| Revision Date: | 2020-02-07 | Version: | 1 |
| Title: | Security update for rubygem-rack (Moderate) |
| Description: |
This update for rubygem-rack to version 2.0.8 fixes the following issues:
- CVE-2018-16471: Fixed a cross-site scripting (XSS) flaw via the scheme method on Rack::Request (bsc#1116600). - CVE-2019-16782: Fixed a possible information leak and session hijack vulnerability (bsc#1159548).
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1114828
1116600
1159548
CVE-2018-16471
CVE-2019-16782
SUSE-SU-2020:0359-1
|
| Platform(s): | SUSE Linux Enterprise High Availability 15 SP1
SUSE Linux Enterprise High Performance Computing 15 SP1
SUSE Linux Enterprise Server 15 SP1
SUSE Linux Enterprise Server for SAP Applications 15 SP1
SUSE Linux Enterprise Storage 6
SUSE Manager Proxy 4.0
SUSE Manager Server 4.0
| Product(s): | |
| Definition Synopsis |
| SUSE Linux Enterprise High Availability 15 SP1 is installed AND ruby2.5-rubygem-rack-2.0.8-3.3.1 is installed
|