cvelistv5 - cve-2024-22034

CVE-2024-22034 (GCVE-0-2024-22034)

Vulnerability from cvelistv5 – Published: 2024-10-16 13:46 – Updated: 2024-10-31 13:34

Summary

Attackers could put the special files in .osc into the actual package sources (e.g. _apiurl). This allows the attacker to change the configuration of osc for the victim

Severity ?

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

CWE

CWE-noinfo Not enough information

Assigner

suse

References

URL

Tags

https://bugzilla.suse.com/show_bug.cgi?id=CVE-202…

Impacted products

Vendor

Product

Version

SUSE

SUSE Linux Enterprise Desktop 15 SP5

Affected: ? , < 1.9.0-150400.10.6.1 (custom)

SUSE	SUSE Linux Enterprise High Performance Computing 15 SP5	Affected: ? , < 1.9.0-150400.10.6.1 (custom)
SUSE	SUSE Linux Enterprise Module for Development Tools 15 SP5	Affected: ? , < 1.9.0-150400.10.6.1 (custom)
SUSE	SUSE Linux Enterprise Server 15 SP5	Affected: ? , < 1.9.0-150400.10.6.1 (custom)
SUSE	SUSE Linux Enterprise Server for SAP Applications 15 SP5	Affected: ? , < 1.9.0-150400.10.6.1 (custom)
SUSE	SUSE Linux Enterprise Desktop 15 SP6	Affected: ? , < 1.9.0-150400.10.6.1 (custom)
SUSE	SUSE Linux Enterprise High Performance Computing 15 SP6	Affected: ? , < 1.9.0-150400.10.6.1 (custom)
SUSE	SUSE Linux Enterprise Module for Development Tools 15 SP6	Affected: ? , < 1.9.0-150400.10.6.1 (custom)
SUSE	SUSE Linux Enterprise Server 15 SP6	Affected: ? , < 1.9.0-150400.10.6.1 (custom)
SUSE	SUSE Linux Enterprise Server for SAP Applications 15 SP6	Affected: ? , < 1.9.0-150400.10.6.1 (custom)
SUSE	SUSE Linux Enterprise Server 12 SP5	Affected: ? , < 0.183.0-15.18.1 (custom)
SUSE	SUSE Linux Enterprise Server for SAP Applications 12 SP5	Affected: ? , < 0.183.0-15.18.1 (custom)
SUSE	SUSE Linux Enterprise Software Development Kit 12 SP5	Affected: ? , < 0.183.0-15.18.1 (custom)
SUSE	openSUSE Leap 15.5	Affected: ? , < 1.9.0-150400.10.6.1 (custom)
SUSE	openSUSE Leap 15.6	Affected: ? , < 1.9.0-150400.10.6.1 (custom)
SUSE	openSUSE Tumbleweed	Affected: ? , < 1.9.0-1.1 (custom)

