K73455417: obs-service-extract_file package vulnerability CVE-2016-4007

Security Advisory Description Multiple unspecified vulnerabilities in the obs-service-extractfile package before 0.3-5.1 in openSUSE Leap 42.1 and before 0.3-3.1 in openSUSE 13.2 allow attackers to execute arbitrary commands via a service definition, related to executing unzip with "illegal...

openSUSE Security Update : obs-service-source_validator (openSUSE-2016-758)

obs-service-sourcevalidator was updated to fix one security issue. This security issue was fixed : - CVE-2016-4007: Several maintained source services are vulnerable to code/paramter injection bsc967265. This non-security issue was fixed : - bsc967610: Several occurrences of uninitialized value...

openSUSE Security Update : obs-service-source_validator (openSUSE-2016-759)

obs-service-sourcevalidator was updated to fix one security issue. This security issue was fixed : - CVE-2016-4007: Several maintained source services are vulnerable to code/paramter injection bsc967265. This non-security issue was fixed : - bsc967610: Several occurrences of uninitialized value...

openSUSE: Security Advisory for obs-service-source_validator (openSUSE-SU-2016:1659-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for obs-service-source_validator (important)

obs-service-sourcevalidator was updated to fix one security issue. This security issue was fixed: - CVE-2016-4007: Several maintained source services are vulnerable to code/paramter injection bsc967265. This non-security issue was fixed: - bsc967610: Several occurrences of uninitialized value...

Security update for obs-service-source_validator (important)

obs-service-sourcevalidator was updated to fix one security issue. This security issue was fixed: - CVE-2016-4007: Several maintained source services are vulnerable to code/paramter injection bsc967265. This non-security issue was fixed: - bsc967610: Several occurrences of uninitialized value...

CVE-2016-4007

CVE-2016-4007 affects the obs-service-extract_file package (and related source validator components) via code/parameter injection in service definitions (unzip with illegal options). Public advisories note the issue was fixed by OBS-related updates: openSUSE/SUSE security notices for obs-service-...