Overview

File _patchinfo of Package patchinfo.5527

<patchinfo incident="5527">
<issue id="1053364" tracker="bnc">VUL-0: CVE-2017-12836: cvs: client code execution via argument injection in SSH URL</issue>
  <issue id="2017-12836" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <description>This update for cvs fixes the following issues:

  - CVE-2017-12836: A leading dash in the argument of the "-d" option could lead to argument injection (bsc#1053364)

  </description>
  <summary>Security update for cvs</summary>
  <packager>jmoellers</packager>
  <name>cvs</name>
</patchinfo>
openSUSE Build Service is sponsored by
Places