| Release | Version |
|---|---|
| bullseye | 0.169.1-1 |
| bookworm | 0.169.1-2 |
| trixie | 1.11.1-1 |
| sid | 1.11.1-1 |
| Bug | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|
| CVE-2024-22034 | vulnerable (no DSA, postponed) | vulnerable (no DSA) | fixed | fixed | Attackers could put the special files in .osc into the actual package ... |
| Bug | Description |
|---|---|
| CVE-2019-3685 | Open Build Service before version 0.165.4 diddn't validate TLS certifi ... |
| CVE-2019-3681 | A External Control of File Name or Path vulnerability in osc of SUSE L ... |
| CVE-2017-9274 | A shell command injection in the obs-service-source_validator before 0 ... |
| CVE-2015-0778 | osc before 0.151.0 allows remote attackers to execute arbitrary comman ... |
| CVE-2012-1095 | osc before 0.134 might allow remote OBS repository servers or package ... |