SuSE 10 Security Update : popt (ZYPP Patch Number 7069)
High Nessus Plugin ID 49917
SynopsisThe remote SuSE 10 host is missing a security-related patch.
DescriptionThis update fixes a security problem where RPM misses to clear the SUID/SGID bit of old files during package updates. (CVE-2010-2059)
Also the following bugs were fixed :
- do not use glibc for passwd/group lookups when --root is used [bnc#536256]
- disable cpio md5 checking for repackaged rpms [bnc#572280]
SolutionApply ZYPP patch number 7069.