Oval Definition:	oval:org.opensuse.security:def:65110
Revision Date: 2020-12-01 Version: 1 Title: Recommended update for ruby2.5 (Important) Description: This update for ruby2.5 toversion 2.5.7 fixes the following issues: ruby 2.5 was updated to version 2.5.7 - CVE-2020-8130: Fixed a command injection in intree copy of rake (bsc#1164804). - CVE-2019-16255: Fixed a code injection vulnerability of Shell#[] and Shell#test (bsc#1152990). - CVE-2019-16254: Fixed am HTTP response splitting in WEBrick (bsc#1152992). - CVE-2019-15845: Fixed a null injection vulnerability of File.fnmatch and File.fnmatch? (bsc#1152994). - CVE-2019-16201: Fixed a regular expression denial of service of WEBrick Digest access authentication (bsc#1152995). - CVE-2012-6708: Fixed an XSS in JQuery - CVE-2015-9251: Fixed an XSS in JQuery - Fixed unit tests (bsc#1140844) - Removed some unneeded test files (bsc#1162396). Family: unix Class: patch Status: Reference(s): 1140844 1152990 1152992 1152994 1152995 1155094 1162396 1162825 1164804 1176804 1178122 1178392 CVE-2012-6708 CVE-2015-9251 CVE-2019-15845 CVE-2019-16201 CVE-2019-16254 CVE-2019-16255 CVE-2019-18348 CVE-2019-9674 CVE-2020-14370 CVE-2020-8130 SUSE-SU-2020:0737-1 SUSE-SU-2020:1339-1 Platform(s): openSUSE Leap 15.2 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for Desktop Applications 15 SP1 Product(s): Definition Synopsis openSUSE Leap 15.2 is installed AND Package Information podman-2.1.1-lp152.4.6 is installed OR podman-cni-config-2.1.1-lp152.4.6 is installed Definition Synopsis SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed AND Package Information libruby2_5-2_5-2.5.7-4.8 is installed OR ruby2.5-2.5.7-4.8 is installed OR ruby2.5-devel-2.5.7-4.8 is installed OR ruby2.5-devel-extra-2.5.7-4.8 is installed OR ruby2.5-stdlib-2.5.7-4.8 is installed Definition Synopsis SUSE Linux Enterprise Module for Desktop Applications 15 SP1 is installed AND Package Information python-2.7.17-7.38 is installed OR python-tk-2.7.17-7.38 is installed
BACK