The build package prior to 20171128 did not check directory names during extraction of build results that allowed untrusted builds to write outside of the target system,allowing escape out of buildroots.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
suse linux enterprise software development kit 12 |
||
suse linux enterprise software development kit 11 |
||
opensuse leap 42.3 |
||
opensuse leap 42.2 |