Fedora Update for osc FEDORA-2018-fac5420dd1

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2017-9274

A shell command injection in the obs-service-sourcevalidator before 0.7 could be used to execute code as the packager when checking RPM SPEC files with specific macro constructs...

CVE-2017-9274

CVE-2017-9274 describes a shell command injection in the OpenBuild/OpenSUSE component obs-service-source_validator (before version 0.7 ). The underlying issue allows an attacker to execute arbitrary code as the packager when validating RPM SPEC files that use specific macro constructs. Multiple c...

CVE-2017-9274 osc executes spec code during "osc commit"

A shell command injection in the obs-service-sourcevalidator before 0.7 could be used to execute code as the packager when checking RPM SPEC files with specific macro constructs...

Fedora 26 : osc / osc-source_validator (2018-903354c26c)

Rebase osc and osc-sourcevalidator to new versions for security fixes for CVE-2017-9274. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible...

Fedora 27 : osc / osc-source_validator (2018-ac8aab1f7a)

Rebase osc and osc-sourcevalidator to new versions for security fixes for CVE-2017-9274 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible...

Fedora Update for osc FEDORA-2018-903354c26c

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for osc-source_validator FEDORA-2018-ac8aab1f7a

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : the OBS toolchain (openSUSE-2017-1360)

This OBS toolchain update fixes the following issues : Package 'build' : - CVE-2010-4226: force use of bsdtar for VMs bnc665768 - CVE-2017-14804: Improve file name check extractbuild bsc1069904 - switch baselibs scheme for debuginfo packages from foo-debuginfo-32bit to foo-32bit-debuginfo...

openSUSE: Security Advisory for OBS toolchain (openSUSE-SU-2017:3259-1)

The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...