OVAL Reference oval:org.opensuse.security:def:52283

Oval Definition:

oval:org.opensuse.security:def:52283

Revision Date:	2020-12-01	Version:	1
Title:	Security update for rubygem-rack (Moderate)
Description:	This update for rubygem-rack to version 2.0.8 fixes the following issues: - CVE-2018-16471: Fixed a cross-site scripting (XSS) flaw via the scheme method on Rack::Request (bsc#1116600). - CVE-2019-16782: Fixed a possible information leak and session hijack vulnerability (bsc#1159548).
Family:	unix	Class:	patch
Status:		Reference(s):	1012382 1037697 1046299 1046300 1046302 1046303 1046305 1046306 1046307 1046533 1046543 1050242 1050536 1050538 1050540 1051510 1054245 1055014 1055186 1056651 1056787 1058169 1058659 1060463 1061843 1065729 1068032 1075087 1075360 1077338 1077428 1077761 1077989 1085042 1085536 1085539 1086301 1086313 1086314 1086324 1086457 1087092 1087202 1087217 1087233 1090098 1090888 1091041 1091171 1093148 1093666 1094119 1096330 1097583 1097584 1097585 1097586 1097587 1097588 1098633 1099193 1100132 1100884 1101143 1101337 1101352 1101564 1101669 1101674 1101789 1101813 1101816 1102088 1102097 1102147 1102340 1102512 1102851 1103216 1103220 1103230 1103421 1114828 1116600 1129923 1134760 1137595 1152489 1159548 1160398 1160790 1161088 1161089 1161670 1166916 1169511 1171352 1172442 1172443 1174748 1174969 1175052 1175898 1176485 1176713 1177086 1177353 1177410 1177411 1177470 1177739 1177749 1177750 1177754 1177755 1177765 1177814 1177817 1177854 1177855 1177856 1177861 1178002 1178079 1178246 CVE-2008-4225 CVE-2008-4226 CVE-2008-4409 CVE-2009-0186 CVE-2009-3939 CVE-2009-4026 CVE-2009-4027 CVE-2009-4131 CVE-2009-4138 CVE-2009-4536 CVE-2009-4538 CVE-2010-1146 CVE-2010-1436 CVE-2010-1641 CVE-2010-2066 CVE-2010-2942 CVE-2010-2954 CVE-2010-2955 CVE-2010-3081 CVE-2010-3296 CVE-2010-3297 CVE-2010-3298 CVE-2010-3301 CVE-2010-3310 CVE-2010-4540 CVE-2010-4541 CVE-2010-4542 CVE-2010-4543 CVE-2011-0020 CVE-2011-0064 CVE-2011-0711 CVE-2011-0712 CVE-2011-1020 CVE-2011-1180 CVE-2011-1577 CVE-2011-1581 CVE-2011-2203 CVE-2011-2696 CVE-2011-2896 CVE-2011-4604 CVE-2012-0056 CVE-2012-3236 CVE-2012-3412 CVE-2012-3520 CVE-2012-5134 CVE-2012-5576 CVE-2013-0160 CVE-2013-0231 CVE-2013-0913 CVE-2013-2850 CVE-2013-4242 CVE-2014-0038 CVE-2014-00691 CVE-2014-0196 CVE-2014-8133 CVE-2014-9496 CVE-2015-1333 CVE-2015-3294 CVE-2015-7550 CVE-2015-7884 CVE-2015-7885 CVE-2015-8539 CVE-2015-8660 CVE-2015-8899 CVE-2016-0723 CVE-2016-0728 CVE-2016-1237 CVE-2016-1583 CVE-2016-1762 CVE-2016-1833 CVE-2016-1834 CVE-2016-1835 CVE-2016-1836 CVE-2016-1837 CVE-2016-1838 CVE-2016-1839 CVE-2016-1840 CVE-2016-2184 CVE-2016-2185 CVE-2016-2186 CVE-2016-2384 CVE-2016-3134 CVE-2016-3135 CVE-2016-3136 CVE-2016-3140 CVE-2016-3627 CVE-2016-3689 CVE-2016-3705 CVE-2016-3713 CVE-2016-4470 CVE-2016-4483 CVE-2016-4485 CVE-2016-4486 CVE-2016-4557 CVE-2016-4558 CVE-2016-4569 CVE-2016-4578 CVE-2016-4951 CVE-2016-4994 CVE-2016-4997 CVE-2016-4998 CVE-2016-5195 CVE-2016-5244 CVE-2016-5829 CVE-2016-6187 CVE-2016-6480 CVE-2016-6516 CVE-2016-6828 CVE-2016-7039 CVE-2016-7042 CVE-2016-7425 