{"affected":[{"ecosystem_specific":{"binaries":[{"rmt-server":"2.5.2-lp151.2.9.1","rmt-server-config":"2.5.2-lp151.2.9.1","rmt-server-pubcloud":"2.5.2-lp151.2.9.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.1","name":"rmt-server","purl":"pkg:rpm/opensuse/rmt-server&distro=openSUSE%20Leap%2015.1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"2.5.2-lp151.2.9.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for rmt-server to version 2.5.2 fixes the following issues:\n\nSecurity issue fixed:\n\n- CVE-2019-18904: Fixed a denial of service in the offline migration (bsc#1160922).\n\nNon-security issue fixed:\n\n- Relaxed systemd units dependencies (bsc#1160673)\n- Added more verbose error reporting for SCC API errors (bsc#1157119)\n- Fixed system listing when architecture is not well referenced (bsc#1141122)\n\nThis update was imported from the SUSE:SLE-15-SP1:Update update project.","id":"openSUSE-SU-2020:0235-1","modified":"2020-02-19T19:13:45Z","published":"2020-02-19T19:13:45Z","references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/NDQBJNFWANV6TSPQYO64RQJGFMEBCGWR/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1141122"},{"type":"REPORT","url":"https://bugzilla.suse.com/1157119"},{"type":"REPORT","url":"https://bugzilla.suse.com/1160673"},{"type":"REPORT","url":"https://bugzilla.suse.com/1160922"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-18904"}],"related":["CVE-2019-18904"],"summary":"Security update for rmt-server","upstream":["CVE-2019-18904"]}