Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP4:Update
patchinfo.7535
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.7535
<patchinfo incident="7535"> <category>security</category> <rating>moderate</rating> <packager>BenniBrunner</packager> <summary>Security update for cobbler</summary> <description>This update for cobbler fixes the following issues: The following security issue has been fixed: - CVE-2017-1000469: Escape shell parameters provided by the user for the reposync action. (bsc#1074594) Additionally, the following non-security issues have been fixed: - Fix signature for SLES15. (bsc#1075014) - Detect if there is already another instance of "cobbler sync" running and exit with failure if so. (bsc#1081714) - Add SLES 15 distro profile. (bsc#1090205) - Require tftp(server) instead of atftp. </description> <issue tracker="cve" id="2017-1000469"/> <issue id="1074594" tracker="bnc">CVE-2017-1000469: cobbler: command injection vulnerability in the "add repo" component</issue> <issue id="1075014" tracker="bnc">Cobbler import of SLES 15 iso is failing</issue> <issue id="1081714" tracker="bnc">L3: cobbler sync fails sporadically when run after a cobbler system add</issue> <issue id="1090205" tracker="bnc">Autoinstallation error</issue> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor