Miroslav Suchý
2016-09-14 06:43:20 UTC
I released new version of Mock. It is security release. All users of mock-scm are encouraged to upgrade.
If you use just mock (not the scm subpackage) then you are not affected.
From:
https://github.com/rpm-software-management/mock/wiki/Release-Notes-1.2.21
Mock version 1.2.21 is security release. It fixes:
CVE-2016-6299 - privilige escalation via mock-scm RHBZ#1375493
Additionally it has those changes:
root_cache: Mention root cache being created in state updates (log messages)
Rename mageia pubkey to RPM-GPG-KEY-Mageia
require generic system-release rather than fedora-release RHBZ#1367746
If you use just mock (not the scm subpackage) then you are not affected.
From:
https://github.com/rpm-software-management/mock/wiki/Release-Notes-1.2.21
Mock version 1.2.21 is security release. It fixes:
CVE-2016-6299 - privilige escalation via mock-scm RHBZ#1375493
Additionally it has those changes:
root_cache: Mention root cache being created in state updates (log messages)
Rename mageia pubkey to RPM-GPG-KEY-Mageia
require generic system-release rather than fedora-release RHBZ#1367746
--
Miroslav Suchy, RHCA
Red Hat, Senior Software Engineer, #brno, #devexp, #fedora-buildsys
Miroslav Suchy, RHCA
Red Hat, Senior Software Engineer, #brno, #devexp, #fedora-buildsys