[opensuse-buildservice] Open Build Service (OBS) 2.9.5 released - openSUSE Build Service

9 Oct 2018


      OBS 2.9.5 released
==================
This release is fixing in first place an issue with creating
requests with IDs, tracked in bnc#1108435 and CVE-2018-12479.
The issue exists in the API request creation functionality which can
be misused to DOS creating new requests.
Updaters from any OBS 2.9 release can just ugrade the packages
and restart all services. Updaters from former releases should
read the README.UPDATERS file.
OBS update are available from the following projects:
https://build.opensuse.org/project/show/OBS:Server:2.9
The appliance can be downloaded from
http://openbuildservice.org/download
Details from the Release Notes of 2.9.5:
========================================
Bugfixes
========
Frontend:
  * Do not allow null characters in comments
  * Prevent creation of a request with an ID attribute
Backend:
  * avoid wipebinaries in locked projects
  * fixes for new genmeta scheduling strategy
  * fixed usage of preinstallimages
Features
========
Backend:
  * obs_admin can trigger DoD repository meta data updates via
    --recheck-dod option
Have a lot of fun with the release,
Henne
-- 
Henne Vogelsang
http://www.opensuse.org
Everybody has a plan, until they get hit.
    - Mike Tyson
-- 
To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org
To contact the owner, e-mail: opensuse-buildservice+owner@opensuse.org