[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-OPENSUSE-SU-2024:0226-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":16,"duplicates":17,"related":18,"reserved_at":9,"published_at":20,"modified_at":21,"state":9,"summary":22,"references_raw":24,"kevs":42,"epss":9,"epss_history":43,"metrics":44,"affected":45},"OPENSUSE-SU-2024:0226-1","Security update for gh\n\nThis update for gh fixes the following issues:\n\nUpdate to version 2.53.0:\n\n  * CVE-2024-6104: gh: hashicorp/go-retryablehttp: url might write sensitive information to log file (boo#1227035)\n\n  * Disable `TestGetTrustedRoot/successfully_verifies_TUF_root` test due to https://github.com/cli/cli/issues/8928\n  * Rename package directory and files\n  * Rename package name to `update_branch`\n  * Rename `gh pr update` to `gh pr update-branch`\n  * Add test case for merge conflict error\n  * Handle merge conflict error\n  * Return error if PR is not mergeable\n  * Replace literals with consts for `Mergeable` field values\n  * Add separate type for `PullRequest.Mergeable` field\n  * Remove unused flag\n  * Print message on stdout instead of stderr\n  * Raise error if editor is used in non-tty mode\n  * Add tests for JSON field support on issue and pr view commands\n  * docs: Update documentation for `gh repo create` to clarify owner\n  * Ensure PR does not panic when stateReason is requested\n  * Enable to use --web even though editor is enabled by config\n  * Add editor hint message\n  * Use prefer_editor_prompt config by `issue create`\n  * Add prefer_editor_prompt config\n  * Add `issue create --editor`\n  * Update create.go\n  * gh attestation trusted-root subcommand (#9206)\n  * Fetch variable selected repo relationship when required\n  * Add `createdAt` field to tests\n  * Add `createdAt` field to `Variable` type\n  * Add test for exporting as JSON\n  * Add test for JSON output\n  * Only populate selected repo information for JSON output\n  * Add test to verify JSON exporter gets set\n  * Add `--json` option support\n  * Use `Variable` type defined in `shared` package\n  * Add tests for JSON output\n  * Move `Variable` type and `PopulateSelectedRepositoryInformation` func to shared\n  * Fix query parameter name\n  * Update tests to account for ref comparison step\n  * Improve query variable names\n  * Check if PR branch is already up-to-date\n  * Add `ComparePullRequestBaseBranchWith` function\n  * Run `go mod tidy`\n  * Add test to verify `--repo` requires non-empty selector\n  * Require non-empty selector when `--repo` override is used\n  * Run `go mod tidy`\n  * Register `update` command\n  * Add tests for `pr update` command\n  * Add `pr update` command\n  * Add `UpdatePullRequestBranch` method\n  * Upgrade `shurcooL/githubv4`\n\nUpdate to version 2.52.0:\n\n  * Attestation Verification - Buffer Fix\n  * Remove beta note from attestation top level command\n  * Removed beta note from `gh at download`.\n  * Removed beta note from `gh at verify`, clarified reusable workflows use case.\n  * add `-a` flag to `gh run list`\n",null,[],[],[],[14],{"_key":15},"CVE-2024-6104",[],[],[19],{"_key":15},"2024-07-27T04:01:34Z","2026-02-04T02:42:37.684402Z",{"cisa_kev":23,"cisa_ransomware":23,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[25,32,37],{"url":26,"sources":27,"tags":30},"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/JZM3Q2GOCY2XWQUP7VK2V2KZENX5UIAN/",[28,29],"osv_suse","osv_opensuse",[31],"Advisory",{"url":33,"sources":34,"tags":35},"https://bugzilla.suse.com/1227035",[28,29],[36],"REPORT",{"url":38,"sources":39,"tags":40},"https://www.suse.com/security/cve/CVE-2024-6104",[28,29],[41],"WEB",[],[],[],[46,59],{"ecosystem":47,"name":48,"vendor":49,"product":50,"cpe_part":9,"purl_type":51,"purl_namespace":49,"purl_name":50,"source":9,"versions":52},"openSUSE","gh","opensuse","gh&distro=openSUSE Leap 15.6","rpm",[53],{"version":54,"is_range":55,"range_type":56,"version_start":9,"version_start_type":9,"version_end":57,"version_end_type":58,"fixed_in":9},"lt2_53_0_bp156_2_6_1",true,"ecosystem","2.53.0-bp156.2.6.1","excluding",{"ecosystem":60,"name":48,"vendor":61,"product":62,"cpe_part":9,"purl_type":51,"purl_namespace":61,"purl_name":62,"source":9,"versions":63},"SUSE Linux Enterprise","suse","gh&distro=SUSE Package Hub 15 SP6",[64],{"version":54,"is_range":55,"range_type":56,"version_start":9,"version_start_type":9,"version_end":57,"version_end_type":58,"fixed_in":9}]