EUVD-2017-18210

Malware in sbrugna...

OPENSUSE-SU-2024:11106-1 obs-service-source_validator-0.21-1.3 on GA media

These are all security issues fixed in the obs-service-sourcevalidator-0.21-1.3 package on the GA media of openSUSE Tumbleweed...

CVE-2017-9274

A shell command injection in the obs-service-sourcevalidator before 0.7 could be used to execute code as the packager when checking RPM SPEC files with specific macro constructs...

CVE-2017-9274

A shell command injection in the obs-service-sourcevalidator before 0.7 could be used to execute code as the packager when checking RPM SPEC files with specific macro constructs...

Command injection

A shell command injection in the obs-service-sourcevalidator before 0.7 could be used to execute code as the packager when checking RPM SPEC files with specific macro constructs...

CVE-2017-9274 osc executes spec code during "osc commit"

A shell command injection in the obs-service-sourcevalidator before 0.7 could be used to execute code as the packager when checking RPM SPEC files with specific macro constructs...

CVE-2017-9274

A shell command injection in the obs-service-sourcevalidator before 0.7 could be used to execute code as the packager when checking RPM SPEC files with specific macro constructs...

CVE-2017-9274

CVE-2017-9274 describes a shell command injection in the OpenBuild/OpenSUSE component obs-service-source_validator (before version 0.7 ). The underlying issue allows an attacker to execute arbitrary code as the packager when validating RPM SPEC files that use specific macro constructs. Multiple c...

openSUSE Security Update : the OBS toolchain (openSUSE-2017-1360)

This OBS toolchain update fixes the following issues : Package 'build' : - CVE-2010-4226: force use of bsdtar for VMs bnc665768 - CVE-2017-14804: Improve file name check extractbuild bsc1069904 - switch baselibs scheme for debuginfo packages from foo-debuginfo-32bit to foo-32bit-debuginfo...

Security update for the OBS toolchain (important)

This OBS toolchain update fixes the following issues: Package 'build': - CVE-2010-4226: force use of bsdtar for VMs bnc665768 - CVE-2017-14804: Improve file name check extractbuild bsc1069904 - switch baselibs scheme for debuginfo packages from foo-debuginfo-32bit to foo-32bit-debuginfo fate32321...

openSUSE Security Update : obs-service-source_validator (openSUSE-2016-758)

obs-service-sourcevalidator was updated to fix one security issue. This security issue was fixed : - CVE-2016-4007: Several maintained source services are vulnerable to code/paramter injection bsc967265. This non-security issue was fixed : - bsc967610: Several occurrences of uninitialized value...

openSUSE Security Update : obs-service-source_validator (openSUSE-2016-759)

obs-service-sourcevalidator was updated to fix one security issue. This security issue was fixed : - CVE-2016-4007: Several maintained source services are vulnerable to code/paramter injection bsc967265. This non-security issue was fixed : - bsc967610: Several occurrences of uninitialized value...

openSUSE: Security Advisory for obs-service-source_validator (openSUSE-SU-2016:1660-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for obs-service-source_validator (openSUSE-SU-2016:1659-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for obs-service-source_validator (important)

obs-service-sourcevalidator was updated to fix one security issue. This security issue was fixed: - CVE-2016-4007: Several maintained source services are vulnerable to code/paramter injection bsc967265. This non-security issue was fixed: - bsc967610: Several occurrences of uninitialized value...

Security update for obs-service-source_validator (important)

obs-service-sourcevalidator was updated to fix one security issue. This security issue was fixed: - CVE-2016-4007: Several maintained source services are vulnerable to code/paramter injection bsc967265. This non-security issue was fixed: - bsc967610: Several occurrences of uninitialized value...

Security update for obs-service-download_files, obs-service-extract_file, obs-service-recompress, obs-service-source_validator, obs-service-verify_file (important)

This update for a number of source services fixes the following issues: - boo967265: Various code/parameter injection issues could have allowed malicious service definition to execute commands or make changes to the user's file system The following source services are affected -...