[Bug 1122675] VUL-0: CVE-2019-3681: osc: stores downloaded (supposed) RPM in network-controlled filesystem paths

http://bugzilla.suse.com/show_bug.cgi?id=1122675 http://bugzilla.suse.com/show_bug.cgi?id=1122675#c15 --- Comment #15 from Swamp Workflow Management --- SUSE-SU-2020:1528-1: An update that fixes one vulnerability is now available. Category: security (moderate) Bug References: 1122675 CVE References: CVE-2019-3681 Sources used: SUSE Linux Enterprise Software Development Kit 12-SP5 (src): osc-0.162.1-15.9.1 SUSE Linux Enterprise Software Development Kit 12-SP4 (src): osc-0.162.1-15.9.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination. -- You are receiving this mail because: You are on the CC list for the bug.