Credits

Daniel Mach of SUSE

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-22034",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-16T14:01:15.655473Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-31T13:34:34.435Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "packageName": "osc",
          "product": "SUSE Linux Enterprise Desktop 15 SP5",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "1.9.0-150400.10.6.1",
              "status": "affected",
              "version": "?",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "packageName": "osc",
          "product": "SUSE Linux Enterprise High Performance Computing 15 SP5",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "1.9.0-150400.10.6.1",
              "status": "affected",
              "version": "?",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "packageName": "osc",
          "product": "SUSE Linux Enterprise Module for Development Tools 15 SP5",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "1.9.0-150400.10.6.1",
              "status": "affected",
              "version": "?",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "packageName": "osc",
          "product": "SUSE Linux Enterprise Server 15 SP5",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "1.9.0-150400.10.6.1",
              "status": "affected",
              "version": "?",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "packageName": "osc",
          "product": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "1.9.0-150400.10.6.1",
              "status": "affected",
              "version": "?",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "packageName": "osc",
          "product": "SUSE Linux Enterprise Desktop 15 SP6",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "1.9.0-150400.10.6.1",
              "status": "affected",
              "version": "?",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "packageName": "osc",
          "product": "SUSE Linux Enterprise High Performance Computing 15 SP6",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "1.9.0-150400.10.6.1",
              "status": "affected",
              "version": "?",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "packageName": "osc",
          "product": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "1.9.0-150400.10.6.1",
              "status": "affected",
              "version": "?",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "packageName": "osc",
          "product": "SUSE Linux Enterprise Server 15 SP6",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "1.9.0-150400.10.6.1",
              "status": "affected",
              "version": "?",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "packageName": "osc",
          "product": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "1.9.0-150400.10.6.1",
              "status": "affected",
              "version": "?",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "packageName": "osc",
          "product": "SUSE Linux Enterprise Server 12 SP5",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "0.183.0-15.18.1",
              "status": "affected",
              "version": "?",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "packageName": "osc",
          "product": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "0.183.0-15.18.1",
              "status": "affected",
              "version": "?",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "packageName": "osc",
          "product": "SUSE Linux Enterprise Software Development Kit 12 SP5",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "0.183.0-15.18.1",
              "status": "affected",
              "version": "?",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "packageName": "osc",
          "product": "openSUSE Leap 15.5",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "1.9.0-150400.10.6.1",
              "status": "affected",
              "version": "?",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "packageName": "osc",
          "product": "openSUSE Leap 15.6",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "1.9.0-150400.10.6.1",
              "status": "affected",
              "version": "?",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "packageName": "osc",
          "product": "openSUSE Tumbleweed",
          "vendor": "SUSE",
          "versions": [
            {
              "lessThan": "1.9.0-1.1",
              "status": "affected",
              "version": "?",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Daniel Mach of SUSE"
        }
      ],
      "datePublic": "2024-08-19T11:42:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Attackers could put the special files in .osc into the actual package sources (e.g. _apiurl). This allows the attacker to change the configuration of osc for the victim\u003cbr\u003e"
            }
          ],
          "value": "Attackers could put the special files in .osc into the actual package sources (e.g. _apiurl). This allows the attacker to change the configuration of osc for the victim"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-10-16T13:46:08.416Z",
        "orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
        "shortName": "suse"
      },
      "references": [
        {
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2024-22034"
        }
      ],
      "source": {
        "discovery": "INTERNAL"
      },
      "title": "Crafted projects can overwrite special files in the .osc config directory",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
    "assignerShortName": "suse",
    "cveId": "CVE-2024-22034",
    "datePublished": "2024-10-16T13:46:08.416Z",
    "dateReserved": "2024-01-04T12:38:34.024Z",
    "dateUpdated": "2024-10-31T13:34:34.435Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Attackers could put the special files in .osc into the actual package sources (e.g. _apiurl). This allows the attacker to change the configuration of osc for the victim\"}, {\"lang\": \"es\", \"value\": \"Los atacantes podr\\u00edan colocar los archivos especiales en .osc en las fuentes del paquete real (por ejemplo, _apiurl). Esto permite al atacante cambiar la configuraci\\u00f3n de osc para la v\\u00edctima.\"}]",
      "id": "CVE-2024-22034",
      "lastModified": "2024-10-16T16:38:14.557",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"meissner@suse.de\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N\", \"baseScore\": 5.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 3.6}]}",
      "published": "2024-10-16T14:15:05.577",
      "references": "[{\"url\": \"https://bugzilla.suse.com/show_bug.cgi?id=CVE-2024-22034\", \"source\": \"meissner@suse.de\"}]",
      "sourceIdentifier": "meissner@suse.de",
      "vulnStatus": "Awaiting Analysis"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-22034\",\"sourceIdentifier\":\"meissner@suse.de\",\"published\":\"2024-10-16T14:15:05.577\",\"lastModified\":\"2024-10-16T16:38:14.557\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Attackers could put the special files in .osc into the actual package sources (e.g. _apiurl). This allows the attacker to change the configuration of osc for the victim\"},{\"lang\":\"es\",\"value\":\"Los atacantes podr\u00edan colocar los archivos especiales en .osc en las fuentes del paquete real (por ejemplo, _apiurl). Esto permite al atacante cambiar la configuraci\u00f3n de osc para la v\u00edctima.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"meissner@suse.de\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"references\":[{\"url\":\"https://bugzilla.suse.com/show_bug.cgi?id=CVE-2024-22034\",\"source\":\"meissner@suse.de\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-22034\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-10-16T14:01:15.655473Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"description\": \"CWE-noinfo Not enough information\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-10-16T14:01:24.508Z\"}}], \"cna\": {\"title\": \"Crafted projects can overwrite special files in the .osc config directory\", \"source\": {\"discovery\": \"INTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"value\": \"Daniel Mach of SUSE\"}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.5, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"SUSE\", \"product\": \"SUSE Linux Enterprise Desktop 15 SP5\", \"versions\": [{\"status\": \"affected\", \"version\": \"?\", \"lessThan\": \"1.9.0-150400.10.6.1\", \"versionType\": \"custom\"}], \"packageName\": \"osc\", \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"SUSE\", \"product\": \"SUSE Linux Enterprise High Performance Computing 15 SP5\", \"versions\": [{\"status\": \"affected\", \"version\": \"?\", \"lessThan\": \"1.9.0-150400.10.6.1\", \"versionType\": \"custom\"}], \"packageName\": \"osc\", \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"SUSE\", \"product\": \"SUSE Linux Enterprise Module for Development Tools 15 SP5\", \"versions\": [{\"status\": \"affected\", \"version\": \"?\", \"lessThan\": \"1.9.0-150400.10.6.1\", \"versionType\": \"custom\"}], \"packageName\": \"osc\", \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"SUSE\", \"product\": \"SUSE Linux Enterprise Server 15 SP5\", \"versions\": [{\"status\": \"affected\", \"version\": \"?\", \"lessThan\": \"1.9.0-150400.10.6.1\", \"versionType\": \"custom\"}], \"packageName\": \"osc\", \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"SUSE\", \"product\": \"SUSE Linux Enterprise Server for SAP Applications 15 SP5\", \"versions\": [{\"status\": \"affected\", \"version\": \"?\", \"lessThan\": \"1.9.0-150400.10.6.1\", \"versionType\": \"custom\"}], \"packageName\": \"osc\", \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"SUSE\", \"product\": \"SUSE Linux Enterprise Desktop 15 SP6\", \"versions\": [{\"status\": \"affected\", \"version\": \"?\", \"lessThan\": \"1.9.0-150400.10.6.1\", \"versionType\": \"custom\"}], \"packageName\": \"osc\", \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"SUSE\", \"product\": \"SUSE Linux Enterprise High Performance Computing 15 SP6\", \"versions\": [{\"status\": \"affected\", \"version\": \"?\", \"lessThan\": \"1.9.0-150400.10.6.1\", \"versionType\": \"custom\"}], \"packageName\": \"osc\", \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"SUSE\", \"product\": \"SUSE Linux Enterprise Module for Development Tools 15 SP6\", \"versions\": [{\"status\": \"affected\", \"version\": \"?\", \"lessThan\": \"1.9.0-150400.10.6.1\", \"versionType\": \"custom\"}], \"packageName\": \"osc\", \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"SUSE\", \"product\": \"SUSE Linux Enterprise Server 15 SP6\", \"versions\": [{\"status\": \"affected\", \"version\": \"?\", \"lessThan\": \"1.9.0-150400.10.6.1\", \"versionType\": \"custom\"}], \"packageName\": \"osc\", \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"SUSE\", \"product\": \"SUSE Linux Enterprise Server for SAP Applications 15 SP6\", \"versions\": [{\"status\": \"affected\", \"version\": \"?\", \"lessThan\": \"1.9.0-150400.10.6.1\", \"versionType\": \"custom\"}], \"packageName\": \"osc\", \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"SUSE\", \"product\": \"SUSE Linux Enterprise Server 12 SP5\", \"versions\": [{\"status\": \"affected\", \"version\": \"?\", \"lessThan\": \"0.183.0-15.18.1\", \"versionType\": \"custom\"}], \"packageName\": \"osc\", \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"SUSE\", \"product\": \"SUSE Linux Enterprise Server for SAP Applications 12 SP5\", \"versions\": [{\"status\": \"affected\", \"version\": \"?\", \"lessThan\": \"0.183.0-15.18.1\", \"versionType\": \"custom\"}], \"packageName\": \"osc\", \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"SUSE\", \"product\": \"SUSE Linux Enterprise Software Development Kit 12 SP5\", \"versions\": [{\"status\": \"affected\", \"version\": \"?\", \"lessThan\": \"0.183.0-15.18.1\", \"versionType\": \"custom\"}], \"packageName\": \"osc\", \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"SUSE\", \"product\": \"openSUSE Leap 15.5\", \"versions\": [{\"status\": \"affected\", \"version\": \"?\", \"lessThan\": \"1.9.0-150400.10.6.1\", \"versionType\": \"custom\"}], \"packageName\": \"osc\", \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"SUSE\", \"product\": \"openSUSE Leap 15.6\", \"versions\": [{\"status\": \"affected\", \"version\": \"?\", \"lessThan\": \"1.9.0-150400.10.6.1\", \"versionType\": \"custom\"}], \"packageName\": \"osc\", \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"SUSE\", \"product\": \"openSUSE Tumbleweed\", \"versions\": [{\"status\": \"affected\", \"version\": \"?\", \"lessThan\": \"1.9.0-1.1\", \"versionType\": \"custom\"}], \"packageName\": \"osc\", \"defaultStatus\": \"unaffected\"}], \"datePublic\": \"2024-08-19T11:42:00.000Z\", \"references\": [{\"url\": \"https://bugzilla.suse.com/show_bug.cgi?id=CVE-2024-22034\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Attackers could put the special files in .osc into the actual package sources (e.g. _apiurl). This allows the attacker to change the configuration of osc for the victim\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Attackers could put the special files in .osc into the actual package sources (e.g. _apiurl). This allows the attacker to change the configuration of osc for the victim\u003cbr\u003e\", \"base64\": false}]}], \"providerMetadata\": {\"orgId\": \"404e59f5-483d-4b8a-8e7a-e67604dd8afb\", \"shortName\": \"suse\", \"dateUpdated\": \"2024-10-16T13:46:08.416Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-22034\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-10-31T13:34:34.435Z\", \"dateReserved\": \"2024-01-04T12:38:34.024Z\", \"assignerOrgId\": \"404e59f5-483d-4b8a-8e7a-e67604dd8afb\", \"datePublished\": \"2024-10-16T13:46:08.416Z\", \"assignerShortName\": \"suse\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

