OPENSUSE-SU-2020:1478-1
Vulnerability from csaf_opensuse - Published: 2020-09-19 22:23 - Updated: 2020-09-19 22:23Summary
Security update for fossil
Notes
Title of the patch
Security update for fossil
Description of the patch
This update for fossil fixes the following issues:
- fossil 2.12.1:
* CVE-2020-24614: Remote authenticated users with check-in or
administrative privileges could have executed arbitrary code
[boo#1175760]
* Security fix in the 'fossil git export' command. New
'safety-net' features were added to prevent similar problems
in the future.
* Enhancements to the graph display for cases when there are
many cherry-pick merges into a single check-in. Example
* Enhance the fossil open command with the new --workdir option
and the ability to accept a URL as the repository name,
causing the remote repository to be cloned automatically. Do
not allow 'fossil open' to open in a non-empty working
directory unless the --keep option or the new --force option
is used.
* Enhance the markdown formatter to more closely follow the
CommonMark specification with regard to text
highlighting. Underscores in the middle of identifiers (ex:
fossil_printf()) no longer need to be escaped.
* The markdown-to-html translator can prevent unsafe HTML (for
example: <script>) on user-contributed pages like forum and
tickets and wiki. The admin can adjust this behavior using the
safe-html setting on the Admin/Wiki page. The default is to
disallow unsafe HTML everywhere.
* Added the 'collapse' and 'expand' capability for long forum
posts.
* The 'fossil remote' command now has options for specifying
multiple persistent remotes with symbolic names. Currently
only one remote can be used at a time, but that might change
in the future.
* Add the 'Remember me?' checkbox on the login page. Use a
session cookie for the login if it is not checked.
* Added the experimental 'fossil hook' command for managing
'hook scripts' that run before checkin or after a push.
* Enhance the fossil revert command so that it is able to revert
all files beneath a directory.
* Add the fossil bisect skip command.
* Add the fossil backup command.
* Enhance fossil bisect ui so that it shows all unchecked
check-ins in between the innermost 'good' and 'bad' check-ins.
* Added the --reset flag to the 'fossil add', 'fossil rm', and
'fossil addremove' commands.
* Added the '--min N' and '--logfile FILENAME' flags to the
backoffice command, as well as other enhancements to make the
backoffice command a viable replacement for automatic
backoffice. Other incremental backoffice improvements.
* Added the /fileedit page, which allows editing of text files
online. Requires explicit activation by a setup user.
* Translate built-in help text into HTML for display on web
pages.
* On the /timeline webpage, the combination of query parameters
'p=CHECKIN' and 'bt=ANCESTOR' draws all ancestors of CHECKIN
going back to ANCESTOR.
* Update the built-in SQLite so that the 'fossil sql' command
supports new output modes '.mode box' and '.mode json'.
* Add the 'obscure()' SQL function to the 'fossil sql' command.
* Added virtual tables 'helptext' and 'builtin' to the 'fossil
sql' command, providing access to the dispatch table including
all help text, and the builtin data files, respectively.
* Delta compression is now applied to forum edits.
* The wiki editor has been modernized and is now Ajax-based.
- Package the fossil.1 manual page.
- fossil 2.11.1:
* Make the 'fossil git export' command more restrictive about
characters that it allows in the tag names
- Add fossil-2.11-reproducible.patch to override build date (boo#1047218)
Patchnames
openSUSE-2020-1478
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for fossil",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for fossil fixes the following issues:\n\n- fossil 2.12.1:\n * CVE-2020-24614: Remote authenticated users with check-in or\n administrative privileges could have executed arbitrary code\n [boo#1175760]\n * Security fix in the \u0027fossil git export\u0027 command. New\n \u0027safety-net\u0027 features were added to prevent similar problems\n in the future.