[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-OPENSUSE-SU-2020:0377-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T20:55:29.923Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":16,"duplicates":17,"related":18,"reserved_at":9,"published_at":20,"modified_at":21,"state":9,"summary":22,"references_raw":24,"kevs":45,"epss":9,"epss_history":46,"metrics":47,"affected":48},"OPENSUSE-SU-2020:0377-1","Security update for skopeo\n\nThis update for skopeo fixes the following issues:\n\nUpdate to skopeo v0.1.41 (bsc#1165715):\n\n- Bump github.com/containers/image/v5 from 5.2.0 to 5.2.1\n- Bump gopkg.in/yaml.v2 from 2.2.7 to 2.2.8\n- Bump github.com/containers/common from 0.0.7 to 0.1.4\n- Remove the reference to openshift/api\n- vendor github.com/containers/image/v5@v5.2.0\n- Manually update buildah to v1.13.1\n- add specific authfile options to copy (and sync) command.\n- Bump github.com/containers/buildah from 1.11.6 to 1.12.0\n- Add context to --encryption-key / --decryption-key processing\n  failures\n- Bump github.com/containers/storage from 1.15.2 to 1.15.3\n- Bump github.com/containers/buildah from 1.11.5 to 1.11.6\n- remove direct reference on c/image/storage\n- Makefile: set GOBIN\n- Bump gopkg.in/yaml.v2 from 2.2.2 to 2.2.7\n- Bump github.com/containers/storage from 1.15.1 to 1.15.2\n- Introduce the sync command\n- openshift cluster: remove .docker directory on teardown\n- Bump github.com/containers/storage from 1.14.0 to 1.15.1\n- document installation via apk on alpine\n- Fix typos in doc for image encryption\n- Image encryption/decryption support in skopeo\n- make vendor-in-container\n- Bump github.com/containers/buildah from 1.11.4 to 1.11.5\n- Travis: use go v1.13\n- Use a Windows Nano Server image instead of Server Core for\n  multi-arch testing\n- Increase test timeout to 15 minutes\n- Run the test-system container without --net=host\n- Mount /run/systemd/journal/socket into test-system containers\n- Don't unnecessarily filter out vendor from (go list ./...)\n  output\n- Use -mod=vendor in (go {list,test,vet})\n- Bump github.com/containers/buildah from 1.8.4 to 1.11.4\n- Bump github.com/urfave/cli from 1.20.0 to 1.22.1\n- skopeo: drop support for ostree\n- Don't critically fail on a 403 when listing tags\n- Revert 'Temporarily work around auth.json location confusion'\n- Remove references to atomic\n- Remove references to storage.conf\n- Dockerfile: use golang-github-cpuguy83-go-md2man\n- bump version to v0.1.41-dev\n- systemtest: inspect container image different from current\n  platform arch\n\nChanges in v0.1.40:\n\n- vendor containers/image v5.0.0\n- copy: add a --all/-a flag\n- System tests: various fixes\n- Temporarily work around auth.json location confusion\n- systemtest: copy: docker->storage->oci-archive\n- systemtest/010-inspect.bats: require only PATH\n- systemtest: add simple env test in inspect.bats\n- bash completion: add comments to keep scattered options in sync\n- bash completion: use read -r instead of disabling SC2207\n- bash completion: support --opt arg completion\n- bash-completion: use replacement instead of sed\n- bash completion: disable shellcheck SC2207\n- bash completion: double-quote to avoid re-splitting\n- bash completions: use bash replacement instead of sed\n- bash completion: remove unused variable\n- bash-completions: split decl and assignment to avoid masking\n  retvals\n- bash completion: double-quote fixes\n- bash completion: hard-set PROG=skopeo\n- bash completion: remove unused variable\n- bash completion: use `||` instead of `-o`\n- bash completion: rm eval on assigned variable\n- copy: add --dest-compress-format and --dest-compress-level\n- flag: add optionalIntValue\n- Makefile: use go proxy\n- inspect --raw: skip the NewImage() step\n- update OCI image-spec to\n  775207bd45b6cb8153ce218cc59351799217451f\n- inspect.go: inspect env variables\n- ostree: use both image and & storage buildtags\n\n\nUpdate to skopeo v0.1.39 (bsc#1159530):\n\n- inspect: add a --config flag\n- Add --no-creds flag to skopeo inspect\n- Add --quiet option to skopeo copy\n- New progress bars\n- Parallel Pulls and Pushes for major speed improvements\n- containers/image moved to a new progress-bar library to fix various\n  issues related to overlapping bars and redundant entries.\n- enforce blocking of registries\n- Allow storage-multiple-manifests\n- When copying images and the output is not a tty (e.g., when piping to a\n  file) print single lines instead of using progress bars. This avoids\n  long and hard to parse output\n- man pages: add --dest-oci-accept-uncompressed-layers\n- completions: \n  - Introduce transports completions\n  - Fix bash completions when a option requires a argument\n  - Use only spaces in indent\n   - Fix completions with a global option\n  - add --dest-oci-accept-uncompressed-layers\n\nThis update was imported from the SUSE:SLE-15:Update update project.",null,[],[],[],[14],{"_key":15},"CVE-2019-10214",[],[],[19],{"_key":15},"2020-03-25T09:19:16Z","2026-02-04T02:34:15.776105Z",{"cisa_kev":23,"cisa_ransomware":23,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[25,31,36,40],{"url":26,"sources":27,"tags":29},"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/4ILBJ4PWG72SOBVPDNPC2K2KBEYLGL36/",[28],"osv_opensuse",[30],"Advisory",{"url":32,"sources":33,"tags":34},"https://bugzilla.suse.com/1159530",[28],[35],"REPORT",{"url":37,"sources":38,"tags":39},"https://bugzilla.suse.com/1165715",[28],[35],{"url":41,"sources":42,"tags":43},"https://www.suse.com/security/cve/CVE-2019-10214",[28],[44],"WEB",[],[],[],[49],{"ecosystem":50,"name":51,"vendor":52,"product":53,"cpe_part":9,"purl_type":54,"purl_namespace":52,"purl_name":53,"source":9,"versions":55},"openSUSE","skopeo","opensuse","skopeo&distro=openSUSE Leap 15.1","rpm",[56],{"version":57,"is_range":58,"range_type":59,"version_start":9,"version_start_type":9,"version_end":60,"version_end_type":61,"fixed_in":9},"lt0_1_41_lp151_2_6_1",true,"ecosystem","0.1.41-lp151.2.6.1","excluding"]