GHSA-GM3V-M2W5-WM38

Vulnerability from github – Published: 2024-10-16 15:32 – Updated: 2024-10-16 15:32

Details

Attackers could put the special files in .osc into the actual package sources (e.g. _apiurl). This allows the attacker to change the configuration of osc for the victim

Severity ?

5.5 (Medium)


                  
                    CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-22034"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-10-16T14:15:05Z",
    "severity": "MODERATE"
  },
  "details": "Attackers could put the special files in .osc into the actual package sources (e.g. _apiurl). This allows the attacker to change the configuration of osc for the victim",
  "id": "GHSA-gm3v-m2w5-wm38",
  "modified": "2024-10-16T15:32:07Z",
  "published": "2024-10-16T15:32:07Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22034"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2024-22034"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2024-22034

Vulnerability from gsd - Updated: 2024-01-05 06:02

Details

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

Aliases

CVE-2024-22034

JSON

To clipboard

{
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2024-22034"
      ],
      "id": "GSD-2024-22034",
      "modified": "2024-01-05T06:02:20.506049Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2024-22034",
        "STATE": "RESERVED"
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
          }
        ]
      }
    }
  }
}

OPENSUSE-SU-2024:14277-1

Vulnerability from csaf_opensuse - Published: 2024-08-20 00:00 - Updated: 2024-08-20 00:00

Summary

osc-1.9.0-1.1 on GA media

Notes

Title of the patch

osc-1.9.0-1.1 on GA media

Description of the patch

These are all security issues fixed in the osc-1.9.0-1.1 package on the GA media of openSUSE Tumbleweed.

Patchnames

openSUSE-Tumbleweed-2024-14277

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "osc-1.9.0-1.1 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the osc-1.9.0-1.1 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2024-14277",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_14277-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-22034 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-22034/"
      }
    ],
    "title": "osc-1.9.0-1.1 on GA media",
    "tracking": {
      "current_release_date": "2024-08-20T00:00:00Z",
      "generator": {
        "date": "2024-08-20T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2024:14277-1",
      "initial_release_date": "2024-08-20T00:00:00Z",
      "revision_history": [
        {
          "date": "2024-08-20T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "osc-1.9.0-1.1.aarch64",
                "product": {
                  "name": "osc-1.9.0-1.1.aarch64",
                  "product_id": "osc-1.9.0-1.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "osc-1.9.0-1.1.ppc64le",
                "product": {
                  "name": "osc-1.9.0-1.1.ppc64le",
                  "product_id": "osc-1.9.0-1.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "osc-1.9.0-1.1.s390x",
                "product": {
                  "name": "osc-1.9.0-1.1.s390x",
                  "product_id": "osc-1.9.0-1.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "osc-1.9.0-1.1.x86_64",
                "product": {
                  "name": "osc-1.9.0-1.1.x86_64",
                  "product_id": "osc-1.9.0-1.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "osc-1.9.0-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:osc-1.9.0-1.1.aarch64"
        },
        "product_reference": "osc-1.9.0-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "osc-1.9.0-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:osc-1.9.0-1.1.ppc64le"
        },
        "product_reference": "osc-1.9.0-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "osc-1.9.0-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:osc-1.9.0-1.1.s390x"
        },
        "product_reference": "osc-1.9.0-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "osc-1.9.0-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:osc-1.9.0-1.1.x86_64"
        },
        "product_reference": "osc-1.9.0-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-22034",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-22034"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Attackers could put the special files in .osc into the actual package sources (e.g. _apiurl). This allows the attacker to change the configuration of osc for the victim",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:osc-1.9.0-1.1.aarch64",
          "openSUSE Tumbleweed:osc-1.9.0-1.1.ppc64le",
          "openSUSE Tumbleweed:osc-1.9.0-1.1.s390x",
          "openSUSE Tumbleweed:osc-1.9.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-22034",
          "url": "https://www.suse.com/security/cve/CVE-2024-22034"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1225911 for CVE-2024-22034",
          "url": "https://bugzilla.suse.com/1225911"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:osc-1.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:osc-1.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:osc-1.9.0-1.1.s390x",
            "openSUSE Tumbleweed:osc-1.9.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:osc-1.9.0-1.1.aarch64",
            "openSUSE Tumbleweed:osc-1.9.0-1.1.ppc64le",
            "openSUSE Tumbleweed:osc-1.9.0-1.1.s390x",
            "openSUSE Tumbleweed:osc-1.9.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-08-20T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-22034"
    }
  ]
}

SUSE-SU-2024:2961-1

Vulnerability from csaf_suse - Published: 2024-08-19 12:06 - Updated: 2024-08-19 12:06

