particle-os/debian-koji
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
debian-koji/docs/source/CVEs/CVE-2017-1002153.rst
Tomas Kopecek 989829eb79 split docs to subdirectories 
Fixes: https://pagure.io/koji/issue/1715
2019-11-07 11:31:54 -05:00

26 lines
527 B
ReStructuredText
Raw Blame History

================
CVE-2017-1002153
================
Koji 1.13.0 does not properly validate SCM paths.
Summary
-------
Koji 1.13.0 does not properly validate SCM paths, allowing an attacker to work around blacklisted paths for build submission.
Bug fix
-------
Koji versions 1.14.0 and forward contain the fix.
This bug was tracked as `issue#563 <https://pagure.io/koji/issue/563>`_
Links
-----
Fixed versions can be found at our releases page:
`https://pagure.io/koji/releases <https://pagure.io/koji/releases>`_
Reference in a new issue View git blame Copy permalink