Control: forwarded -1 https://pagure.io/koji/issue/850
Hi
There is some further information on that issue in the upstrema bug at
https://pagure.io/koji/issue/850 and the
https://docs.pagure.org/koji/CVE-2018-1002150/ . Versions prior to
1.12.0 are not vulnerable because they do not have the dist-
Source: koji
Version: 1.10.0-1
Severity: important
Tags: security upstream patch
Hi,
the following vulnerability was published for koji.
CVE-2017-1002153[0]:
| Koji 1.13.0 does not properly validate SCM paths, allowing an attacker
| to work around blacklisted paths for build submission.
If you