Summary

Security update for osc

Notes

Title of the patch

Security update for osc

Description of the patch

This update for osc fixes the following issues: - 1.9.0 - Security: - Fix possibility to overwrite special files in .osc (CVE-2024-22034 bsc#1225911) Source files are now stored in the 'sources' subdirectory which prevents name collisons. This requires changing version of '.osc' store to 2.0. - Command-line: - Introduce build --checks parameter - Library: - OscConfigParser: Remove automatic __name__ option - 1.8.3 - Command-line: - Change 'repairwc' command to always run all repair steps - Library: - Make most of the fields in KeyinfoPubkey and KeyinfoSslcert models optional - Fix colorize() to avoid wrapping empty string into color escape sequences - Provide default values for kwargs.get/pop in get_results() function - 1.8.2 - Library: - Change 'repairwc' command to fix missing .osc/_osclib_version - Make error message in check_store_version() more generic to work for both projects and packages - Fix check_store_version in project store - 1.8.1 - Command-line: - Fix 'linkpac' command crash when used with '--disable-build' or '--disable-publish' option - 1.8.0 - Command-line: - Improve 'submitrequest' command to inherit description from superseded request - Fix 'mv' command when renaming a file multiple times - Improve 'info' command to support projects - Improve 'getbinaries' command by accepting '-M' / '--multibuild-package' option outside checkouts - Add architecture filtering to 'release' command - Change 'results' command so the normal and multibuild packages have the same output - Change 'results' command to use csv writer instead of formatting csv as string - Add couple mutually exclusive options errors to 'results' command - Set a default value for 'results --format' only for the csv output - Add support for 'results --format' for the default text mode - Update help text for '--format' option in 'results' command - Add 'results --fail-on-error/-F' flag - Redirect venv warnings from stderr to debug output - Configuration: - Fix config parser to throw an exception on duplicate sections or options - Modify conf.get_config() to print permissions warning to stderr rather than stdout - Library: - Run check_store_version() in obs_scm.Store and fix related code in Project and Package - Forbid extracting files with absolute path from 'cpio' archives (bsc#1122683) - Forbid extracting files with absolute path from 'ar' archives (bsc#1122683) - Remove no longer valid warning from core.unpack_srcrpm() - Make obs_api.KeyinfoSslcert keyid and fingerprint fields optional - Fix return value in build build.create_build_descr_data() - Fix core.get_package_results() to obey 'multibuild_packages' argument - Tests: - Fix tests so they don't modify fixtures - 1.7.0 - Command-line: - Add 'person search' command - Add 'person register' command - Add '-M/--multibuild-package' option to '[what]dependson' commands - Update '-U/--user' option in 'maintainer' command to accept also an email address - Fix 'branch' command to allow using '--new-package' option on packages that do not exist - Fix 'buildinfo' command to include obs:cli_debug_packages by default - Fix 'buildinfo' command to send complete local build environment as the 'build' command does - Fix 'maintainer --devel-project' to raise an error if running outside a working copy without any arguments - Fix handling arguments in 'service remoterun prj/pac' - Fix 'rebuild' command so the '--all' option conflicts with the 'package' argument - Fix crash when removing 'scmsync' element from dst package meta in 'linkpac' command - Fix crash when reading dst package meta in 'linkpac' command - Allow `osc rpmlint` to infer prj/pkg from CWD - Propagate exit code from the run() and do_() commandline methods - Give a hint where a scmsync git is hosted - Fix crash in 'updatepacmetafromspec' command when working with an incomplete spec - Improve 'updatepacmetafromspec' command to expand rpm spec macros by calling rpmspec to query the data - Improve 'build' and 'buildinfo' commands by uploading *.inc files to OBS for parsing BuildRequires (bsc#1221340) - Improve 'service' command by printing names of running services - Improve 'getbinaries' command by ignoring source and debuginfo filters when a binary name is specified - Change 'build' command to pass '--jobs' option to 'build' tool only if 'build_jobs' > 0 - Clarify 'list' command's help that that listing binaries doesn't contain md5 checksums - Improve 'log' command: produce proper CSV and XML outputs, add -p/--patch option for the text output - Allow setlinkrev to set a specific vrev - Document '--buildtool-opt=--noclean' example in 'build' command's help - Fix handling the default package argument on the command-line - Configuration: - Document loading configuration from env variables - Connection: - Don't retry on error 400 - Remove now unused 'retry_on_400' http_request() option from XmlModel - Revert 'Don't retry on 400 HTTP status code in core.server_diff()' - Revert 'connection: Allow disabling retry on 400 HTTP status code' - Authentication: - Update SignatureAuthHandler to support specifying ssh key by its fingerprint - Use ssh key from ssh agent that contains comment 'obs=<apiurl-hostname>' - Use strings instead of bytes in SignatureAuthHandler - Cache password from SecretService to avoid spamming user with an accept dialog - Never ask for credentials when displaying help - Remove unused SignatureAuthHandler.get_fingerprint() - Library: - Add rootless build support for 'qemu' VM type - Support package linking of packages from scmsync projects - Fix do_createrequest() function to return None instead of request id - Replace invalid 'if' with 'elif' in BaseModel.dict() - Fix crash when no prefered packages are defined - Add XmlModel class that encapsulates manipulation with XML - Add obs_api.Person.cmd_register() for registering new users - Fix conf.get_config() to ignore file type bits when comparing oscrc perms - Fix conf.get_config() to correctly handle overrides when env variables are set - Fix output.tty.IS_INTERACTIVE when os.isatty() throws OSError - Improve cmdln.HelpFormatter to obey newline characters - Update list of color codes in 'output.tty' module - Remove core.setDevelProject() in favor of core.set_devel_project() - Move removing control characters to output.sanitize_text() - Improve sanitize_text() to keep selected CSI escape sequences - Add output.pipe_to_pager() that pipes lines to a pager without creating an intermediate temporary file - Fix output.safe_write() in connection with NamedTemporaryFile - Modernize output.run_pager() - Extend output.print_msg() to accept 'error' and 'warning' values of 'to_print' argument - Add XPathQuery class for translating keyword arguments to an xpath query - Add obs_api.Keyinfo class - Add obs_api.Package class - Add Package.get_revision_list() for listing commit log - Add obs_api.PackageSources class for handling OBS SCM sources - Add obs_api.Person class - Add obs_api.Project class - Add obs_api.Request class - Add obs_api.Token class - Allow storing apiurl in the XmlModel instances - Allow retrieving default field value from top-level model - Fix BaseModel to convert dictionaries to objects on retrieving a model list - Fix BaseModel to always deepcopy mutable defaults on first use - Implement do_snapshot() and has_changed() methods to determine changes in BaseModel - Implement total ordering on BaseModel - Add comments with available attributes/elements to edited XML - Refactoring: - Migrate repo {list,add,remove} commands to obs_api.Project - Migrate core.show_package_disabled_repos() to obs_api.Package - Migrate core.Package.update_package_meta() to obs_api.Package - Migrate core.get_repos_of_project() to obs_api.Project - Migrate core.get_repositories_of_project() to obs_api.Project - Migrate core.show_scmsync() to obs_api.{Package,Project} - Migrate core.set_devel_project() to obs_api.Package - Migrate core.show_devel_project() to obs_api.Package - Migrate Fetcher.run() to obs_api.Keyinfo - Migrate core.create_submit_request() to obs_api.Request - Migrate 'token' command to obs_api.Token - Migrate 'whois/user' command to obs_api.Person - Migrate 'signkey' command to obs_api.Keyinfo - Move print_msg() to the 'osc.output' module - Move run_pager() and get_default_pager() from 'core' to 'output' module - Move core.Package to obs_scm.Package - Move core.Project to obs_scm.Project - Move functions manipulating store from core to obs_scm.store - Move store.Store to obs_scm.Store - Move core.Linkinfo to obs_scm.Linkinfo - Move core.Serviceinfo to obs_scm.Serviceinfo - Move core.File to obs_scm.File - Merge _private.project.ProjectMeta into obs_api.Project - Spec: - Remove dependency on /usr/bin/python3 using %python3_fix_shebang macro (bsc#1212476) - 1.6.2 - Command-line: - Fix 'branch' command to allow using '--new-package' option on packages that do not exist - Fix 'buildinfo' command to include obs:cli_debug_packages by default - Fix 'buildinfo' command to send complete local build environment as the 'build' command does - Allow `osc rpmlint` to infer prj/pkg from CWD - Propagate exit code from the run() and do_() commandline methods - Give a hint where a scmsync git is hosted - Fix crash in 'updatepacmetafromspec' command when working with an incomplete spec - Authentication: - Cache password from SecretService to avoid spamming user with an accept dialog - Never ask for credentials when displaying help - Library: - Support package linking of packages from scmsync projects - Fix do_createrequest() function to return None instead of request id - Replace invalid 'if' with 'elif' in BaseModel.dict() - Fix crash when no prefered packages are defined - 1.6.1 - Command-line: - Use busybox compatible commands for completion - Change 'wipe' command to use the new get_user_input() function - Fix error 500 in running 'meta attribute <prj>' - Configuration: - Fix resolving config symlink to the actual config file - Honor XDG_CONFIG_HOME and XDG_CACHE_HOME env vars - Warn about ignoring XDG_CONFIG_HOME and ~/.config/osc/oscrc if ~/.oscrc exists - Library: - Error out when branching a scmsync package - New get_user_input() function for consistent handling of user input - Move xml_indent, xml_quote and xml_unquote to osc.util.xml module - Refactor makeurl(), deprecate query taking string or list arguments, drop osc_urlencode() - Remove all path quoting, rely on makeurl() - Always use dict query in makeurl() - Fix core.slash_split() to strip both leading and trailing slashes - 1.6.0 - Command-line: - The 'token --trigger' command no longer sets '--operation=runservice' by default. - Change 'token --create' command to require '--operation' - Fix 'linkdiff' command error 400: prj/pac/md5 not in repository - Update 'build' command to support building 'productcompose' build type with updateinfo.xml data - Don't show meter in terminals that are not interactive - Fix traceback when running osc from an arbitrary git repo that fails to map branch to a project (bsc#1218170) - Configuration: - Implement reading credentials from environmental variables - Allow starting with an empty config if --configfile is either empty or points to /dev/null - Implement 'quiet' conf option - Password can be an empty string (commonly used with ssh auth) - Connection: - Allow -X HEAD on osc api requests as well - Library: - Fix credentials managers to consistently return Password - Fix Password.encode() on python < 3.8 - Refactor 'meter' module, use config settings to pick the right class - Convert to using f-strings - Use Field.get_callback to handle quiet/verbose and http_debug/http_full_debug options - Implement get_callback that allows modifying returned value to the Field class - Add support for List[BaseModel] type to Field class - Report class name when reporting an error during instantiating BaseModel object - Fix exporting an empty model field in BaseModel.dict() - Fix initializing a sub-model instance from a dictionary - Implement 'Enum' support in models - Fix Field.origin_type for Optional types - Drop unused 'exclude_unset' argument from BaseModel.dict() method - Store cached model defaults in self._defaults, avoid sharing references to mutable defaults - Limit model attributes to predefined fields by forbidding creating new attributes on fly - Store model values in self._values dict instead of private attributes - Spec: - Recommend openssh-clients for ssh-add that is required during ssh auth - Add 0%{?amzn} macro that wasn't usptreamed