CVE-2016-7913 CVE-2016-8655 CVE-2016-9555 CVE-2016-9576 CVE-2016-9811 CVE-2017-1000251 CVE-2017-1000252 CVE-2017-1000255 CVE-2017-1000380 CVE-2017-1000410 CVE-2017-11473 CVE-2017-11600 CVE-2017-12153 CVE-2017-12154 CVE-2017-12190 CVE-2017-12193 CVE-2017-13080 CVE-2017-13081 CVE-2017-13166 CVE-2017-14051 CVE-2017-14489 CVE-2017-15115 CVE-2017-15127 CVE-2017-15128 CVE-2017-15129 CVE-2017-15265 CVE-2017-15537 CVE-2017-15649 CVE-2017-15951 CVE-2017-16525 CVE-2017-16527 CVE-2017-16528 CVE-2017-16529 CVE-2017-16531 CVE-2017-16534 CVE-2017-16535 CVE-2017-16536 CVE-2017-16537 CVE-2017-16538 CVE-2017-16644 CVE-2017-16645 CVE-2017-16646 CVE-2017-16647 CVE-2017-16649 CVE-2017-16650 CVE-2017-16911 CVE-2017-16912 CVE-2017-16913 CVE-2017-16914 CVE-2017-16939 CVE-2017-16994 CVE-2017-16995 CVE-2017-16996 CVE-2017-17052 CVE-2017-17448 CVE-2017-17449 CVE-2017-17450 CVE-2017-17558 CVE-2017-17712 CVE-2017-17741 CVE-2017-17805 CVE-2017-17806 CVE-2017-17852 CVE-2017-17853 CVE-2017-17854 CVE-2017-17855 CVE-2017-17856 CVE-2017-17857 CVE-2017-17862 CVE-2017-17864 CVE-2017-17975 CVE-2017-18075 CVE-2017-18202 CVE-2017-18203 CVE-2017-18204 CVE-2017-18208 CVE-2017-18344 CVE-2017-18344 CVE-2017-2636 CVE-2017-5715 CVE-2017-5753 CVE-2017-5754 CVE-2017-5837 CVE-2017-5844 CVE-2017-5897 CVE-2017-5970 CVE-2017-5986 CVE-2017-6347 CVE-2017-6353 CVE-2017-7184 CVE-2017-7187 CVE-2017-7261 CVE-2017-7277 CVE-2017-7294 CVE-2017-7308 CVE-2017-7346 CVE-2017-7477 CVE-2017-7487 CVE-2017-7541 CVE-2017-7542 CVE-2017-8824 CVE-2017-8831 CVE-2017-8890 CVE-2017-9059 CVE-2017-9074 CVE-2017-9075 CVE-2017-9076 CVE-2017-9077 CVE-2017-9211 CVE-2017-9242 CVE-2018-1000004 CVE-2018-1000028 CVE-2018-1000200 CVE-2018-1000204 CVE-2018-10087 CVE-2018-10124 CVE-2018-10323 CVE-2018-1065 CVE-2018-1068 CVE-2018-10853 CVE-2018-10902 CVE-2018-1091 CVE-2018-10938 CVE-2018-1094 CVE-2018-10940 CVE-2018-1108 CVE-2018-1118 CVE-2018-1120 CVE-2018-1128 CVE-2018-1129 CVE-2018-1130 CVE-2018-12233 CVE-2018-12896 CVE-2018-13053 CVE-2018-13093 CVE-2018-13094 CVE-2018-13095 CVE-2018-13405 CVE-2018-13406 CVE-2018-14613 CVE-2018-14617 CVE-2018-14633 CVE-2018-15572 CVE-2018-16471 CVE-2018-16658 CVE-2018-17182 CVE-2018-3620 CVE-2018-3639 CVE-2018-3646 CVE-2018-5332 CVE-2018-5333 CVE-2018-5390 CVE-2018-5390 CVE-2018-5391 CVE-2018-5803 CVE-2018-5848 CVE-2018-6554 CVE-2018-6555 CVE-2018-6927 CVE-2018-7492 CVE-2018-7566 CVE-2018-7740 CVE-2018-8043 CVE-2018-8087 CVE-2018-8781 CVE-2018-8822 CVE-2018-9363 CVE-2018-9385 CVE-2019-11703 CVE-2019-11704 CVE-2019-11705 CVE-2019-11706 CVE-2019-16782 CVE-2019-16785 CVE-2019-16786 CVE-2019-16789 CVE-2019-16792 CVE-2020-11080 CVE-2020-14351 CVE-2020-16120 CVE-2020-25285 CVE-2020-2754 CVE-2020-2755 CVE-2020-2756 CVE-2020-2757 CVE-2020-2773 CVE-2020-2781 CVE-2020-2800 CVE-2020-2803 CVE-2020-2805 CVE-2020-2830 CVE-2020-7598 CVE-2020-8174 SUSE-SU-2018:2223-1 SUSE-SU-2019:1495-1 SUSE-SU-2020:0359-1 SUSE-SU-2020:1576-1 SUSE-SU-2020:3122-1 SUSE-SU-2020:3269-1
