Oval Definition:oval:org.opensuse.security:def:66257
Revision Date:2020-12-01Version:1
Title:Security update for rubygem-rack (Moderate)
Description:

This update for rubygem-rack to version 2.0.8 fixes the following issues:

- CVE-2018-16471: Fixed a cross-site scripting (XSS) flaw via the scheme method on Rack::Request (bsc#1116600). - CVE-2019-16782: Fixed a possible information leak and session hijack vulnerability (bsc#1159548).
Family:unixClass:patch
Status:Reference(s):1114828
1116600
1159548
CVE-2018-1000845
CVE-2018-16471
CVE-2019-16782
SUSE-SU-2020:0359-1
Platform(s):SUSE Linux Enterprise High Availability 15 SP1
SUSE Linux Enterprise Module for Basesystem 15 SP2
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise High Availability 15 SP1 is installed
  • AND Package Information
  • ruby2.5-rubygem-rack-2.0.8-3.3 is installed
  • OR rubygem-rack-2.0.8-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed
  • AND Package Information
  • avahi-0.7-1 is installed
  • OR avahi-compat-howl-devel-0.7-1 is installed
  • OR avahi-compat-mDNSResponder-devel-0.7-1 is installed
  • OR avahi-lang-0.7-1 is installed
  • OR avahi-utils-0.7-1 is installed
  • OR libavahi-client3-0.7-1 is installed
  • OR libavahi-client3-32bit-0.7-1 is installed
  • OR libavahi-common3-0.7-1 is installed
  • OR libavahi-common3-32bit-0.7-1 is installed
  • OR libavahi-core7-0.7-1 is installed
  • OR libavahi-devel-0.7-1 is installed
  • OR libdns_sd-0.7-1 is installed
  • OR libhowl0-0.7-1 is installed
    • BACK