Release | Version |
---|---|
jessie | 0.149.0-2 |
stretch | 0.156.0-1 |
buster | 0.164.2-1 |
bullseye | 0.169.1-1 |
bookworm | 0.169.1-2 |
trixie | 0.169.1-2 |
sid | 0.169.1-2 |
Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
---|---|---|---|---|---|---|---|---|
CVE-2019-3681 | vulnerable | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | A External Control of File Name or Path vulnerability in osc of SUSE L ... |
CVE-2017-9274 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | fixed | A shell command injection in the obs-service-source_validator before 0 ... |
Bug | Description |
---|---|
CVE-2019-3685 | Open Build Service before version 0.165.4 diddn't validate TLS certifi ... |
CVE-2015-0778 | osc before 0.151.0 allows remote attackers to execute arbitrary comman ... |
CVE-2012-1095 | osc before 0.134 might allow remote OBS repository servers or package ... |