Oval Definition:oval:org.opensuse.security:def:201916779
Revision Date:2022-05-20Version:1
Title:CVE-2019-16779
Description:

In RubyGem excon before 0.71.0, there was a race condition around persistent connections, where a connection which is interrupted (such as by a timeout) would leave data on the socket. Subsequent requests would then read this data, returning content from the previous response. The race condition window appears to be short, and it would be difficult to purposefully exploit this.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2019-16779
SUSE-SU-2020:2053-1
openSUSE-SU-2020:0036-1
openSUSE-SU-2020:0139-1
Mitre CVE-2019-16779
SUSE CVE-2019-16779
SUSE-SU-2020:2053-1
openSUSE-SU-2020:0036-1
openSUSE-SU-2020:0139-1
Platform(s):openSUSE Leap 15.1
SUSE Linux Enterprise High Performance Computing 12
SUSE Linux Enterprise High Performance Computing 15 SP1
SUSE Linux Enterprise Module for Containers 12
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server 15 SP1
SUSE Linux Enterprise Server for SAP Applications 12
SUSE Linux Enterprise Server for SAP Applications 12 SP3
SUSE Linux Enterprise Server for SAP Applications 12 SP4
SUSE Linux Enterprise Server for SAP Applications 12 SP5
SUSE Linux Enterprise Server for SAP Applications 15 SP1
SUSE Linux Enterprise Storage 6
SUSE Manager Proxy 4.0
SUSE Manager Server 4.0
SUSE Package Hub for SUSE Linux Enterprise 15 SP1
Product(s):
Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • ruby2.5-rubygem-excon-0.59.0-lp151.3.3.1 is installed
  • AND ruby2.5-rubygem-excon is signed with openSUSE key
  • OR
  • ruby2.5-rubygem-excon-doc-0.59.0-lp151.3.3.1 is installed
  • AND ruby2.5-rubygem-excon-doc is signed with openSUSE key
  • OR
  • ruby2.5-rubygem-excon-testsuite-0.59.0-lp151.3.3.1 is installed
  • AND ruby2.5-rubygem-excon-testsuite is signed with openSUSE key
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Containers 12 is installed
  • AND Package Information
  • ruby2.1-rubygem-excon-0.52.0-12.3 is installed
  • OR rubygem-excon-0.52.0-12.3 is installed
    • Definition Synopsis
  • SUSE Package Hub for SUSE Linux Enterprise 15 SP1 is installed
  • AND Package Information
  • ruby2.5-rubygem-excon-0.59.0-bp151.4.3.1 is installed
  • OR ruby2.5-rubygem-excon-doc-0.59.0-bp151.4.3.1 is installed
  • OR ruby2.5-rubygem-excon-testsuite-0.59.0-bp151.4.3.1 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise High Performance Computing 12 is installed
  • OR SUSE Linux Enterprise Module for Containers 12 is installed
  • OR SUSE Linux Enterprise Server 12 is installed
  • OR SUSE Linux Enterprise Server 12 SP3 is installed
  • OR SUSE Linux Enterprise Server 12 SP4 is installed
  • OR SUSE Linux Enterprise Server 12 SP5 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed
  • AND ruby2.1-rubygem-excon-0.52.0-12.3.8 is installed
    • BACK