Register | Log in

osc

Open Build Service commander

Choose email to subscribe with

general

source: osc (main)
version: 0.168.2-2
maintainer: RPM packaging team (DMD)
uploaders: Andrej Shadura [DMD]
arch: all
std-ver: 4.5.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 0.149.0-2
oldstable: 0.156.0-1
stable: 0.164.2-1
testing: 0.168.2-2
unstable: 0.168.2-2

versioned links

0.149.0-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.156.0-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.164.2-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.168.2-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

osc

action needed

A new upstream version is available: 0.169.1 high

A new upstream version 0.169.1 is available, you should consider packaging it.

Created: 2020-06-29 Last update: 2020-10-30 01:06

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2019-3681: A External Control of File Name or Path vulnerability in osc of SUSE Linux Enterprise Module for Development Tools 15, SUSE Linux Enterprise Software Development Kit 12-SP5, SUSE Linux Enterprise Software Development Kit 12-SP4; openSUSE Leap 15.1, openSUSE Factory allowed remote attackers that can change downloaded packages to overwrite arbitrary files. This issue affects: SUSE Linux Enterprise Module for Development Tools 15 osc versions prior to 0.169.1-3.20.1. SUSE Linux Enterprise Software Development Kit 12-SP5 osc versions prior to 0.162.1-15.9.1. SUSE Linux Enterprise Software Development Kit 12-SP4 osc versions prior to 0.162.1-15.9.1. openSUSE Leap 15.1 osc versions prior to 0.169.1-lp151.2.15.1. openSUSE Factory osc versions prior to 0.169.0 .

Please fix it.

Created: 2020-09-09 Last update: 2020-10-05 07:07

1 security issue in bullseye high

There is 1 open security issue in bullseye.

1 important issue:

CVE-2019-3681: A External Control of File Name or Path vulnerability in osc of SUSE Linux Enterprise Module for Development Tools 15, SUSE Linux Enterprise Software Development Kit 12-SP5, SUSE Linux Enterprise Software Development Kit 12-SP4; openSUSE Leap 15.1, openSUSE Factory allowed remote attackers that can change downloaded packages to overwrite arbitrary files. This issue affects: SUSE Linux Enterprise Module for Development Tools 15 osc versions prior to 0.169.1-3.20.1. SUSE Linux Enterprise Software Development Kit 12-SP5 osc versions prior to 0.162.1-15.9.1. SUSE Linux Enterprise Software Development Kit 12-SP4 osc versions prior to 0.162.1-15.9.1. openSUSE Leap 15.1 osc versions prior to 0.169.1-lp151.2.15.1. openSUSE Factory osc versions prior to 0.169.0 .

Please fix it.

Created: 2020-09-09 Last update: 2020-10-05 07:07

Depends on packages which need a new maintainer normal

The packages that osc depends on which need a new maintainer are:

dh-exec (#851746)
- Build-Depends: dh-exec
rpm (#923352)
- Recommends: python3-rpm rpm2cpio

Created: 2019-11-22 Last update: 2020-10-30 06:07

lintian reports 1 warning normal

Lintian reports 1 warning about this package. You should make the package lintian clean getting rid of them.

Created: 2020-07-29 Last update: 2020-09-21 06:03

2 ignored security issues in stretch low

There are 2 open security issues in stretch.

2 issues skipped by the security teams:

CVE-2017-9274: A shell command injection in the obs-service-source_validator before 0.7 could be used to execute code as the packager when checking RPM SPEC files with specific macro constructs.
CVE-2019-3681: A External Control of File Name or Path vulnerability in osc of SUSE Linux Enterprise Module for Development Tools 15, SUSE Linux Enterprise Software Development Kit 12-SP5, SUSE Linux Enterprise Software Development Kit 12-SP4; openSUSE Leap 15.1, openSUSE Factory allowed remote attackers that can change downloaded packages to overwrite arbitrary files. This issue affects: SUSE Linux Enterprise Module for Development Tools 15 osc versions prior to 0.169.1-3.20.1. SUSE Linux Enterprise Software Development Kit 12-SP5 osc versions prior to 0.162.1-15.9.1. SUSE Linux Enterprise Software Development Kit 12-SP4 osc versions prior to 0.162.1-15.9.1. openSUSE Leap 15.1 osc versions prior to 0.169.1-lp151.2.15.1. openSUSE Factory osc versions prior to 0.169.0 .

Please fix them.

Created: 2018-01-13 Last update: 2020-10-05 07:07

1 ignored security issue in buster low

There is 1 open security issue in buster.

