View Issue Details

IDProjectCategoryView StatusLast Update
0000174AlmaLinux-8-OTHERpublic2022-01-18 16:51
Reporteradstak Assigned To 
Status newResolutionopen 
OSAlmaLinuxOS Version8 
Summary0000174: I believe I have found an miss assigned ID in the updateinfo in the BaseOs repo
DescriptionSo long story short as this is either an easy fix or intended and I simply miss understand.

So we have a a tool I wrote at my company which parses updateinfo in the repo and reports security info to a central place for patch reporting etc.

As part of this I recently added alma info as we moved away from centos. As part of this I stumbled across the id --> ALBA-2019:3693

This seems to be labelled ALBA in the updateinfo but from my understanding this should be an ALSA as it applies a fix for CVE-2018-18074 going from its own description.

My understanding to add context is ALBA is the Alma Linux Bug Announce and ALSA is the ALMA Linux Security Announce. ( This is a guess going from centos's CESA and other updateinfo formats from other providers)

So put simply is ALBA-2019:3693 correct or should this be ALSA-2019:3693 or does it not matter?
Steps To ReproduceRead the updateinfo file from the BaseOS almalinux8 repo
TagsNo tags attached.



2022-01-18 16:36

administrator   ~0000479

Hello. ALBA is correct. Original bulletin is RHBA-2019:3693 - Bug Fix Advisory
This update doesn't fix vulnerability. It fixes bug that was added in previous security update of this package. So it's bugfix release.

Bug fix:
The fix CVE-2018-18074 leads to a regression (BZ#1758261)

Issue History

Date Modified Username Field Change
2022-01-17 15:01 adstak New Issue
2022-01-18 16:36 alukoshko Note Added: 0000479