Mailinglist Archive: opensuse-buildservice (137 mails)

< Previous Next >
Re: [opensuse-buildservice] OBS 2.1.15 released, fixing security issue
Hi,

but now bs_srcserver is broken.
Global symbol "$cicount" requires explicit package name at /usr/lib/obs/server//bs_srcserver line 1308.

line 1308: die("illegal cicount\n") unless $cicount eq 'copy' || $cicount eq 'add' || $cicount eq 'local';

$cicount is used here without initialisation :(
initialisation is made some lines later.

line 1348: my $cicount = $l->{'cicount'} || 'add';

so where does it come from ?

Cheers
Chris


Am 02.12.2011 13:03, schrieb Adrian Schröter:
We did another 2.1 OBS release, fixing a security issue tracked
as issue CVE-2011-4181.

OBS 2.1 versions are affected when "sourceaccess" protection is
used on package base (not entire projects). The access to package
source was possible nevertheless.

OBS 2.0 and before is not affected.

OBS 2.1.15 can be found in openSUSE:Tools:2.1 project:

https://build.opensuse.org/project/show?project=openSUSE%3ATools%3A2.1

and is tagged in git.


--

Christian
----------------------------------------------------
- Please do not 'CC' me on list mails.
Just reply to the list :)
----------------------------------------------------
Der ultimative shop für Sportbekleidung und Zubehör

http://www.sc24.de
----------------------------------------------------

--
To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-buildservice+owner@xxxxxxxxxxxx

< Previous Next >
Follow Ups
References