1 issue skipped by the security teams:

CVE-2019-3681: A External Control of File Name or Path vulnerability in osc of SUSE Linux Enterprise Module for Development Tools 15, SUSE Linux Enterprise Software Development Kit 12-SP5, SUSE Linux Enterprise Software Development Kit 12-SP4; openSUSE Leap 15.1, openSUSE Factory allowed remote attackers that can change downloaded packages to overwrite arbitrary files. This issue affects: SUSE Linux Enterprise Module for Development Tools 15 osc versions prior to 0.169.1-3.20.1. SUSE Linux Enterprise Software Development Kit 12-SP5 osc versions prior to 0.162.1-15.9.1. SUSE Linux Enterprise Software Development Kit 12-SP4 osc versions prior to 0.162.1-15.9.1. openSUSE Leap 15.1 osc versions prior to 0.169.1-lp151.2.15.1. openSUSE Factory osc versions prior to 0.169.0 .

Please fix it.

Created: 2020-09-09 Last update: 2020-10-05 07:07

news

[2020-10-05] osc 0.168.2-2 MIGRATED to testing (Debian testing watch)
[2020-09-30] Accepted osc 0.168.2-2 (source) into unstable (Andrej Shadura) (signed by: Andrew Shadura)
[2020-04-19] osc 0.168.2-1 MIGRATED to testing (Debian testing watch)
[2020-04-13] Accepted osc 0.168.2-1 (source) into unstable (Andrej Shadura) (signed by: Andrew Shadura)
[2019-12-28] osc 0.167.1-1 MIGRATED to testing (Debian testing watch)
[2019-12-23] Accepted osc 0.167.1-1 (source) into unstable (Andrej Shadura) (signed by: Andrew Shadura)
[2019-12-19] Accepted osc 0.165.4-1 (source) into unstable (Dimitri John Ledkov)
[2019-12-19] Accepted osc 0.164.2-2 (source) into unstable (Dimitri John Ledkov)
[2019-02-27] osc 0.164.2-1 MIGRATED to testing (Debian testing watch)
[2019-02-17] Accepted osc 0.164.2-1 (source) into unstable (Michal Čihař)
[2018-10-23] osc 0.163.0-1 MIGRATED to testing (Debian testing watch)
[2018-10-18] Accepted osc 0.163.0-1 (source) into unstable (Michal Čihař)
[2018-06-05] osc 0.162.1-3 MIGRATED to testing (Debian testing watch)
[2018-05-31] Accepted osc 0.162.1-3 (source) into unstable (Michal Čihař)
[2018-05-29] osc 0.162.1-2 MIGRATED to testing (Debian testing watch)
[2018-05-24] Accepted osc 0.162.1-2 (source) into unstable (Michal Čihař)
[2018-01-28] osc 0.162.1-1 MIGRATED to testing (Debian testing watch)
[2018-01-23] Accepted osc 0.162.1-1 (source) into unstable (Michal Čihař)
[2017-11-23] osc 0.161.1-1 MIGRATED to testing (Debian testing watch)
[2017-11-17] Accepted osc 0.161.1-1 (source) into unstable (Michal Čihař)
[2017-10-07] osc 0.160.0-1 MIGRATED to testing (Debian testing watch)
[2017-10-02] Accepted osc 0.160.0-1 (source) into unstable (Michal Čihař)
[2017-08-13] osc 0.159.0-1 MIGRATED to testing (Debian testing watch)
[2017-08-07] Accepted osc 0.159.0-1 (source) into unstable (Michal Čihař)
[2017-07-16] osc 0.158.0-1 MIGRATED to testing (Debian testing watch)
[2017-07-10] Accepted osc 0.158.0-1 (source all) into unstable (Michal Čihař)
[2017-01-01] osc 0.156.0-1 MIGRATED to testing (Debian testing watch)
[2016-12-21] Accepted osc 0.156.0-1 (source) into unstable (Michal Čihař)
[2016-09-26] osc 0.155.1-1 MIGRATED to testing (Debian testing watch)
[2016-09-20] Accepted osc 0.155.1-1 (source all) into unstable (Michal Čihař)

1
2

bugs [bug history graph]

all: 1
RC: 0
I&N: 1
M&W: 0
F&P: 0
patch: 0

links

homepage
lintian (0, 1)
buildd: logs, clang, reproducibility
popcon
browse source code
edit tags
other distros
security tracker
screenshots

ubuntu

[Information about Ubuntu for Debian Developers]

version: 0.168.2-2
2 bugs

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Bugs — Git Repository — Contributing