CVE-2013-1764

Publication date 16 April 2014

Last updated 24 July 2024

Ubuntu priority

Medium

Why this priority?

The Zypper (aka zypp) backend in PackageKit before 0.8.8 allows local users to downgrade packages via the “install updates” method.

Read the notes from the security team

Status

No maintained releases are affected by this CVE.

Package Ubuntu Release Status
packagekit 12.10 quantal
Not affected
12.04 LTS precise
Not affected
11.10 oneiric
Not affected
10.04 LTS lucid
Not affected
8.04 LTS hardy
Not affected

Notes

jdstrand

per Debian, Zypp backend specific to SuSE