\n * Enhancements to the graph display for cases when there are\n many cherry-pick merges into a single check-in. Example\n * Enhance the fossil open command with the new --workdir option\n and the ability to accept a URL as the repository name,\n causing the remote repository to be cloned automatically. Do\n not allow \u0027fossil open\u0027 to open in a non-empty working\n directory unless the --keep option or the new --force option\n is used.\n * Enhance the markdown formatter to more closely follow the\n CommonMark specification with regard to text\n highlighting. Underscores in the middle of identifiers (ex:\n fossil_printf()) no longer need to be escaped.\n * The markdown-to-html translator can prevent unsafe HTML (for\n example: \u003cscript\u003e) on user-contributed pages like forum and\n tickets and wiki. The admin can adjust this behavior using the\n safe-html setting on the Admin/Wiki page. The default is to\n disallow unsafe HTML everywhere.\n * Added the \u0027collapse\u0027 and \u0027expand\u0027 capability for long forum\n posts.\n * The \u0027fossil remote\u0027 command now has options for specifying\n multiple persistent remotes with symbolic names. Currently\n only one remote can be used at a time, but that might change\n in the future.\n * Add the \u0027Remember me?\u0027 checkbox on the login page. Use a\n session cookie for the login if it is not checked.\n * Added the experimental \u0027fossil hook\u0027 command for managing\n \u0027hook scripts\u0027 that run before checkin or after a push.\n * Enhance the fossil revert command so that it is able to revert\n all files beneath a directory.\n * Add the fossil bisect skip command.\n * Add the fossil backup command.\n * Enhance fossil bisect ui so that it shows all unchecked\n check-ins in between the innermost \u0027good\u0027 and \u0027bad\u0027 check-ins.\n * Added the --reset flag to the \u0027fossil add\u0027, \u0027fossil rm\u0027, and\n \u0027fossil addremove\u0027 commands.\n * Added the \u0027--min N\u0027 and \u0027--logfile FILENAME\u0027 flags to the\n backoffice command, as well as other enhancements to make the\n backoffice command a viable replacement for automatic\n backoffice. Other incremental backoffice improvements.\n * Added the /fileedit page, which allows editing of text files\n online. Requires explicit activation by a setup user.\n * Translate built-in help text into HTML for display on web\n pages.\n * On the /timeline webpage, the combination of query parameters\n \u0027p=CHECKIN\u0027 and \u0027bt=ANCESTOR\u0027 draws all ancestors of CHECKIN\n going back to ANCESTOR.\n * Update the built-in SQLite so that the \u0027fossil sql\u0027 command\n supports new output modes \u0027.mode box\u0027 and \u0027.mode json\u0027.\n * Add the \u0027obscure()\u0027 SQL function to the \u0027fossil sql\u0027 command.\n * Added virtual tables \u0027helptext\u0027 and \u0027builtin\u0027 to the \u0027fossil\n sql\u0027 command, providing access to the dispatch table including\n all help text, and the builtin data files, respectively.\n * Delta compression is now applied to forum edits.\n * The wiki editor has been modernized and is now Ajax-based.\n- Package the fossil.1 manual page.\n\n- fossil 2.11.1:\n * Make the \u0027fossil git export\u0027 command more restrictive about\n characters that it allows in the tag names\n\n- Add fossil-2.11-reproducible.patch to override build date (boo#1047218)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2020-1478",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2020_1478-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2020:1478-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/UDTH7FFF6GQ4G6LJ7CMSIEYC7EJDH6MA/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2020:1478-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/UDTH7FFF6GQ4G6LJ7CMSIEYC7EJDH6MA/"
},
{
"category": "self",
"summary": "SUSE Bug 1047218",
"url": "https://bugzilla.suse.com/1047218"
},
{
"category": "self",
"summary": "SUSE Bug 1175760",
"url": "https://bugzilla.suse.com/1175760"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-24614 page",
"url": "https://www.suse.com/security/cve/CVE-2020-24614/"
}
],
"title": "Security update for fossil",
"tracking": {
"current_release_date": "2020-09-19T22:23:30Z",
"generator": {
"date": "2020-09-19T22:23:30Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2020:1478-1",
"initial_release_date": "2020-09-19T22:23:30Z",
"revision_history": [
{
"date": "2020-09-19T22:23:30Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "fossil-2.12.1-bp152.2.3.1.aarch64",
