Public CVE-2017-12445 disclosure

Code injection in openSUSE when running some source services used in the open build service 2.1 before March 11 2011.