Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Mageia: 2022-0321 Moderate: RPM Binding Signature Issue

mageia
Calendar Grey September 10, 2022
Dist Mageia Esm H88
Revised rpm archives address the vulnerability linked to signature bindings. Enhance defenses against possible risks.
RPM does not require subkeys to have a valid binding signature (CVE-2021-3521) References: - https://bugs.mageia.org/show_bug.cgi?id=29987

Summary

RPM does not require subkeys to have a valid binding signature (CVE-2021-3521)

References

- https://bugs.mageia.org/show_bug.cgi?id=29987

- https://access.redhat.com/errata/RHSA-2022:0368

- https://www.cve.org/CVERecord?id=CVE-2021-3521

Topics%20covered

Topics Covered

security advisory moderate update threat mitigation rpm mageia binding signature

Resolution

SRPMS

- 8/core/rpm-4.16.1.3-1.2.mga8

Publication date: 10 Sep 2022
URL: https://advisories.mageia.org/MGASA-2022-0321.html
Type: security
CVE: CVE-2021-3521

Topics%20covered

Topics Covered

security advisory moderate update threat mitigation rpm mageia binding signature

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here