Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Fedora 20 FEDORA-2015-4549 Critical: osc Shell Injection Threat

fedora
Calendar Grey April 5, 2015
Dist Fedora Esm H88
Fedora 20 has issued a crucial security update for CVE-2015-0778, enabling users to secure sensitive data by updating their systems without delay
Security fix for CVE-2015-0778

Summary

Commandline client for the openSUSE Build Service.

See https://en.opensuse.org/openSUSE:OSC , as well as

https://en.opensuse.org/openSUSE:Build_Service_Tutorial for a general

introduction.

Update Information:

Security fix for CVE-2015-0778

Topics%20covered

Topics Covered

security advisory Fedora critical fix shell injection osc

Change Log

* Tue Feb 24 2015 Miroslav Suchý 0.151.1-163.2.1 - rebase to 0.140.1 - fixed shell command injection via crafted _service files CVE-2015-0778 * Sat Jun 7 2014 Fedora Release Engineering - 0.140.1-109.1.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild

References


[ 1 ] Bug #1201773 - CVE-2015-0778 osc: osc _service file shell injection flaw https://bugzilla.redhat.com/show_bug.cgi?id=1201773

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update osc' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
critical
Lowest
Low
Medium
High
Critical

Name: osc
Product: Fedora 20
Version: 0.151.1
Release: 163.2.1.fc20
URL: https://github.com/openSUSE/osc
Summary: The openSUSE Build Service Commander

Topics%20covered

Topics Covered

security advisory Fedora critical fix shell injection osc

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here