Patchnames

SUSE-2024-2961,SUSE-SLE-Module-Development-Tools-15-SP5-2024-2961,SUSE-SLE-Module-Development-Tools-15-SP6-2024-2961,openSUSE-SLE-15.5-2024-2961,openSUSE-SLE-15.6-2024-2961

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for osc",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for osc fixes the following issues:\n\n- 1.9.0\n  - Security:\n    - Fix possibility to overwrite special files in .osc (CVE-2024-22034 bsc#1225911)\n      Source files are now stored in the \u0027sources\u0027 subdirectory which prevents\n      name collisons. This requires changing version of \u0027.osc\u0027 store to 2.0.\n  - Command-line:\n    - Introduce build --checks parameter\n  - Library:\n    - OscConfigParser: Remove automatic __name__ option\n\n- 1.8.3\n  - Command-line:\n    - Change \u0027repairwc\u0027 command to always run all repair steps\n  - Library:\n    - Make most of the fields in KeyinfoPubkey and KeyinfoSslcert models optional\n    - Fix colorize() to avoid wrapping empty string into color escape sequences\n    - Provide default values for kwargs.get/pop in get_results() function\n\n- 1.8.2\n  - Library:\n    - Change \u0027repairwc\u0027 command to fix missing .osc/_osclib_version\n    - Make error message in check_store_version() more generic to work for both projects and packages\n    - Fix check_store_version in project store\n\n- 1.8.1\n  - Command-line:\n    - Fix \u0027linkpac\u0027 command crash when used with \u0027--disable-build\u0027 or \u0027--disable-publish\u0027 option\n\n- 1.8.0\n  - Command-line:\n    - Improve \u0027submitrequest\u0027 command to inherit description from superseded request\n    - Fix \u0027mv\u0027 command when renaming a file multiple times\n    - Improve \u0027info\u0027 command to support projects\n    - Improve \u0027getbinaries\u0027 command by accepting \u0027-M\u0027 / \u0027--multibuild-package\u0027 option outside checkouts\n    - Add architecture filtering to \u0027release\u0027 command\n    - Change \u0027results\u0027 command so the normal and multibuild packages have the same output\n    - Change \u0027results\u0027 command to use csv writer instead of formatting csv as string\n    - Add couple mutually exclusive options errors to \u0027results\u0027 command\n    - Set a default value for \u0027results --format\u0027 only for the csv output\n    - Add support for \u0027results --format\u0027 for the default text mode\n    - Update help text for \u0027--format\u0027 option in \u0027results\u0027 command\n    - Add \u0027results --fail-on-error/-F\u0027 flag\n    - Redirect venv warnings from stderr to debug output\n  - Configuration:\n    - Fix config parser to throw an exception on duplicate sections or options\n    - Modify conf.get_config() to print permissions warning to stderr rather than stdout\n  - Library:\n    - Run check_store_version() in obs_scm.Store and fix related code in Project and Package\n    - Forbid extracting files with absolute path from \u0027cpio\u0027 archives (bsc#1122683)\n    - Forbid extracting files with absolute path from \u0027ar\u0027 archives (bsc#1122683)\n    - Remove no longer valid warning from core.unpack_srcrpm()\n    - Make obs_api.KeyinfoSslcert keyid and fingerprint fields optional\n    - Fix return value in build build.create_build_descr_data()\n    - Fix core.get_package_results() to obey \u0027multibuild_packages\u0027 argument\n  - Tests:\n    - Fix tests so they don\u0027t modify fixtures\n\n- 1.7.0\n  - Command-line:\n    - Add \u0027person search\u0027 command\n    - Add \u0027person register\u0027 command\n    - Add \u0027-M/--multibuild-package\u0027 option to \u0027[what]dependson\u0027 commands\n    - Update \u0027-U/--user\u0027 option in \u0027maintainer\u0027 command to accept also an email address\n    - Fix \u0027branch\u0027 command to allow using \u0027--new-package\u0027 option on packages that do not exist\n    - Fix \u0027buildinfo\u0027 command to include obs:cli_debug_packages by default\n    - Fix \u0027buildinfo\u0027 command to send complete local build environment as the \u0027build\u0027 command does\n    - Fix \u0027maintainer --devel-project\u0027 to raise an error if running outside a working copy without any arguments\n    - Fix handling arguments in \u0027service remoterun prj/pac\u0027\n    - Fix \u0027rebuild\u0027 command so the \u0027--all\u0027 option conflicts with the \u0027package\u0027 argument\n    - Fix crash when removing \u0027scmsync\u0027 element from dst package meta in \u0027linkpac\u0027 command\n    - Fix crash when reading dst package meta in \u0027linkpac\u0027 command\n    - Allow `osc rpmlint` to infer prj/pkg from CWD\n    - Propagate exit code from the run() and do_() commandline methods\n    - Give a hint where a scmsync git is hosted\n    - Fix crash in \u0027updatepacmetafromspec\u0027 command when working with an incomplete spec\n    - Improve \u0027updatepacmetafromspec\u0027 command to expand rpm spec macros by calling rpmspec to query the data\n    - Improve \u0027build\u0027 and \u0027buildinfo\u0027 commands by uploading *.inc files to OBS for parsing BuildRequires (bsc#1221340)\n    - Improve \u0027service\u0027 command by printing names of running services\n    - Improve \u0027getbinaries\u0027 command by ignoring source and debuginfo filters when a binary name is specified\n    - Change \u0027build\u0027 command to pass \u0027--jobs\u0027 option to \u0027build\u0027 tool only if \u0027build_jobs\u0027 \u003e 0\n    - Clarify \u0027list\u0027 command\u0027s help that that listing binaries doesn\u0027t contain md5 checksums\n    - Improve \u0027log\u0027 command: produce proper CSV and XML outputs, add -p/--patch option for the text output\n    - Allow setlinkrev to set a specific vrev\n    - Document \u0027--buildtool-opt=--noclean\u0027 example in \u0027build\u0027 command\u0027s help\n    - Fix handling the default package argument on the command-line\n  - Configuration:\n    - Document loading configuration from env variables\n  - Connection:\n    - Don\u0027t retry on error 400\n    - Remove now unused \u0027retry_on_400\u0027 http_request() option from XmlModel\n    - Revert \u0027Don\u0027t retry on 400 HTTP status code in core.server_diff()\u0027\n    - Revert \u0027connection: Allow disabling retry on 400 HTTP status code\u0027\n  - Authentication:\n    - Update SignatureAuthHandler to support specifying ssh key by its fingerprint\n    - Use ssh key from ssh agent that contains comment \u0027obs=\u003capiurl-hostname\u003e\u0027\n    - Use strings instead of bytes in SignatureAuthHandler\n    - Cache password from SecretService to avoid spamming user with an accept dialog\n    - Never ask for credentials when displaying help\n    - Remove unused SignatureAuthHandler.get_fingerprint()\n  - Library:\n    - Add rootless build support for \u0027qemu\u0027 VM type\n    - Support package linking of packages from scmsync projects\n    - Fix do_createrequest() function to return None instead of request id\n    - Replace invalid \u0027if\u0027 with \u0027elif\u0027 in BaseModel.dict()\n    - Fix crash when no prefered packages are defined\n    - Add XmlModel class that encapsulates manipulation with XML\n    - Add obs_api.Person.cmd_register() for registering new users\n    - Fix conf.get_config() to ignore file type bits when comparing oscrc perms\n    - Fix conf.get_config() to correctly handle overrides when env variables are set\n    - Fix output.tty.IS_INTERACTIVE when os.isatty() throws OSError\n    - Improve cmdln.HelpFormatter to obey newline characters\n    - Update list of color codes in \u0027output.tty\u0027 module\n    - Remove core.setDevelProject() in favor of core.set_devel_project()\n    - Move removing control characters to output.sanitize_text()\n    - Improve sanitize_text() to keep selected CSI escape sequences\n    - Add output.pipe_to_pager() that pipes lines to a pager without creating an intermediate temporary file\n    - Fix output.safe_write() in connection with NamedTemporaryFile\n    - Modernize output.run_pager()\n    - Extend output.print_msg() to accept \u0027error\u0027 and \u0027warning\u0027 values of \u0027to_print\u0027 argument\n    - Add XPathQuery class for translating keyword arguments to an xpath query\n    - Add obs_api.Keyinfo class\n    - Add obs_api.Package class\n    - Add Package.get_revision_list() for listing commit log\n    - Add obs_api.PackageSources class for handling OBS SCM sources\n    - Add obs_api.Person class\n    - Add obs_api.Project class\n    - Add obs_api.Request class\n    - Add obs_api.Token class\n    - Allow storing apiurl in the XmlModel instances\n    - Allow retrieving default field value from top-level model\n    - Fix BaseModel to convert dictionaries to objects on retrieving a model list\n    - Fix BaseModel to always deepcopy mutable defaults on first use\n    - Implement do_snapshot() and has_changed() methods to determine changes in BaseModel\n    - Implement total ordering on BaseModel\n    - Add comments with available attributes/elements to edited XML\n  - Refactoring:\n    - Migrate repo {list,add,remove} commands to obs_api.Project\n    - Migrate core.show_package_disabled_repos() to obs_api.Package\n    - Migrate core.Package.update_package_meta() to obs_api.Package\n    - Migrate core.get_repos_of_project() to obs_api.Project\n    - Migrate core.get_repositories_of_project() to obs_api.Project\n    - Migrate core.show_scmsync() to obs_api.{Package,Project}\n    - Migrate core.set_devel_project() to obs_api.Package\n    - Migrate core.show_devel_project() to obs_api.Package\n    - Migrate Fetcher.run() to obs_api.Keyinfo\n    - Migrate core.create_submit_request() to obs_api.Request\n    - Migrate \u0027token\u0027 command to obs_api.Token\n    - Migrate \u0027whois/user\u0027 command to obs_api.Person\n    - Migrate \u0027signkey\u0027 command to obs_api.Keyinfo\n    - Move print_msg() to the \u0027osc.output\u0027 module\n    - Move run_pager() and get_default_pager() from \u0027core\u0027 to \u0027output\u0027 module\n    - Move core.Package to obs_scm.Package\n    - Move core.Project to obs_scm.Project\n    - Move functions manipulating store from core to obs_scm.store\n    - Move store.Store to obs_scm.Store\n    - Move core.Linkinfo to obs_scm.Linkinfo\n    - Move core.Serviceinfo to obs_scm.Serviceinfo\n    - Move core.File to obs_scm.File\n    - Merge _private.project.ProjectMeta into obs_api.Project\n  - Spec:\n    - Remove dependency on /usr/bin/python3 using %python3_fix_shebang macro (bsc#1212476)\n\n- 1.6.2\n  - Command-line:\n    - Fix \u0027branch\u0027 command to allow using \u0027--new-package\u0027 option on packages that do not exist\n    - Fix \u0027buildinfo\u0027 command to include obs:cli_debug_packages by default\n    - Fix \u0027buildinfo\u0027 command to send complete local build environment as the \u0027build\u0027 command does\n    - Allow `osc rpmlint` to infer prj/pkg from CWD\n    - Propagate exit code from the run() and do_() commandline methods\n    - Give a hint where a scmsync git is hosted\n    - Fix crash in \u0027updatepacmetafromspec\u0027 command when working with an incomplete spec\n  - Authentication:\n    - Cache password from SecretService to avoid spamming user with an accept dialog\n    - Never ask for credentials when displaying help\n  - Library:\n    - Support package linking of packages from scmsync projects\n    - Fix do_createrequest() function to return None instead of request id\n    - Replace invalid \u0027if\u0027 with \u0027elif\u0027 in BaseModel.dict()\n    - Fix crash when no prefered packages are defined\n\n- 1.6.1\n  - Command-line:\n    - Use busybox compatible commands for completion\n    - Change \u0027wipe\u0027 command to use the new get_user_input() function\n    - Fix error 500 in running \u0027meta attribute \u003cprj\u003e\u0027\n  - Configuration:\n    - Fix resolving config symlink to the actual config file\n    - Honor XDG_CONFIG_HOME and XDG_CACHE_HOME env vars\n    - Warn about ignoring XDG_CONFIG_HOME and ~/.config/osc/oscrc if ~/.oscrc exists\n  - Library:\n    - Error out when branching a scmsync package\n    - New get_user_input() function for consistent handling of user input\n    - Move xml_indent, xml_quote and xml_unquote to osc.util.xml module\n    - Refactor makeurl(), deprecate query taking string or list arguments, drop osc_urlencode()\n    - Remove all path quoting, rely on makeurl()\n    - Always use dict query in makeurl()\n    - Fix core.slash_split() to strip both leading and trailing slashes\n\n- 1.6.0\n  - Command-line:\n    - The \u0027token --trigger\u0027 command no longer sets \u0027--operation=runservice\u0027 by default.