Overview

File _patchinfo of Package patchinfo.24763

<patchinfo incident="24763">
  <issue tracker="cve" id="2022-30123"/>
  <issue tracker="cve" id="2022-30122"/>
  <issue tracker="bnc" id="1201588">Latest update for rubygem-rack breaking crowbar-init service for cloud8/cloud9</issue>
  <issue tracker="bnc" id="1200750">VUL-0: CVE-2022-30123: rubygem-rack: crafted requests can cause shell escape sequences</issue>
  <issue tracker="bnc" id="1200748">VUL-0: CVE-2022-30122: rubygem-rack: crafted multipart POST request may cause a DoS</issue>
  <packager>pgajdos</packager>
  <rating>critical</rating>
  <category>security</category>
  <summary>Security update for rubygem-rack</summary>
  <description>This update for rubygem-rack fixes the following issues:

- CVE-2022-30122: Fixed crafted multipart POST request may cause a DoS (bsc#1200748)
- CVE-2022-30123: Fixed crafted requests can cause shell escape sequences (bsc#1200750)

The following non-security bug was fixed:

- Fixed a regression in CVE-2022-30122 patch (bsc#1201588).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places