Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

openSUSE 2026 0109-1 obs-service-recompress Moderate Vuln 2026-0109-1

opensuse
Calendar Grey March 30, 2026
Dist Opensuse Esm H88
New openSUSE update enhances obs-service-recompress and tar_scm addressing multiple issues. Stay secure!
An update that solves three vulnerabilities and has 10 fixes is now available.

Description

This update for obs-service-recompress, obs-service-tar_scm fixes the

following issues:

Changes in obs-service-tar_scm:

- Update to version 0.11.0:

* Replace deprecated ConfigParser.readfp() with read_file()

* Remove six from all metadata as well.

* Convert all six.assertRaisesRegex to the standard library self. form.

* Remove encoding of the first parameter of subprocess.Popen

- Update to version 0.10.53:

* Add new --extract-rename option

* debian: recommend on brz instead of depending on bzr

- Update to version 0.10.52:

* [archive] fix include/exclude glob to regex conversion

- Update to version 0.10.51:

* [core] new options `--include-re/--exclude-re`

* [tests] disable test_tar_exclude_re and fix warnings

* [core] revert removal of fnmatch

- Update to version 0.10.50:

* remove check if obsinfo is None from tar service

- Update to version 0.10.49:

* add test case to exclude with regex

...

Read the Full Advisory

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP7:

zypper in -t patch openSUSE-2026-109=1

Package List

- openSUSE Backports SLE-15-SP7 (noarch):

obs-service-appimage-0.11.0-bp157.2.1

obs-service-obs_scm-0.11.0-bp157.2.1

obs-service-obs_scm-common-0.11.0-bp157.2.1

obs-service-recompress-0.5.2-bp157.2.1

obs-service-snapcraft-0.11.0-bp157.2.1

obs-service-tar-0.11.0-bp157.2.1

obs-service-tar_scm-0.11.0-bp157.2.1

References

https://www.suse.com/security/cve/CVE-2018-12473.html

https://www.suse.com/security/cve/CVE-2018-12474.html

https://www.suse.com/security/cve/CVE-2018-12476.html

https://bugzilla.suse.com/1076410

https://bugzilla.suse.com/1082696

https://bugzilla.suse.com/1105361

https://bugzilla.suse.com/1107507

https://bugzilla.suse.com/1107944

https://bugzilla.suse.com/1127353

https://bugzilla.suse.com/1127907

https://bugzilla.suse.com/1138377

https://bugzilla.suse.com/1168573

https://bugzilla.suse.com/1212476

https://bugzilla.suse.com/1216361

https://bugzilla.suse.com/927120

https://bugzilla.suse.com/967265

Announcement ID: openSUSE-SU-2026:0109-1
Rating: moderate
Affected Products: openSUSE Backports SLE-15-SP7 le.

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here