CVE-2014-3585: redhat-upgrade-tool: does not check GPG signatures on package installation

Severity: Critical

CVSS Score: 9.8

redhat-upgrade-tool: Does not check GPG signatures when upgrading versions