SUSE-SU-2024:4212-1

Details

Description of the patch:

This update for obs-scm-bridge fixes the following issues:

Updated to version 0.5.4:

CVE-2024-22038: Fixed DoS attacks, information leaks with crafted Git repositories (bnc#1230469)

Affected Packages

obs-scm-bridge

SUSE Enterprise Storage 7.1SUSE Linux Enterprise Desktop 15 SP5SUSE Linux Enterprise Desktop 15 SP6SUSE Linux Enterprise High Performance Computing 15 SP2SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS

Fixed in:

0.5.4-150100.3.6.1

References

ADVISORY

https://bugzilla.suse.com/1230469

ADVISORY

https://lists.suse.com/pipermail/sle-security-updates/2024-December/019937.html

ADVISORY

https://www.suse.com/security/cve/CVE-2024-22038/

WEB

https://www.suse.com/support/security/rating/

ADVISORY

https://www.suse.com/support/update/announcement/2024/suse-su-20244212-1/