| Revision Date: | 2020-07-15 | Version: | 1 |
| Title: | Security update for rubygem-puma (Moderate) |
| Description: |
This update for rubygem-puma to version 4.3.5 fixes the following issues:
- CVE-2020-11077: Fixed a HTTP smuggling issue related to proxy usage (bsc#1172175). - CVE-2020-11076: Fixed a HTTP smuggling issue when using an invalid transfer-encoding header (bsc#1172176). - Disabled TLSv1.0 and TLSv1.1 (jsc#SLE-6965).
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1172175
1172176
CVE-2020-11076
CVE-2020-11077
SUSE-SU-2020:1919-1
|
| Platform(s): | SUSE Linux Enterprise High Availability 15 SP2
SUSE Linux Enterprise High Performance Computing 15 SP2
SUSE Linux Enterprise Server 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE Linux Enterprise Storage 7
SUSE Manager Proxy 4.1
SUSE Manager Server 4.1
| Product(s): | |
| Definition Synopsis |
| SUSE Linux Enterprise High Availability 15 SP2 is installed AND ruby2.5-rubygem-puma-4.3.5-3.3.1 is installed
|