Rene "l00m" Fischer found two problem in the handling of package repositories.
- The remote repositories were copied with permissions and ownerships intact.
If the remote repository was owned by a user or had problematic permissions,
these ownership and permissions were copied over to the system.
If these included world writeable permissions local users could overwrite
package meta files.
This problem is not present when installing from CD or a correctly set up
- The YaST package handling had a bufferoverflow which could be used by
attackers having access to the meta data (for instance due to above
permission problem) to potentially execute code.
These problems have been fixed with this update.