CVE-2011-4181

NameCVE-2011-4181
DescriptionA vulnerability in open build service allows remote attackers to gain access to source files even though source access is disabled. Affected releases are SUSE open build service up to and including version 2.1.15 (for 2.1) and before version 2.3.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
open-build-service (PTS)bookworm2.9.4-9fixed
sid, trixie2.9.4-10fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
open-build-servicesource(unstable)(not affected)

Notes

- open-build-service <not-affected> (Fixed before initial upload to Debian)
https://bugzilla.suse.com/show_bug.cgi?id=734003
https://github.com/openSUSE/open-build-service/commit/5281e4bff9df31f1f91e22a0d1e9086b93b23d7e
Search for package or bug name: Reporting problems