Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Backports:SLE-15-SP2:Update
patchinfo.16942
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.16942
<patchinfo incident="16942"> <issue tracker="cve" id="2021-29133"/> <issue tracker="bnc" id="1187671">VUL-0: CVE-2021-29133: haserl: information disclosure due to setuid binaries</issue> <packager>susnux</packager> <rating>moderate</rating> <category>security</category> <summary>Security update for haserl</summary> <description>This update for haserl fixes the following issues: Update to version 0.9.36: * Fixed: Its possible to issue a PUT request without a CONTENT-TYPE. Assume an octet-stream in that case. This is CVE-2021-29133 and boo#1187671 * Change the Prefix for variables to be the REQUEST_METHOD (PUT/DELETE/GET/POST) THIS IS A BREAKING CHANGE * Mitigations vs running haserl to get access to files not available to the user. </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor