SUSE-SU-2018:1736-1

Import Source

JSON Data

https://api.osv.dev/v1/vulns/SUSE-SU-2018:1736-1

Related

Published

2018-06-19T13:50:31Z

Modified

2018-06-19T13:50:31Z

Summary

Security update for cobbler

Details

This update for cobbler fixes the following issues:

The following security issue has been fixed:

CVE-2017-1000469: Escape shell parameters provided by the user for the reposync action. (bsc#1074594)

Additionally, the following non-security issues have been fixed:

Fix signature for SLES15. (bsc#1075014)
Detect if there is already another instance of 'cobbler sync' running and exit with failure if so. (bsc#1081714)
Add SLES 15 distro profile. (bsc#1090205)
Require tftp(server) instead of atftp.

References

Affected packages

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.6.6-49.9.1

{
    "binaries": [
        {
            "cobbler": "2.6.6-49.9.1"
        }
    ]
}

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.6.6-49.9.1

{
    "binaries": [
        {
            "cobbler": "2.6.6-49.9.1"
        }
    ]
}

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.6.6-49.9.1

{
    "binaries": [
        {
            "koan": "2.6.6-49.9.1"
        }
    ]
}

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.6.6-49.9.1

{
    "binaries": [
        {
            "cobbler": "2.6.6-49.9.1"
        }
    ]
}