Source: open-build-service
Followup-For: Bug #911797
Thanks for the suggestion.
I've opened an issue on upstream:
https://github.com/openSUSE/open-build-service/issues/6166
Explicitly state the scope of support/intended purpose is also a good
idea. As I don't think this package is targeting
On Fri, Oct 26, 2018 at 03:24:27PM +0800, Andrew Lee (李健秋) wrote:
> * CVE-2018-12466 probably not affected:
> - This pointed to the same commit in upstream github. And the url
> provided on the CVE listed vulnerable products that doesn't
> contains OBS 2.7.x:
> https://www.securityfoc
Source: open-build-service
Followup-For: Bug #911797
Hi, Thanks for reporting these. I've checked and found:
* CVE-2018-12477 not affected:
- This is 3rd party that wasn't packaged in our open-build-service
package:
https://github.com/openSUSE/obs-service-refresh_patches
* CVE-2018-12
Source: open-build-service
Severity: grave
Tags: security
Please verify whether these affect OBS as packaged in Debian:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12477
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12478
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-
4 matches
Mail list logo
