| Release | Version |
|---|---|
| buster | 0.164.2-1 |
| bullseye | 0.169.1-1 |
| bookworm | 0.169.1-2 |
| trixie | 0.169.1-2 |
| sid | 0.169.1-2 |
| Bug | buster | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|---|
| CVE-2019-3681 | vulnerable (no DSA) | fixed | fixed | fixed | fixed | A External Control of File Name or Path vulnerability in osc of SUSE L ... |
| Bug | Description |
|---|---|
| CVE-2019-3685 | Open Build Service before version 0.165.4 diddn't validate TLS certifi ... |
| CVE-2017-9274 | A shell command injection in the obs-service-source_validator before 0 ... |
| CVE-2015-0778 | osc before 0.151.0 allows remote attackers to execute arbitrary comman ... |
| CVE-2012-1095 | osc before 0.134 might allow remote OBS repository servers or package ... |