Mailinglist Archive: opensuse-buildservice (100 mails)

< Previous Next >
[opensuse-buildservice] Open Build Service (OBS) 2.6.9 released
  • From: Christian Bruckmayer <cbruckmayer@xxxxxxx>
  • Date: Tue, 8 Mar 2016 11:25:37 +0100
  • Message-id: <56DEA8A1.8020706@suse.de>
OBS 2.6.9 released
==================

This release fixes two important CVEs in OBS related dependencies
(rails, actionview, actionpack). The related CVEs are stated in the
Release Notes. For more information, please see this blog article from
the official rails website:
http://weblog.rubyonrails.org/2016/2/29/Rails-4-2-5-2-4-1-14-2-3-2-22-2-have-been-released/

OBS 2.5 and 2.4 are also affected, but not yet fixed.

Updaters from any OBS 2.6 release can just ugrade the packages
and restart all services. Updaters from former releases should
read the README.UPDATERS file.

OBS update are available from the following projects:

https://build.opensuse.org/project/show/OBS:Server:2.6

The appliance can be downloaded from

http://openbuildservice.org/download

Details from the Release Notes of 2.6.8:
========================================

Feature backports:
==================

* none

Changes:
========

* none

Bugfixes:
=========

* [webui] Update rails to version 4.1.14.2 to fix several security
issues (CVE-2016-2097, CVE-2016-2098)
* [webui] Fixes repositories tab that does not show additional repositories

* [backend] Finally fix local building inside a project on a remote OBS
instance
--
--
To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-buildservice+owner@xxxxxxxxxxxx

< Previous Next >
Follow Ups