Name of the Vulnerable Software and Affected Versions suse-build-key (affected versions not specified)

Description This issue involves an update for suse-build-key that replaces the previous libzypp-post-script based installation with a systemd timer and service. The update imports the future SUSE Linux Enterprise 15 4096 bit RSA key primary and reserve keys. After successful import, the timer is disabled. To manually import the keys, users can run specific rpm commands. A bugfix has been added to run rpm commands in the import script only when libzypp is not active.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.