Security update for rubygem-actionpack-5_1, rubygem-activesupport-5_1
Published Jun 16, 2022
Modified 3 years ago
Fix available
Details
This update for rubygem-actionpack-5_1 and rubygem-activesupport-5_1 fixes the following issues:
CVE-2021-22904: Fixed possible DoS Vulnerability in Action Controller Token Authentication (bsc#1185780)
CVE-2022-23633: Fixed possible exposure of information vulnerability in Action Pack (bsc#1196182)
Affected Packages
ruby2.5-rubygem-actionpack-5_1
SUSE Linux Enterprise High Availability Extension 15SUSE Linux Enterprise High Availability Extension 15 SP1SUSE Linux Enterprise High Availability Extension 15 SP2SUSE Linux Enterprise High Availability Extension 15 SP3SUSE Linux Enterprise High Availability Extension 15 SP4
Fixed in:
5.1.4-150000.3.12.1
ruby2.5-rubygem-activesupport-5_1
SUSE Linux Enterprise High Availability Extension 15SUSE Linux Enterprise High Availability Extension 15 SP1SUSE Linux Enterprise High Availability Extension 15 SP2SUSE Linux Enterprise High Availability Extension 15 SP3SUSE Linux Enterprise High Availability Extension 15 SP4
Fixed in:
5.1.4-150000.3.6.1
rubygem-actionpack-5_1
SUSE Linux Enterprise High Availability Extension 15SUSE Linux Enterprise High Availability Extension 15 SP1SUSE Linux Enterprise High Availability Extension 15 SP2SUSE Linux Enterprise High Availability Extension 15 SP3SUSE Linux Enterprise High Availability Extension 15 SP4
Fixed in:
5.1.4-150000.3.12.1
rubygem-activesupport-5_1
SUSE Linux Enterprise High Availability Extension 15SUSE Linux Enterprise High Availability Extension 15 SP1SUSE Linux Enterprise High Availability Extension 15 SP2SUSE Linux Enterprise High Availability Extension 15 SP3SUSE Linux Enterprise High Availability Extension 15 SP4