Lucene search
K

7 matches found

CVE
CVE
added 2018/07/27 6:0 p.m.64 views

CVE-2017-2623

The CVE-2017-2623 issue affects rpm-ostree and rpm-ostree-client older than 2017.3, where GPG signatures on layered packages were not checked properly. This could allow unsigned or poorly signed content to be accepted instead of rejected. The severity and impact are described in multiple sources ...

5.3CVSS5AI score0.01026EPSS
Exploits0References3Affected Software2
Cvelist
Cvelist
added 2018/07/27 6:0 p.m.24 views

CVE-2017-2623

It was discovered that rpm-ostree and rpm-ostree-client before 2017.3 fail to properly check GPG signatures on packages when doing layering. Packages with unsigned or badly signed content could fail to be rejected as expected. This issue is partially mitigated on RHEL Atomic Host, where certifica...

5.3CVSS5AI score0.01026EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2017/03/22 12:0 a.m.27 views

Fedora 24 : rpm-ostree (2017-788129b61c)

https://github.com/projectatomic/rpm-ostree/releases/tag/v2017.3 This release includes a fix for CVE-2017-2623. There are a few new features, such as systemctl reload rpm-ostreed now being supported. Some bugfixes such as memory leak fixes. Besides that, there's a lot of internal refactoring goin...

5.3CVSS5.6AI score0.01026EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2017/03/21 12:0 a.m.25 views

Fedora 25 : rpm-ostree (2017-003fa5648c)

https://github.com/projectatomic/rpm-ostree/releases/tag/v2017.3 This release includes a fix for CVE-2017-2623. There are a few new features, such as systemctl reload rpm-ostreed now being supported. Some bugfixes such as memory leak fixes. Besides that, there's a lot of internal refactoring goin...

5.3CVSS5.6AI score0.01026EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2017/03/21 12:0 a.m.18 views

Fedora Update for rpm-ostree FEDORA-2017-003fa5648c

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS5.3AI score0.01026EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2017/03/06 12:0 a.m.30 views

RHEL 7 : rpm-ostree and rpm-ostree-client (RHSA-2017:0444)

An update for rpm-ostree and rpm-ostree-client is now available for Red Hat Enterprise Linux Atomic Host 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

5.3CVSS5.7AI score0.01026EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2017/03/03 12:18 a.m.20 views

CVE-2017-2623

It was discovered that rpm-ostree and rpm-ostree-client fail to properly check GPG signatures on packages when doing layering. Packages with unsigned or badly signed content could fail to be rejected as expected. This issue is partially mitigated on RHEL Atomic Host, where certificate pinning is...

5.3CVSS1.3AI score0.01026EPSS
Exploits0References1
Rows per page
Query Builder