Security update for osc
This update for osc to 0.169.1 fixes the following issues:
Security issue fixed:
- CVE-2019-3681: Fixed an insufficient validation of network-controlled filesystem paths (bsc#1122675).
Non-security issues fixed:
- Improved the speed and usability of osc bash completion.
- improved some error messages.
- osc add: support git@ (private github) or git:// URLs correctly.
- Split dependson and whatdependson commands.
- Added support for osc build --shell-cmd.
- Added pkg-ccache support for osc build.
- Added --ccache option to osc getbinaries
This update was imported from the SUSE:SLE-15-SP1:Update update project.
-
Submitted by
Marco Strigl (mstrigl)
Fixed bugs
bnc#1122675
VUL-0: CVE-2019-3681: osc: stores downloaded (supposed) RPM in network-controlled filesystem paths
