Release OBS 1.7.7 and OBS 2.0.7 are fixing security issues · openSUSE/open-build-service

The new versions of OBS 1.7 and 2.0 are fixing a security issue,
tracked as CVE-2010-3782, which allowed users independent of
their state to work via the api. The api is blocking now
all users, who are not in state "confirmed".

The user creation is also now dis-allowed, if LDAP or iChain
athentification mode is used.

In addition OBS 2.0.7 is fixing an issue when branching package sources
via project links.

Packages and appliances are available in openSUSE:Tools:2.0 and
openSUSE:Tools:1.7 projects:

http://download.opensuse.org/repositories/openSUSE:/Tools:/2.0/
http://download.opensuse.org/repositories/openSUSE:/Tools:/1.7/

openSUSE:Tools project will get the 2.1 release tomorrow, which is fixing this
issue also.

Adrian Schroeter
SUSE Linux Products GmbH
email: adrian@suse.de

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

OBS 1.7.7 and OBS 2.0.7 are fixing security issues

openSUSE:Tools project will get the 2.1 release tomorrow, which is fixing this
issue also.

OBS 1.7.7 and OBS 2.0.7 are fixing security issues

openSUSE:Tools project will get the 2.1 release tomorrow, which is fixing this issue also.

openSUSE:Tools project will get the 2.1 release tomorrow, which is fixing this
issue also.