Overview

File _patchinfo of Package patchinfo.27575

<patchinfo incident="27575">
  <issue tracker="cve" id="2022-44572"/>
  <issue tracker="cve" id="2022-44571"/>
  <issue tracker="cve" id="2022-44570"/>
  <issue tracker="bnc" id="1207596">VUL-0: CVE-2022-44572: rubygem-rack: denial of service in Content-Disposition parsing</issue>
  <issue tracker="bnc" id="1207597">VUL-0: CVE-2022-44570: rubygem-rack: denial of service in Content-Disposition parsing</issue>
  <issue tracker="bnc" id="1207599">VUL-0: CVE-2022-44571: rubygem-rack: denial of service in Content-Disposition parsing</issue>
  <packager>pgajdos</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for rubygem-rack</summary>
  <description>This update for rubygem-rack fixes the following issues:

- CVE-2022-44570: Fixed a potential denial of service when parsing a
  RFC2183 multipart boundary (bsc#1207597).
- CVE-2022-44571: Fixed a potential denial of service when parsing a
  Range header (bsc#1207599).
- CVE-2022-44572: Fixed a potential denial of service when parsing a
  Content-Disposition header (bsc#1207596).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places