SUSE-SU-2018:1736-1

Advisory lineage Upstream: 1 Downstream: 0

Upstream

CVE-2017-1000469

Published: 19 Jun 2018, 13:50

Last modified:04 Feb 2026, 02:50

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

19 Jun 2018, 13:50

Published

Vulnerability first disclosed

04 Feb 2026, 02:50

Last Modified

Vulnerability information updated

Description

Security update for cobbler This update for cobbler fixes the following issues: The following security issue has been fixed: - CVE-2017-1000469: Escape shell parameters provided by the user for the reposync action. (bsc#1074594) Additionally, the following non-security issues have been fixed: - Fix signature for SLES15. (bsc#1075014) - Detect if there is already another instance of 'cobbler sync' running and exit with failure if so. (bsc#1081714) - Add SLES 15 distro profile. (bsc#1090205) - Require tftp(server) instead of atftp.

Affected Systems

suse•cobbler&distro=HPE Helion OpenStack 8
< 2.6.6-49.9.1
suse•cobbler&distro=SUSE Manager Client Tools 12
< 2.6.6-49.9.1
suse•cobbler&distro=SUSE Manager Server 3.0
< 2.6.6-49.9.1
suse•cobbler&distro=SUSE OpenStack Cloud 8
< 2.6.6-49.9.1

SUSE-SU-2018:1736-1

Vulnerability Summary

Timeline

Description

Affected Systems

References (6)