"product": {
"name": "fossil-2.12.1-bp152.2.3.1.aarch64",
"product_id": "fossil-2.12.1-bp152.2.3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "fossil-2.12.1-bp152.2.3.1.ppc64le",
"product": {
"name": "fossil-2.12.1-bp152.2.3.1.ppc64le",
"product_id": "fossil-2.12.1-bp152.2.3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "fossil-2.12.1-bp152.2.3.1.s390x",
"product": {
"name": "fossil-2.12.1-bp152.2.3.1.s390x",
"product_id": "fossil-2.12.1-bp152.2.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "fossil-2.12.1-bp152.2.3.1.x86_64",
"product": {
"name": "fossil-2.12.1-bp152.2.3.1.x86_64",
"product_id": "fossil-2.12.1-bp152.2.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Package Hub 15 SP1",
"product": {
"name": "SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1"
}
},
{
"category": "product_name",
"name": "SUSE Package Hub 15 SP2",
"product": {
"name": "SUSE Package Hub 15 SP2",
"product_id": "SUSE Package Hub 15 SP2"
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.1",
"product": {
"name": "openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.1"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.2",
"product": {
"name": "openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "fossil-2.12.1-bp152.2.3.1.aarch64 as component of SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1:fossil-2.12.1-bp152.2.3.1.aarch64"
},
"product_reference": "fossil-2.12.1-bp152.2.3.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fossil-2.12.1-bp152.2.3.1.ppc64le as component of SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1:fossil-2.12.1-bp152.2.3.1.ppc64le"
},
"product_reference": "fossil-2.12.1-bp152.2.3.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fossil-2.12.1-bp152.2.3.1.s390x as component of SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1:fossil-2.12.1-bp152.2.3.1.s390x"
},
"product_reference": "fossil-2.12.1-bp152.2.3.1.s390x",
"relates_to_product_reference": "SUSE Package Hub 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fossil-2.12.1-bp152.2.3.1.x86_64 as component of SUSE Package Hub 15 SP1",
"product_id": "SUSE Package Hub 15 SP1:fossil-2.12.1-bp152.2.3.1.x86_64"
},
"product_reference": "fossil-2.12.1-bp152.2.3.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fossil-2.12.1-bp152.2.3.1.aarch64 as component of SUSE Package Hub 15 SP2",
"product_id": "SUSE Package Hub 15 SP2:fossil-2.12.1-bp152.2.3.1.aarch64"
},
"product_reference": "fossil-2.12.1-bp152.2.3.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fossil-2.12.1-bp152.2.3.1.ppc64le as component of SUSE Package Hub 15 SP2",
"product_id": "SUSE Package Hub 15 SP2:fossil-2.12.1-bp152.2.3.1.ppc64le"
},
"product_reference": "fossil-2.12.1-bp152.2.3.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fossil-2.12.1-bp152.2.3.1.s390x as component of SUSE Package Hub 15 SP2",
"product_id": "SUSE Package Hub 15 SP2:fossil-2.12.1-bp152.2.3.1.s390x"
},
"product_reference": "fossil-2.12.1-bp152.2.3.1.s390x",
"relates_to_product_reference": "SUSE Package Hub 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fossil-2.12.1-bp152.2.3.1.x86_64 as component of SUSE Package Hub 15 SP2",
"product_id": "SUSE Package Hub 15 SP2:fossil-2.12.1-bp152.2.3.1.x86_64"
},
"product_reference": "fossil-2.12.1-bp152.2.3.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fossil-2.12.1-bp152.2.3.1.aarch64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:fossil-2.12.1-bp152.2.3.1.aarch64"
},
"product_reference": "fossil-2.12.1-bp152.2.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fossil-2.12.1-bp152.2.3.1.ppc64le as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:fossil-2.12.1-bp152.2.3.1.ppc64le"
},
"product_reference": "fossil-2.12.1-bp152.2.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fossil-2.12.1-bp152.2.3.1.s390x as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:fossil-2.12.1-bp152.2.3.1.s390x"
},
"product_reference": "fossil-2.12.1-bp152.2.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fossil-2.12.1-bp152.2.3.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:fossil-2.12.1-bp152.2.3.1.x86_64"
},
"product_reference": "fossil-2.12.1-bp152.2.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fossil-2.12.1-bp152.2.3.1.aarch64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:fossil-2.12.1-bp152.2.3.1.aarch64"
