From 50586a2f50071589eafe1b80eb7037d208c8de6bc8ddb72650f2f67d076e0427 Mon Sep 17 00:00:00 2001
From: Frank Schreiner <FSchreiner@suse.com>
Date: Thu, 27 Sep 2018 08:54:56 +0000
Subject: [PATCH] * fix CVE-2018-12474

OBS-URL: https://build.opensuse.org/package/show/openSUSE:Tools/obs-service-tar_scm?expand=0&rev=213
---
 obs-service-tar_scm-0.9.4.1537959361.56833cb.obscpio | 2 +-
 obs-service-tar_scm.changes                          | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/obs-service-tar_scm-0.9.4.1537959361.56833cb.obscpio b/obs-service-tar_scm-0.9.4.1537959361.56833cb.obscpio
index 345d02c..edf66cd 100644
--- a/obs-service-tar_scm-0.9.4.1537959361.56833cb.obscpio
+++ b/obs-service-tar_scm-0.9.4.1537959361.56833cb.obscpio
@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:5098c8c9aa4819900493eb7c3a90b49d0211b542a8eeb2e00dac0b94279382e1
+oid sha256:073b0f56c62edfd648810736b6942924ba19554058f08cfa4e9467c89b21bd95
 size 279052
diff --git a/obs-service-tar_scm.changes b/obs-service-tar_scm.changes
index 7ef93a9..6532005 100644
--- a/obs-service-tar_scm.changes
+++ b/obs-service-tar_scm.changes
@@ -20,6 +20,7 @@ Tue Sep 25 10:05:18 UTC 2018 - opensuse-packaging@opensuse.org
 Mon Sep 24 12:22:40 UTC 2018 - opensuse-packaging@opensuse.org
 
 - Update to version 0.9.2.1537788075.fefaa74:
+  * fix CVE-2018-12474
   * check name/version option in obsinfo for slashes
   * check url for remote url
   * check symlinks in subdir parameter