Oval Definition:oval:org.opensuse.security:def:74979
Revision Date:2020-12-01Version:1
Title:Security update for rubygem-puma (Moderate)
Description:

This update for rubygem-puma to version 4.3.5 fixes the following issues:

- CVE-2020-11077: Fixed a HTTP smuggling issue related to proxy usage (bsc#1172175). - CVE-2020-11076: Fixed a HTTP smuggling issue when using an invalid transfer-encoding header (bsc#1172176). - Disabled TLSv1.0 and TLSv1.1 (jsc#SLE-6965).

This update was imported from the SUSE:SLE-15:Update update project.
Family:unixClass:patch
Status:Reference(s):1172175
1172176
1173302
1177383
CVE-2020-11076
CVE-2020-11077
CVE-2020-14196
CVE-2020-25829
openSUSE-SU-2020:0990-1
openSUSE-SU-2020:1687-1
Platform(s):openSUSE Leap 15.1
openSUSE Leap 15.2
Product(s):
Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • ruby2.5-rubygem-puma-4.3.5-lp151.3.3 is installed
  • OR ruby2.5-rubygem-puma-doc-4.3.5-lp151.3.3 is installed
  • OR rubygem-puma-4.3.5-lp151.3.3 is installed
    • Definition Synopsis
  • openSUSE Leap 15.2 is installed
  • AND pdns-recursor-4.1.18-25 is installed
    • BACK