Oval Definition:oval:org.opensuse.security:def:104106
Revision Date:2020-03-20Version:1
Title:Recommended update for ruby2.5 (Important)
Description:

This update for ruby2.5 toversion 2.5.7 fixes the following issues: ruby 2.5 was updated to version 2.5.7

- CVE-2020-8130: Fixed a command injection in intree copy of rake (bsc#1164804). - CVE-2019-16255: Fixed a code injection vulnerability of Shell#[] and Shell#test (bsc#1152990). - CVE-2019-16254: Fixed am HTTP response splitting in WEBrick (bsc#1152992). - CVE-2019-15845: Fixed a null injection vulnerability of File.fnmatch and File.fnmatch? (bsc#1152994). - CVE-2019-16201: Fixed a regular expression denial of service of WEBrick Digest access authentication (bsc#1152995). - CVE-2012-6708: Fixed an XSS in JQuery - CVE-2015-9251: Fixed an XSS in JQuery - Fixed unit tests (bsc#1140844) - Removed some unneeded test files (bsc#1162396).
Family:unixClass:patch
Status:Reference(s):1140844
1152990
1152992
1152994
1152995
1162396
1164804
CVE-2012-6708
CVE-2015-9251
CVE-2019-15845
CVE-2019-16201
CVE-2019-16254
CVE-2019-16255
CVE-2020-8130
SUSE-SU-2020:0737-1
Platform(s):SUSE Linux Enterprise Desktop 15 SP1
SUSE Linux Enterprise High Performance Computing 15 SP1
SUSE Linux Enterprise Module for Basesystem 15 SP1
SUSE Linux Enterprise Server 15 SP1
SUSE Linux Enterprise Server for SAP Applications 15 SP1
SUSE Linux Enterprise Storage 6
SUSE Manager Proxy 4.0
SUSE Manager Server 4.0
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed
  • AND Package Information
  • libruby2_5-2_5-2.5.7-4.8.1 is installed
  • OR ruby2.5-2.5.7-4.8.1 is installed
  • OR ruby2.5-devel-2.5.7-4.8.1 is installed
  • OR ruby2.5-devel-extra-2.5.7-4.8.1 is installed
  • OR ruby2.5-stdlib-2.5.7-4.8.1 is installed
    • BACK