SUSE-SU-2015:0487-1

See a problem?
Please try reporting it to the source first.

Source

https://www.suse.com/support/update/announcement/2015/suse-su-20150487-1/

Import Source

https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2015:0487-1.json

JSON Data

https://api.test.osv.dev/v1/vulns/SUSE-SU-2015:0487-1

Related

CVE-2015-0778

Published

2015-03-12T15:39:14Z

Modified

2015-03-12T15:39:14Z

Summary

Security update for osc

Details

osc was updated to fix a security issue and some non-security bugs.

osc was updated to 0.151.0, fixing the following vulnerability: * fixed shell command injection via crafted _service files CVE-2015-0778 boo#901643

The following non-security bugs were fixed: * fix times when data comes from OBS backend * support updateing the link in target package for submit requests * various minor bugfixes

References

Affected packages

SUSE:Linux Enterprise Software Development Kit 12 / osc

Package

Name: osc
Purl: pkg:rpm/suse/osc&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.151.0-8.1

Ecosystem specific

{
    "binaries": [
        {
            "osc": "0.151.0-8.1"
        }
    ]
}