Control: forwarded -1 https://pagure.io/koji/issue/850
Hi There is some further information on that issue in the upstrema bug at https://pagure.io/koji/issue/850 and the https://docs.pagure.org/koji/CVE-2018-1002150/ . Versions prior to 1.12.0 are not vulnerable because they do not have the dist-repo feature. Regards, Salvatore
