CVE-2012-1095 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2012-1095 Interim 1 25 2025-11-05T05:40:51Z current 2021-05-30T13:02:21Z 2025-11-05T05:40:51Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2012-1095 osc before 0.134 might allow remote OBS repository servers or package maintainers to execute arbitrary commands via a crafted (1) build log or (2) build status that contains an escape sequence for a terminal emulator. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.suse.com/pipermail/sle-updates/2012-April/000201.html E-Mail link for SUSE-RU-2012:0468-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Software Development Kit 12 SP4 SUSE Linux Enterprise Module for Development Tools 15 SP7 SUSE Linux Enterprise Module for Legacy 15 SUSE Linux Enterprise Module for Development Tools 15 SP7 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Software Development Kit 12 SP4 SUSE Linux Enterprise Software Development Kit 12 SP5 SUSE Linux Enterprise Module for Legacy 15 SUSE Linux Enterprise Module for Development Tools 15 SP7 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Software Development Kit 12 SP4 SUSE Linux Enterprise Software Development Kit 12 SP5 SUSE Linux Enterprise Module for Legacy 15 SUSE Linux Enterprise Module for Development Tools 15 SP7 openSUSE Tumbleweed osc-0.139.2-0.3.1 osc-0.148.1-1.7 osc-0.152.0-11.1 osc-0.155.1-2.1 osc-0.158.0-14.1 osc-0.162.1-1.30 osc-0.162.1-15.6.1 osc-1.9.0-150400.10.9.1 osc-1.9.0-150400.10.9.1 as a component of SUSE Linux Enterprise Module for Development Tools 15 SP7 osc-0.162.1-1.30 as a component of SUSE Linux Enterprise Module for Legacy 15 osc-0.139.2-0.3.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 osc-0.148.1-1.7 as a component of SUSE Linux Enterprise Software Development Kit 12 osc-0.152.0-11.1 as a component of SUSE Linux Enterprise Software Development Kit 12 SP1 osc-0.152.0-11.1 as a component of SUSE Linux Enterprise Software Development Kit 12 SP2 osc-0.158.0-14.1 as a component of SUSE Linux Enterprise Software Development Kit 12 SP3 osc-0.162.1-15.6.1 as a component of SUSE Linux Enterprise Software Development Kit 12 SP4 osc-0.162.1-15.6.1 as a component of SUSE Linux Enterprise Software Development Kit 12 SP5 osc-0.155.1-2.1 as a component of openSUSE Tumbleweed osc before 0.134 might allow remote OBS repository servers or package maintainers to execute arbitrary commands via a crafted (1) build log or (2) build status that contains an escape sequence for a terminal emulator. CVE-2012-1095 SUSE Linux Enterprise Module for Development Tools 15 SP7:osc-1.9.0-150400.10.9.1 SUSE Linux Enterprise Module for Legacy 15:osc-0.162.1-1.30 SUSE Linux Enterprise Software Development Kit 11 SP4:osc-0.139.2-0.3.1 SUSE Linux Enterprise Software Development Kit 12:osc-0.148.1-1.7 SUSE Linux Enterprise Software Development Kit 12 SP1:osc-0.152.0-11.1 SUSE Linux Enterprise Software Development Kit 12 SP2:osc-0.152.0-11.1 SUSE Linux Enterprise Software Development Kit 12 SP3:osc-0.158.0-14.1 SUSE Linux Enterprise Software Development Kit 12 SP4:osc-0.162.1-15.6.1 SUSE Linux Enterprise Software Development Kit 12 SP5:osc-0.162.1-15.6.1 openSUSE Tumbleweed:osc-0.155.1-2.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N