CVE-2017-9274
CVE-2017-9274 describes a shell command injection in the OpenBuild/OpenSUSE component obs-service-source_validator (before version 0.7 ). The underlying issue allows an attacker to execute arbitrary code as the packager when validating RPM SPEC files that use specific macro constructs. Multiple c...