7577 important openSUSE Leap 42.2 Update ports This OBS toolchain update fixes the following issues: Package 'build': - CVE-2010-4226: force use of bsdtar for VMs (bnc#665768) - CVE-2017-14804: Improve file name check extractbuild (bsc#1069904) - switch baselibs scheme for debuginfo packages from foo-debuginfo-32bit to foo-32bit-debuginfo (fate#323217) Package 'obs-service-source_validator': - CVE-2017-9274: Don't use rpmbuild to extract sources, patches etc. from a spec (bnc#938556). - Update to version 0.7 - use spec_query instead of output_versions using the specfile parser from the build package (boo#1059858) Package 'osc': - update to version 0.162.0 - add Recommends: ca-certificates to enable TLS verification without manually installing them. (bnc#1061500) This update was imported from the SUSE:SLE-12:Update update project. build-20171128-2.6.1.noarch.rpm build-20171128-2.6.1.src.rpm build-initvm-powerpc64le-20171128-2.6.1.noarch.rpm build-mkbaselibs-20171128-2.6.1.noarch.rpm build-mkdrpms-20171128-2.6.1.noarch.rpm obs-service-source_validator-0.7-13.6.1.noarch.rpm obs-service-source_validator-0.7-13.6.1.src.rpm osc-0.162.0-7.7.1.noarch.rpm osc-0.162.0-7.7.1.src.rpm build-initvm-aarch64-20171128-2.6.1.noarch.rpm build-initvm-armv7hl-20171128-2.6.1.noarch.rpm