634-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for PackageKit (openSUSE-SU-2018:1049-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

RHEL 7 : PackageKit (RHSA-2018:1224)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:1224 advisory. PackageKit is a D-Bus abstraction layer that allows the session user to manage packages in a secure way using a cross-distribution, cross-architectur...

Oracle Linux 7 : PackageKit (ELSA-2018-1224)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2018-1224 advisory. - Fixes CVE-2018-1106 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not tested fo...

PackageKit: authentication bypass allows to install signed packages without administrator privileges

An authentication bypass flaw has been found in PackageKit that allows users without administrator privileges to install signed packages. A local attacker can use this vulnerability to install vulnerable packages to further compromise a system...

Moderate: Red Hat Security Advisory: PackageKit security update

An update for PackageKit is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

USN-3634-1: PackageKit vulnerability

Matthias Gerstner discovered that PackageKit incorrectly handled authentication. A local attacker could possibly use this issue to install arbitrary packages and escalate privileges...

Security update for PackageKit (important)

This update for PackageKit fixes the following security issue: - CVE-2018-1106: Drop the polkit rule which could allow users in wheel group to install packages without root password bsc1086936. This update was imported from the SUSE:SLE-12-SP2:Update update project...

PackageKit security update

1.1.5-2.0.1 - remove PackageKit-0.3.8-Fedora-Vendor.conf.patch 1.1.5-2 - Fixes CVE-2018-1106 - Resolves: rhbz1566425...

PackageKit Authentication Bypass Vulnerability

PackageKit is a new package manager for Linux systems. A security vulnerability exists in versions of PackageKit prior to 1.1.10. A local attacker could exploit the vulnerability to bypass authentication and install affected packages...

openSUSE Security Update : PackageKit (openSUSE-2018-386)

This update for PackageKit fixes the following security issue : - CVE-2018-1106: Drop the polkit rule which could allow users in wheel group to install packages without root password bsc1086936. This update was imported from the SUSE:SLE-12-SP2:Update update project. %NASLMINLEVEL 70300 C Tenable...

SUSE SLED12 / SLES12 Security Update : PackageKit (SUSE-SU-2018:1047-1)

CVE-2018-1106: Drop the polkit rule which could allow users in wheel group to install packages without root password bsc1086936. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean...

CVE-2018-1106

An authentication bypass flaw has been found in PackageKit before 1.1.10 that allows users without administrator privileges to install signed packages. A local attacker can use this vulnerability to install vulnerable packages to further compromise a system...

CVE-2018-1106

An authentication bypass flaw has been found in PackageKit before 1.1.10 that allows users without administrator privileges to install signed packages. A local attacker can use this vulnerability to install vulnerable packages to further compromise a system...

DEBIAN-CVE-2018-1106

An authentication bypass flaw has been found in PackageKit before 1.1.10 that allows users without administrator privileges to install signed packages. A local attacker can use this vulnerability to install vulnerable packages to further compromise a system...