This update for rubygem-rack fixes the following issues:
CVE-2022-30122: Fixed crafted multipart POST request may cause a DoS (bsc#1200748)
CVE-2022-30123: Fixed crafted requests can cause shell escape sequences (bsc#1200750)
Affected Packages
ruby2.5-rubygem-rack
SUSE Linux Enterprise High Availability Extension 15SUSE Linux Enterprise High Availability Extension 15 SP1SUSE Linux Enterprise High Availability Extension 15 SP2SUSE Linux Enterprise High Availability Extension 15 SP3SUSE Linux Enterprise High Availability Extension 15 SP4
Fixed in:
2.0.8-150000.3.6.1
rubygem-rack
SUSE Linux Enterprise High Availability Extension 15SUSE Linux Enterprise High Availability Extension 15 SP1SUSE Linux Enterprise High Availability Extension 15 SP2SUSE Linux Enterprise High Availability Extension 15 SP3SUSE Linux Enterprise High Availability Extension 15 SP4