\n    - Change \u0027token --create\u0027 command to require \u0027--operation\u0027\n    - Fix \u0027linkdiff\u0027 command error 400: prj/pac/md5 not in repository\n    - Update \u0027build\u0027 command to support building \u0027productcompose\u0027 build type with updateinfo.xml data\n    - Don\u0027t show meter in terminals that are not interactive\n    - Fix traceback when running osc from an arbitrary git repo that fails to map branch to a project (bsc#1218170)\n  - Configuration:\n    - Implement reading credentials from environmental variables\n    - Allow starting with an empty config if --configfile is either empty or points to /dev/null\n    - Implement \u0027quiet\u0027 conf option\n    - Password can be an empty string (commonly used with ssh auth)\n  - Connection:\n    - Allow -X HEAD on osc api requests as well\n  - Library:\n    - Fix credentials managers to consistently return Password\n    - Fix Password.encode() on python \u003c 3.8\n    - Refactor \u0027meter\u0027 module, use config settings to pick the right class\n    - Convert to using f-strings\n    - Use Field.get_callback to handle quiet/verbose and http_debug/http_full_debug options\n    - Implement get_callback that allows modifying returned value to the Field class\n    - Add support for List[BaseModel] type to Field class\n    - Report class name when reporting an error during instantiating BaseModel object\n    - Fix exporting an empty model field in  BaseModel.dict()\n    - Fix initializing a sub-model instance from a dictionary\n    - Implement \u0027Enum\u0027 support in models\n    - Fix Field.origin_type for Optional types\n    - Drop unused \u0027exclude_unset\u0027 argument from BaseModel.dict() method\n    - Store cached model defaults in self._defaults, avoid sharing references to mutable defaults\n    - Limit model attributes to predefined fields by forbidding creating new attributes on fly\n    - Store model values in self._values dict instead of private attributes\n  - Spec:\n    - Recommend openssh-clients for ssh-add that is required during ssh auth\n    - Add 0%{?amzn} macro that wasn\u0027t usptreamed\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2024-2961,SUSE-SLE-Module-Development-Tools-15-SP5-2024-2961,SUSE-SLE-Module-Development-Tools-15-SP6-2024-2961,openSUSE-SLE-15.5-2024-2961,openSUSE-SLE-15.6-2024-2961",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_2961-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2024:2961-1",
        "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242961-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2024:2961-1",
        "url": "https://lists.suse.com/pipermail/sle-updates/2024-August/036632.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1122683",
        "url": "https://bugzilla.suse.com/1122683"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1212476",
        "url": "https://bugzilla.suse.com/1212476"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1218170",
        "url": "https://bugzilla.suse.com/1218170"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1221340",
        "url": "https://bugzilla.suse.com/1221340"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1225911",
        "url": "https://bugzilla.suse.com/1225911"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-22034 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-22034/"
      }
    ],
    "title": "Security update for osc",
    "tracking": {
      "current_release_date": "2024-08-19T12:06:41Z",
      "generator": {
        "date": "2024-08-19T12:06:41Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2024:2961-1",
      "initial_release_date": "2024-08-19T12:06:41Z",
      "revision_history": [
        {
          "date": "2024-08-19T12:06:41Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "osc-1.9.0-150400.10.6.1.noarch",
                "product": {
                  "name": "osc-1.9.0-150400.10.6.1.noarch",
                  "product_id": "osc-1.9.0-150400.10.6.1.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Development Tools 15 SP5",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Development Tools 15 SP5",
                  "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-development-tools:15:sp5"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
                  "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-development-tools:15:sp6"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "openSUSE Leap 15.5",
                "product": {
                  "name": "openSUSE Leap 15.5",
                  "product_id": "openSUSE Leap 15.5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:leap:15.5"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "openSUSE Leap 15.6",
                "product": {
                  "name": "openSUSE Leap 15.6",
                  "product_id": "openSUSE Leap 15.6",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:leap:15.6"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "osc-1.9.0-150400.10.6.1.noarch as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:osc-1.9.0-150400.10.6.1.noarch"
        },
        "product_reference": "osc-1.9.0-150400.10.6.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "osc-1.9.0-150400.10.6.1.noarch as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:osc-1.9.0-150400.10.6.1.noarch"
        },
        "product_reference": "osc-1.9.0-150400.10.6.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "osc-1.9.0-150400.10.6.1.noarch as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:osc-1.9.0-150400.10.6.1.noarch"
        },
        "product_reference": "osc-1.9.0-150400.10.6.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "osc-1.9.0-150400.10.6.1.noarch as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:osc-1.9.0-150400.10.6.1.noarch"
        },
        "product_reference": "osc-1.9.0-150400.10.6.1.noarch",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-22034",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-22034"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Attackers could put the special files in .osc into the actual package sources (e.g. _apiurl). This allows the attacker to change the configuration of osc for the victim",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:osc-1.9.0-150400.10.6.1.noarch",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:osc-1.9.0-150400.10.6.1.noarch",
          "openSUSE Leap 15.5:osc-1.9.0-150400.10.6.1.noarch",
          "openSUSE Leap 15.6:osc-1.9.0-150400.10.6.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-22034",
          "url": "https://www.suse.com/security/cve/CVE-2024-22034"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1225911 for CVE-2024-22034",
          "url": "https://bugzilla.suse.com/1225911"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:osc-1.9.0-150400.10.6.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:osc-1.9.0-150400.10.6.1.noarch",
            "openSUSE Leap 15.5:osc-1.9.0-150400.10.6.1.noarch",
            "openSUSE Leap 15.6:osc-1.9.0-150400.10.6.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:osc-1.9.0-150400.10.6.1.noarch",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:osc-1.9.0-150400.10.6.1.noarch",
            "openSUSE Leap 15.5:osc-1.9.0-150400.10.6.1.noarch",
            "openSUSE Leap 15.6:osc-1.9.0-150400.10.6.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-08-19T12:06:41Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-22034"
    }
  ]
}

