Oval Definition:oval:org.opensuse.security:def:102308
Revision Date:2022-04-22Version:1
Title:Security update for rubygem-puma (Important) (in QA)
Description:

This update for rubygem-puma fixes the following issues:

rubygem-puma was updated to version 4.3.11:

CVE-2021-29509: Adjusted an incomplete fix for allows Denial of Service (DoS) (bsc#1188527) * CVE-2021-41136: Fixed request smuggling if HTTP header value contains the LF character (bsc#1191681) * CVE-2022-23634: Fixed information leak between requests (bsc#1196222)

This patch is currently in QA and not yet available for download.
Family:unixClass:patch
Status:Reference(s):1058115
1065729
1071995
1085030
1148868
1152472
1152489
1153274
1154353
1154492
1155518
1155798
1156395
1157169
1158050
1158242
1158265
1158748
1158765
1158983
1159781
1159867
1160947
1161495
1162002
1162063
1162400
1162702
1164648
1164777
1164780
1165211
1165933
1165975
1166985
1167104
1167651
1167773
1168230
1168779
1168838
1168959
1169021
1169094
1169194
1169514
1169681
1169771
1170011
1170284
1170442
1170617
1170774
1170879
1170891
1170895
1171150
1171189
1171191
1171219
1171220
1171246
1171417
1171513
1171529
1171530
1171662
1171688
1171699
1171732
1171739
1171743
1171759
1171828
1171857
1171868
1171904
1171915
1171982
1171983
1171988
1172017
1172046
1172061
1172062
1172063
1172064
1172065
1172066
1172067
1172068
1172069
1172073
1172086
1172095
1172169
1172170
1172201
1172208
1172223
1172342
1172343
1172344
1172365
1172366
1172374
1172391
1172393
1172394
1172453
1172458
1172467
1172484
1172537
1172543
1172687
1172719
1172739
1172751
1172759
1172775
1172781
1172782
1172783
1172814
1172823
1172841
1172871
1172938
1172939
1172940
1172956
1172983
1172984
1172985
1172986
1172987
1172988
1172989
1172990
1172999
1173060
1173068
1173074
1173085
1173139
1173206
1173271
1173280
1173284
1173428
1173438
1173461
1173514
1173552
1173573
1173625
1173746
1173776
1173817
1173818
1173820
1173822
1173823
1173824
1173825
1173826
1173827
1173828
1173830
1173831
1173832
1173833
1173834
1173836
1173837
1173838
1173839
1173841
1173843
1173844
1173845
1173847
1173849
1173860
1173894
1173941
1174018
1174072
1174116
1174126
1174127
1174128
1174129
1174185
1174244
1174263
1174264
1174331
1174332
1174333
1174345
1174356
1174396
1174398
1174407
1174409
1174411
1174438
1174462
1174513
1174527
1174543
1174627
1188527
1191681
1196222
962849
CVE-2019-19462
CVE-2019-20810
CVE-2019-20812
CVE-2020-0305
CVE-2020-10135
CVE-2020-10711
CVE-2020-10732
CVE-2020-10751
CVE-2020-10766
CVE-2020-10767
CVE-2020-10768
CVE-2020-10773
CVE-2020-10781
CVE-2020-12656
CVE-2020-12769
CVE-2020-12771
CVE-2020-12888
CVE-2020-13143
CVE-2020-13974
CVE-2020-14416
CVE-2020-15393
CVE-2020-15780
CVE-2021-29509
CVE-2021-41136
CVE-2022-23634
Platform(s):SUSE Linux Enterprise High Availability 15 SP3
SUSE Linux Enterprise High Performance Computing 15 SP2
SUSE Linux Enterprise High Performance Computing 15 SP3
SUSE Linux Enterprise Module for Live Patching 15 SP2
SUSE Linux Enterprise Server 15 SP2
SUSE Linux Enterprise Server 15 SP3
SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP3
SUSE Manager Proxy 4.2
SUSE Manager Retail Branch Server 4.2
SUSE Manager Server 4.2
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 SP2 is installed
  • AND Package Information
  • kernel-default-livepatch-5.3.18-24.9.1 is installed
  • OR kernel-default-livepatch-devel-5.3.18-24.9.1 is installed
  • OR kernel-livepatch-5_3_18-24_9-default-1-5.3.6 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise High Availability 15 SP3 is installed
  • OR SUSE Linux Enterprise High Performance Computing 15 SP3 is installed
  • OR SUSE Linux Enterprise Server 15 SP3 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP3 is installed
  • OR SUSE Manager Proxy 4.2 is installed
  • OR SUSE Manager Retail Branch Server 4.2 is installed
  • OR SUSE Manager Server 4.2 is installed
  • AND ruby2.5-rubygem-puma-4.3.11-150000.3.6.2 is installed
    • BACK