OBS 2.6.10 released =================== This release fixes CVE-2016-6316 in an OBS related dependency (rails, actionview). You can read about the details in the rails security group: https://groups.google.com/forum/#!topic/ruby-security-ann/8B2iV2tPRSE. Furthermore it includes several bugfixes which are stated in the Release Notes. Updaters from any OBS 2.6 release can just upgrade the packages and restart all services. Updaters from former releases should read the README.UPDATERS file. OBS update are available from the following projects: https://build.opensuse.org/project/show/OBS:Server:2.6 The appliance can be downloaded from http://openbuildservice.org/download Details from the Release Notes of 2.6.10: ========================================= Feature backports: ================== * [backend] hook to add scripts on un-publishing Changes: ======== * none Bugfixes: ========= * [webui] fixing redirection after login * [webui] fixes for monitor page * [webui][api] Fixes CVE-2016-6316 in rubygem-actionview * [api] support handling of no_proxy settings * [backend] support handling of no_proxy settings * [backend] fixing servicemark collisions if projects gets deleted and recreated with the same name * [backend] avoid rebuild after project copy with binaries * [backend] worker do support jobs from OBS 2.8 servers -- Christian Bruckmayer SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton, HRB 21284 (AG Nürnberg) Maxfeldstraße 5 90409 Nürnberg Germany -- To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-buildservice+owner@opensuse.org