Descriptionzypp-refresh-patches in zypper in SUSE openSUSE 10.2, 10.3, and 11.0 does not ask the user before accepting repository keys, which allows remote repositories to cause a denial of service (package data corruption) via a spoofed key.
Overall state of this security issue: Resolved
This issue is currently rated as having important severity.
|National Vulnerability Database|
SUSE Security Advisories:
- SUSE-SR:2008:015, published Fri, 18 Jul 2008 13:00:00 +0000
SUSE Timeline for this CVECVE page created: Tue Jul 9 16:09:50 2013
CVE page last modified: Fri Oct 7 12:45:42 2022