Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package patchinfo.15883 for openSUSE:Leap:15.2:Update checked in at 2021-03-06 06:05:22 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Leap:15.2:Update/patchinfo.15883 (Old) and /work/SRC/openSUSE:Leap:15.2:Update/.patchinfo.15883.new.2378 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "patchinfo.15883" Sat Mar 6 06:05:22 2021 rev:1 rq:876307 version:unknown Changes: -------- New Changes file: NO CHANGES FILE!!! New: ---- _patchinfo ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ _patchinfo ++++++ <patchinfo incident="15883"> <issue tracker="cve" id="2020-36241"/> <issue tracker="bnc" id="1181930">VUL-1: CVE-2020-36241: gnome-autoar: directory traversal via a malicious archive that contains a file whose parent is a symbolic link which points outside of the destination directory</issue> <packager>AZhou</packager> <rating>moderate</rating> <category>security</category> <summary>Security update for gnome-autoar</summary> <description>This update for gnome-autoar fixes the following issues: - CVE-2020-36241: Skip problematic files that might be extracted outside of the destination dir to prevent potential directory traversal (bsc#1181930). This update was imported from the SUSE:SLE-15:Update update project.</description> </patchinfo>
