8476 moderate openSUSE Leap 42.3 Update This update for python-dulwich to version 0.18.5 fixes this security issue: - CVE-2017-16228: Dulwich, when an SSH subprocess is used, allowed remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname (bsc#1066430). For detailed changes please see https://www.dulwich.io/code/dulwich/ This update was imported from the SUSE:SLE-12:Update update project. python-dulwich-0.18.5-11.1.i586.rpm python-dulwich-0.18.5-11.1.src.rpm python-dulwich-debuginfo-0.18.5-11.1.i586.rpm python-dulwich-debugsource-0.18.5-11.1.i586.rpm python-dulwich-0.18.5-11.1.x86_64.rpm python-dulwich-debuginfo-0.18.5-11.1.x86_64.rpm python-dulwich-debugsource-0.18.5-11.1.x86_64.rpm