Oval Definition:oval:org.opensuse.security:def:72931
Revision Date:2020-12-01Version:1
Title:Security update for rubygem-puma (Moderate)
Description:

This update for rubygem-puma to version 4.3.5 fixes the following issues:

- CVE-2020-11077: Fixed a HTTP smuggling issue related to proxy usage (bsc#1172175). - CVE-2020-11076: Fixed a HTTP smuggling issue when using an invalid transfer-encoding header (bsc#1172176). - Disabled TLSv1.0 and TLSv1.1 (jsc#SLE-6965).
Family:unixClass:patch
Status:Reference(s):1172175
1172176
CVE-2016-5180
CVE-2017-1000381
CVE-2020-11076
CVE-2020-11077
SUSE-SU-2020:1919-1
Platform(s):SUSE Linux Enterprise High Availability 15 SP1
SUSE Linux Enterprise Module for Basesystem 15 SP2
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise High Availability 15 SP1 is installed
  • AND Package Information
  • ruby2.5-rubygem-puma-4.3.5-3.3 is installed
  • OR rubygem-puma-4.3.5-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed
  • AND Package Information
  • c-ares-devel-1.15.0+20200117-3.5 is installed
  • OR libcares2-1.15.0+20200117-3.5 is installed
    • BACK