Oval Definition:	oval:org.opensuse.security:def:65750
Revision Date: 2020-12-01 Version: 1 Title: Security update for rubygem-rack (Moderate) Description: This update for rubygem-rack to version 2.0.8 fixes the following issues: - CVE-2018-16471: Fixed a cross-site scripting (XSS) flaw via the scheme method on Rack::Request (bsc#1116600). - CVE-2019-16782: Fixed a possible information leak and session hijack vulnerability (bsc#1159548). Family: unix Class: patch Status: Reference(s): 1114828 1116600 1159548 1174157 1175259 CVE-2018-16471 CVE-2019-16782 CVE-2019-17639 CVE-2020-14556 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14581 CVE-2020-14583 CVE-2020-14593 CVE-2020-14621 SUSE-SU-2020:0359-1 SUSE-SU-2020:2453-1 Platform(s): SUSE Linux Enterprise Module for Legacy Software 15 SP1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 Product(s): Definition Synopsis SUSE Linux Enterprise Module for Legacy Software 15 SP1 is installed AND Package Information java-1_8_0-ibm-1.8.0_sr6.15-3.41 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr6.15-3.41 is installed OR java-1_8_0-ibm-devel-1.8.0_sr6.15-3.41 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr6.15-3.41 is installed Definition Synopsis SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed AND Package Information ruby2.5-rubygem-rack-doc-2.0.8-3.3 is installed OR ruby2.5-rubygem-rack-testsuite-2.0.8-3.3 is installed OR rubygem-rack-2.0.8-3.3 is installed
BACK