{"affected":[{"ecosystem_specific":{"binaries":[{"hiawatha":"10.8.4-bp150.3.3.1","hiawatha-letsencrypt":"10.8.4-bp150.3.3.1"}]},"package":{"ecosystem":"SUSE:Package Hub 15","name":"hiawatha","purl":"pkg:rpm/suse/hiawatha&distro=SUSE%20Package%20Hub%2015"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"10.8.4-bp150.3.3.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for hiawatha to version 10.8.4 fixes the following issue:\n\nSecurity issue fixed:\n\n- CVE-2019-8358: Fixed a vulnerability which allowed a remote atacker to perform directory traversal \n  when AllowDotFiles was enabled (bsc#1125751).\n    \n\nThis update was imported from the openSUSE:Leap:15.0:Update update project.","id":"openSUSE-SU-2019:0322-1","modified":"2019-03-09T13:08:17Z","published":"2019-03-09T13:08:17Z","references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/KK62HFIQDUPOHLYUOMKFMBKWFUFL3ZIQ/#KK62HFIQDUPOHLYUOMKFMBKWFUFL3ZIQ"},{"type":"REPORT","url":"https://bugzilla.suse.com/1125751"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-8358"}],"related":["CVE-2019-8358"],"summary":"Security update for hiawatha","upstream":["CVE-2019-8358"]}