Platform(s):	openSUSE Leap 15.0 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Workstation Extension 15 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE Linux Enterprise Workstation Extension 15 SP2 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information alsa-1.1.5-lp150.4 is installed OR libasound2-1.1.5-lp150.4 is installed OR libasound2-32bit-1.1.5-lp150.4 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information libvirt-0.9.6-0.29 is installed OR libvirt-client-0.9.6-0.29 is installed OR libvirt-client-32bit-0.9.6-0.29 is installed OR libvirt-doc-0.9.6-0.29 is installed OR libvirt-python-0.9.6-0.29 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information MozillaFirefox-31.8.0esr-0.13 is installed OR MozillaFirefox-translations-31.8.0esr-0.13 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information java-1_7_0-openjdk-1.7.0.95-0.17 is installed OR java-1_7_0-openjdk-demo-1.7.0.95-0.17 is installed OR java-1_7_0-openjdk-devel-1.7.0.95-0.17 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information libgcrypt20-1.6.1-9 is installed OR libgcrypt20-32bit-1.6.1-9 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information libsndfile1-1.0.25-21 is installed OR libsndfile1-32bit-1.0.25-21 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information gimp-2.8.18-4 is installed OR gimp-lang-2.8.18-4 is installed OR gimp-plugins-python-2.8.18-4 is installed OR libgimp-2_0-0-2.8.18-4 is installed OR libgimpui-2_0-0-2.8.18-4 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND dnsmasq-2.76-17 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information gstreamer-0_10-plugins-base-0.10.36-17 is installed OR gstreamer-0_10-plugins-base-32bit-0.10.36-17 is installed OR gstreamer-0_10-plugins-base-lang-0.10.36-17 is installed OR libgstapp-0_10-0-0.10.36-17 is installed OR libgstapp-0_10-0-32bit-0.10.36-17 is installed OR libgstinterfaces-0_10-0-0.10.36-17 is installed OR libgstinterfaces-0_10-0-32bit-0.10.36-17 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed AND Package Information ruby2.5-rubygem-rack-doc-2.0.8-3.3 is installed OR ruby2.5-rubygem-rack-testsuite-2.0.8-3.3 is installed OR rubygem-rack-2.0.8-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 is installed AND Package Information java-1_8_0-openjdk-1.8.0.252-3.35 is installed OR java-1_8_0-openjdk-accessibility-1.8.0.252-3.35 is installed OR java-1_8_0-openjdk-javadoc-1.8.0.252-3.35 is installed OR java-1_8_0-openjdk-src-1.8.0.252-3.35 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information libsndfile1-1.0.25-21 is installed OR libsndfile1-32bit-1.0.25-21 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kernel-default-3.12.74-60.64.54 is installed OR kernel-default-base-3.12.74-60.64.54 is installed OR kernel-default-devel-3.12.74-60.64.54 is installed OR kernel-default-man-3.12.74-60.64.54 is installed OR kernel-devel-3.12.74-60.64.54 is installed OR kernel-macros-3.12.74-60.64.54 is installed OR kernel-source-3.12.74-60.64.54 is installed OR kernel-syms-3.12.74-60.64.54 is installed OR kernel-xen-3.12.74-60.64.54 is installed OR kernel-xen-base-3.12.74-60.64.54 is installed OR kernel-xen-devel-3.12.74-60.64.54 is installed OR kgraft-patch-3_12_74-60_64_54-default-1-2 