{"affected":[{"ecosystem_specific":{"binaries":[{"osc":"0.151.0-8.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Software Development Kit 12","name":"osc","purl":"pkg:rpm/suse/osc&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"0.151.0-8.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"osc was updated to fix a security issue and some non-security bugs.\n\nosc was updated to 0.151.0, fixing the following vulnerability:\n* fixed shell command injection via crafted _service files CVE-2015-0778 boo#901643\n\nThe following non-security bugs were fixed:\n* fix times when data comes from OBS backend\n* support updateing the link in target package for submit requests\n* various minor bugfixes\n","id":"SUSE-SU-2015:0487-1","modified":"2015-03-12T15:39:14Z","published":"2015-03-12T15:39:14Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2015/suse-su-20150487-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/901643"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-0778"}],"related":["CVE-2015-0778"],"summary":"Security update for osc","upstream":["CVE-2015-0778"]}