7573 moderate openSUSE Leap 42.3 Update This update for fossil to version 2.4 fixes the following issues: - CVE-2017-17459: Client-side code execution via crafted "ssh://" URLs (bsc#1071709) The impact of this vulnerability is more limited than similar vectors fixed in other SCMs, as there is no known way to mask the repository URL or otherwise trigger non-interactively. This update also contains all bug fixes and improvements in the 2.4 release: - URL Aliases - tech-note search capability - Various added command line options - Annation depth is now configurable The following legacy options are no longer available: - --no-dir-symlinks option - legacy configuration sync protocol fossil-2.4-6.1.i586.rpm fossil-2.4-6.1.src.rpm fossil-debuginfo-2.4-6.1.i586.rpm fossil-debugsource-2.4-6.1.i586.rpm fossil-2.4-6.1.x86_64.rpm fossil-debuginfo-2.4-6.1.x86_64.rpm fossil-debugsource-2.4-6.1.x86_64.rpm