Overview
Security update for rubygem-rack

This update for rubygem-rack to version 2.0.8 fixes the following issues:

- CVE-2018-16471: Fixed a cross-site scripting (XSS) flaw via the scheme method on Rack::Request (bsc#1116600).
- CVE-2019-16782: Fixed a possible information leak and session hijack vulnerability (bsc#1159548).

This update was imported from the SUSE:SLE-15:Update update project.

Fixed bugs
CVE-2019-16782
CVE-2018-16471
bnc#1114828
VUL-0: CVE-2018-16471: rubygem-rack: Cross-site scripting via 'scheme' method on 'Rack:Request'
bnc#1116600
VUL-1: CVE-2018-16471: rubygem-rack: XSS vulnerability in Rack
bnc#1159548
VUL-0: CVE-2019-16782: rubygem-rack-1_4,rubygem-rack: Possible Information Leak / Session Hijack Vulnerability in Rack
Selected Binaries
openSUSE Build Service is sponsored by
Places