},
"product_reference": "fossil-2.12.1-bp152.2.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fossil-2.12.1-bp152.2.3.1.ppc64le as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:fossil-2.12.1-bp152.2.3.1.ppc64le"
},
"product_reference": "fossil-2.12.1-bp152.2.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fossil-2.12.1-bp152.2.3.1.s390x as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:fossil-2.12.1-bp152.2.3.1.s390x"
},
"product_reference": "fossil-2.12.1-bp152.2.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fossil-2.12.1-bp152.2.3.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:fossil-2.12.1-bp152.2.3.1.x86_64"
},
"product_reference": "fossil-2.12.1-bp152.2.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-24614",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-24614"
}
],
"notes": [
{
"category": "general",
"text": "Fossil before 2.10.2, 2.11.x before 2.11.2, and 2.12.x before 2.12.1 allows remote authenticated users to execute arbitrary code. An attacker must have check-in privileges on the repository.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP1:fossil-2.12.1-bp152.2.3.1.aarch64",
"SUSE Package Hub 15 SP1:fossil-2.12.1-bp152.2.3.1.ppc64le",
"SUSE Package Hub 15 SP1:fossil-2.12.1-bp152.2.3.1.s390x",
"SUSE Package Hub 15 SP1:fossil-2.12.1-bp152.2.3.1.x86_64",
"SUSE Package Hub 15 SP2:fossil-2.12.1-bp152.2.3.1.aarch64",
"SUSE Package Hub 15 SP2:fossil-2.12.1-bp152.2.3.1.ppc64le",
"SUSE Package Hub 15 SP2:fossil-2.12.1-bp152.2.3.1.s390x",
"SUSE Package Hub 15 SP2:fossil-2.12.1-bp152.2.3.1.x86_64",
"openSUSE Leap 15.1:fossil-2.12.1-bp152.2.3.1.aarch64",
"openSUSE Leap 15.1:fossil-2.12.1-bp152.2.3.1.ppc64le",
"openSUSE Leap 15.1:fossil-2.12.1-bp152.2.3.1.s390x",
"openSUSE Leap 15.1:fossil-2.12.1-bp152.2.3.1.x86_64",
"openSUSE Leap 15.2:fossil-2.12.1-bp152.2.3.1.aarch64",
"openSUSE Leap 15.2:fossil-2.12.1-bp152.2.3.1.ppc64le",
"openSUSE Leap 15.2:fossil-2.12.1-bp152.2.3.1.s390x",
"openSUSE Leap 15.2:fossil-2.12.1-bp152.2.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-24614",
"url": "https://www.suse.com/security/cve/CVE-2020-24614"
},
{
"category": "external",
"summary": "SUSE Bug 1175760 for CVE-2020-24614",
"url": "https://bugzilla.suse.com/1175760"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP1:fossil-2.12.1-bp152.2.3.1.aarch64",
"SUSE Package Hub 15 SP1:fossil-2.12.1-bp152.2.3.1.ppc64le",
"SUSE Package Hub 15 SP1:fossil-2.12.1-bp152.2.3.1.s390x",
"SUSE Package Hub 15 SP1:fossil-2.12.1-bp152.2.3.1.x86_64",
"SUSE Package Hub 15 SP2:fossil-2.12.1-bp152.2.3.1.aarch64",
"SUSE Package Hub 15 SP2:fossil-2.12.1-bp152.2.3.1.ppc64le",
"SUSE Package Hub 15 SP2:fossil-2.12.1-bp152.2.3.1.s390x",
"SUSE Package Hub 15 SP2:fossil-2.12.1-bp152.2.3.1.x86_64",
"openSUSE Leap 15.1:fossil-2.12.1-bp152.2.3.1.aarch64",
"openSUSE Leap 15.1:fossil-2.12.1-bp152.2.3.1.ppc64le",
"openSUSE Leap 15.1:fossil-2.12.1-bp152.2.3.1.s390x",
"openSUSE Leap 15.1:fossil-2.12.1-bp152.2.3.1.x86_64",
"openSUSE Leap 15.2:fossil-2.12.1-bp152.2.3.1.aarch64",
"openSUSE Leap 15.2:fossil-2.12.1-bp152.2.3.1.ppc64le",
"openSUSE Leap 15.2:fossil-2.12.1-bp152.2.3.1.s390x",
"openSUSE Leap 15.2:fossil-2.12.1-bp152.2.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP1:fossil-2.12.1-bp152.2.3.1.aarch64",
"SUSE Package Hub 15 SP1:fossil-2.12.1-bp152.2.3.1.ppc64le",
"SUSE Package Hub 15 SP1:fossil-2.12.1-bp152.2.3.1.s390x",
"SUSE Package Hub 15 SP1:fossil-2.12.1-bp152.2.3.1.x86_64",
"SUSE Package Hub 15 SP2:fossil-2.12.1-bp152.2.3.1.aarch64",
"SUSE Package Hub 15 SP2:fossil-2.12.1-bp152.2.3.1.ppc64le",
"SUSE Package Hub 15 SP2:fossil-2.12.1-bp152.2.3.1.s390x",
"SUSE Package Hub 15 SP2:fossil-2.12.1-bp152.2.3.1.x86_64",
"openSUSE Leap 15.1:fossil-2.12.1-bp152.2.3.1.aarch64",
"openSUSE Leap 15.1:fossil-2.12.1-bp152.2.3.1.ppc64le",
"openSUSE Leap 15.1:fossil-2.12.1-bp152.2.3.1.s390x",
"openSUSE Leap 15.1:fossil-2.12.1-bp152.2.3.1.x86_64",
"openSUSE Leap 15.2:fossil-2.12.1-bp152.2.3.1.aarch64",
"openSUSE Leap 15.2:fossil-2.12.1-bp152.2.3.1.ppc64le",
"openSUSE Leap 15.2:fossil-2.12.1-bp152.2.3.1.s390x",
"openSUSE Leap 15.2:fossil-2.12.1-bp152.2.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-09-19T22:23:30Z",
"details": "moderate"
}
],
"title": "CVE-2020-24614"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…