is installed OR kgraft-patch-3_12_74-60_64_54-xen-1-2 is installed OR kgraft-patch-SLE12-SP1_Update_19-1-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND libpng15-15-1.5.22-4 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information kernel-firmware-20170530-21.22 is installed OR ucode-amd-20170530-21.22 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information MozillaFirefox-52.8.1esr-109.34 is installed OR MozillaFirefox-devel-52.8.1esr-109.34 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information MozillaFirefox-52.8.1esr-109.34 is installed OR MozillaFirefox-devel-52.8.1esr-109.34 is installed OR MozillaFirefox-translations-52.8.1esr-109.34 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information dovecot22-2.2.30.2-14 is installed OR dovecot22-backend-mysql-2.2.30.2-14 is installed OR dovecot22-backend-pgsql-2.2.30.2-14 is installed OR dovecot22-backend-sqlite-2.2.30.2-14 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libshibsp-lite6-2.5.5-6.6 is installed OR libshibsp6-2.5.5-6.6 is installed OR shibboleth-sp-2.5.5-6.6 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information libpolkit0-0.113-5.18 is installed OR polkit-0.113-5.18 is installed OR typelib-1_0-Polkit-1_0-0.113-5.18 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libsolv-0.6.36-2.27.19 is installed OR libsolv-tools-0.6.36-2.27.19 is installed OR libzypp-16.20.2-27.60 is installed OR perl-solv-0.6.36-2.27.19 is installed OR python-solv-0.6.36-2.27.19 is installed OR zypper-1.13.54-18.40 is installed OR zypper-log-1.13.54-18.40 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information curl-7.37.0-37.26 is installed OR libcurl4-7.37.0-37.26 is installed OR libcurl4-32bit-7.37.0-37.26 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND libapr1-1.5.1-4.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 15 is installed AND Package Information nodejs8-8.17.0-3.32 is installed OR nodejs8-devel-8.17.0-3.32 is installed OR nodejs8-docs-8.17.0-3.32 is installed OR npm8-8.17.0-3.32 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 is installed AND Package Information kernel-default-4.12.14-25.6 is installed OR kernel-default-extra-4.12.14-25.6 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information MozillaThunderbird-60.7.0-3.36 is installed OR MozillaThunderbird-translations-common-60.7.0-3.36 is installed OR MozillaThunderbird-translations-other-60.7.0-3.36 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP2 is installed AND Package Information kernel-default-5.3.18-24.34 is installed OR kernel-default-extra-5.3.18-24.34 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information grafana-4.5.1-1.8 is installed OR kafka-0.10.2.2-5 is installed OR logstash-2.4.1-5 is installed OR monasca-installer-20180608_12.47-9 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND python-cryptography-2.0.3-3.3 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information libpolkit0-0.113-5.18 is installed OR polkit-0.113-5.18 is installed OR typelib-1_0-Polkit-1_0-0.113-5.18 is installed

BACK