OBS 2.10.5 released ===================

This is fixing a security issue if you rely on hiding sources in your instance. A package update will be enough to fix a running instance.

Backend: * CVE-2020-8021: unauthorized read access to files where sourceacess is disabled via a crafted _service (bsc#1171649)

Shipment: * Version numbers of appliances got fixed.

Kudos to Marcus Hüwe who found and fixed the issue. Thanks a lot!

Fixes from 2.10.4 and 2.10.3 (unanounced) =========================================

Frontend: * CVE-2020-8020: Possible stored XSS attack on comments markdown * Support recent MySQL/MariaDB releases

Backend: * Fix redis service restart behaviour

Shipment: * Support for SLES 15 SP2 as host system