| Revision Date: | 2021-09-16 | Version: | 1 |
| Title: | Security update for haserl (Moderate) |
| Description: |
This update for haserl fixes the following issues:
Update to version 0.9.36:
Fixed: Its possible to issue a PUT request without a CONTENT-TYPE. Assume an octet-stream in that case. This is CVE-2021-29133 and boo#1187671 * Change the Prefix for variables to be the REQUEST_METHOD (PUT/DELETE/GET/POST) THIS IS A BREAKING CHANGE * Mitigations vs running haserl to get access to files not available to the user.
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1187671
CVE-2021-29133
openSUSE-SU-2021:1279-1
|
| Platform(s): | openSUSE Leap 15.3
| Product(s): | |
| Definition Synopsis |
| openSUSE Leap 15.3 is installed AND haserl-0.9.36-bp153.2.3.1 is installed
|