SUSE-SU-2024:2963-1

Vulnerability from csaf_suse - Published: 2024-08-19 12:06 - Updated: 2024-08-19 12:06

Summary

Security update for osc

Notes

Title of the patch

Security update for osc

Description of the patch

This update for osc fixes the following issues: 0.183.0 - Fix possibility to overwrite special files in .osc (CVE-2024-22034 bsc#1225911) Source files are now stored in the 'sources' subdirectory which prevents name collisons. This requires changing version of '.osc' store to 2.0. - Fix errorneous double quotes in core.py

Patchnames

SUSE-2024-2963,SUSE-SLE-SDK-12-SP5-2024-2963

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for osc",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for osc fixes the following issues:\n\n0.183.0\n  - Fix possibility to overwrite special files in .osc (CVE-2024-22034 bsc#1225911)\n    Source files are now stored in the \u0027sources\u0027 subdirectory which prevents\n    name collisons. This requires changing version of \u0027.osc\u0027 store to 2.0.\n  - Fix errorneous double quotes in core.py\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2024-2963,SUSE-SLE-SDK-12-SP5-2024-2963",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_2963-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2024:2963-1",
        "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242963-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2024:2963-1",
        "url": "https://lists.suse.com/pipermail/sle-updates/2024-August/036631.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1225911",
        "url": "https://bugzilla.suse.com/1225911"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-22034 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-22034/"
      }
    ],
    "title": "Security update for osc",
    "tracking": {
      "current_release_date": "2024-08-19T12:06:57Z",
      "generator": {
        "date": "2024-08-19T12:06:57Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2024:2963-1",
      "initial_release_date": "2024-08-19T12:06:57Z",
      "revision_history": [
        {
          "date": "2024-08-19T12:06:57Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "osc-0.183.0-15.18.1.noarch",
                "product": {
                  "name": "osc-0.183.0-15.18.1.noarch",
                  "product_id": "osc-0.183.0-15.18.1.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Software Development Kit 12 SP5",
                "product": {
                  "name": "SUSE Linux Enterprise Software Development Kit 12 SP5",
                  "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-sdk:12:sp5"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "osc-0.183.0-15.18.1.noarch as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
          "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:osc-0.183.0-15.18.1.noarch"
        },
        "product_reference": "osc-0.183.0-15.18.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-22034",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-22034"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Attackers could put the special files in .osc into the actual package sources (e.g. _apiurl). This allows the attacker to change the configuration of osc for the victim",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Software Development Kit 12 SP5:osc-0.183.0-15.18.1.noarch"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-22034",
          "url": "https://www.suse.com/security/cve/CVE-2024-22034"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1225911 for CVE-2024-22034",
          "url": "https://bugzilla.suse.com/1225911"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Software Development Kit 12 SP5:osc-0.183.0-15.18.1.noarch"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Software Development Kit 12 SP5:osc-0.183.0-15.18.1.noarch"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-08-19T12:06:57Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-22034"
    }
  ]
}

FKIE_CVE-2024-22034

Vulnerability from fkie_nvd - Published: 2024-10-16 14:15 - Updated: 2024-10-16 16:38

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Summary

Attackers could put the special files in .osc into the actual package sources (e.g. _apiurl). This allows the attacker to change the configuration of osc for the victim

References

	URL	Tags
	meissner@suse.de	https://bugzilla.suse.com/show_bug.cgi?id=CVE-2024-22034

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Attackers could put the special files in .osc into the actual package sources (e.g. _apiurl). This allows the attacker to change the configuration of osc for the victim"
    },
    {
      "lang": "es",
      "value": "Los atacantes podr\u00edan colocar los archivos especiales en .osc en las fuentes del paquete real (por ejemplo, _apiurl). Esto permite al atacante cambiar la configuraci\u00f3n de osc para la v\u00edctima."
    }
  ],
  "id": "CVE-2024-22034",
  "lastModified": "2024-10-16T16:38:14.557",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "meissner@suse.de",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-10-16T14:15:05.577",
  "references": [
    {
      "source": "meissner@suse.de",
      "url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2024-22034"
    }
  ],
  "sourceIdentifier": "meissner@suse.de",
  "vulnStatus": "Awaiting Analysis"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-22034 (GCVE-0-2024-22034)

GHSA-GM3V-M2W5-WM38

GSD-2024-22034

OPENSUSE-SU-2024:14277-1

SUSE-SU-2024:2961-1

SUSE-SU-2024:2963-1

FKIE_CVE-2024-22034

Tags

Sightings

Nomenclature