OBS 2.10.5 released
This is fixing a security issue if you rely on hiding sources
in your instance. A package update will be enough to fix
a running instance.
* CVE-2020-8021: unauthorized read access to files where sourceacess
is disabled via a crafted _service (bsc#1171649)
* Version numbers of appliances got fixed.
Kudos to Marcus Hüwe who found and fixed the issue.
Thanks a lot!
Fixes from 2.10.4 and 2.10.3 (unanounced)
* CVE-2020-8020: Possible stored XSS attack on comments markdown
* Support recent MySQL/MariaDB releases
* Fix redis service restart behaviour
* Support for SLES 15 SP2 as host system
SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton, HRB 21284 (AG
To unsubscribe, e-mail: opensuse-buildservice+unsubscribe(a)opensuse.org
To contact the owner, e-mail: opensuse-buildservice+owner(a)opensuse.org
Show replies by date