SUSE-SU-2026:1964-1

Details

Description of the patch:

This update for rmt-server fixes the following issues

CVE-2026-26961: rack: mismatch in header handling can allow to smuggle multipart content (bsc#1261398).
CVE-2026-26962: rack: improper unfolding of folded multipart headers can lead to header injection or response splitting (bsc#1261471).
CVE-2026-34230: rack: crafted Accept-Encoding header can cause a denial of service (bsc#1261388).
CVE-2026-34763: rack: failing of the prefix stripping can lead to information disclosure (bsc#1261406).
CVE-2026-34785: rack: prefix matching can expose unintended files under the static root (bsc#1261417).
CVE-2026-34786: rack: URL-encoded path mismatch can lead to header_rules bypass (bsc#1261426).
CVE-2026-34826: rack: multipart byte range processing can allow denial of service (bsc#1261436).
CVE-2026-34829: rack: multipart parsing without Content-Length header allows unbounded chunked file uploads (bsc#1261447).
CVE-2026-34830: rack: crafted X-Accel-Mappingheaders can lead to regex injection (bsc#1261458).
CVE-2026-34831: rack: Content-Length mismatch can lead to incorrectly framed error responses (bsc#1261466).

Other fixes:

Update to version 2.27

Affected Packages

rmt-server

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOSSUSE Linux Enterprise High Performance Computing 15 SP4-LTSSSUSE Linux Enterprise Server 15 SP4-LTSSSUSE Linux Enterprise Server for SAP Applications 15 SP4

Fixed in:

2.27-150400.3.54.1

rmt-server-config

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOSSUSE Linux Enterprise High Performance Computing 15 SP4-LTSSSUSE Linux Enterprise Server 15 SP4-LTSSSUSE Linux Enterprise Server for SAP Applications 15 SP4

Fixed in:

2.27-150400.3.54.1

rmt-server-pubcloud

SUSE Linux Enterprise Module for Public Cloud 15 SP4

Fixed in:

2.27-150400.3.54.1

References