openSUSE 16 Security Update : hawk2 (openSUSE-SU-2026:20025-1)

The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20025-1 advisory. - Bump ruby gem rack to 3.1.18 bsc1251939. - Bump ruby gem uri to 1.0.4. - Fix the mtime in manifest.json bsc1230275. - Make builds determinitst...

OPENSUSE-SU-2026:20025-1 Security update for hawk2

This update for hawk2 fixes the following issues: - Bump ruby gem rack to 3.1.18 bsc1251939. - Bump ruby gem uri to 1.0.4. - Fix the mtime in manifest.json bsc1230275. - Make builds determinitstic bsc1230275. - Bump rails version from 8.0.2 to 8.0.2.1 bsc1248100. - Require openssl explicitly...

GHSA-R4MG-4433-C7G3 Active Storage allowed transformation methods that were potentially unsafe

Active Storage attempts to prevent the use of potentially unsafe image transformation methods and parameters by default. The default allowed list contains three methods allowing for the circumvention of the safe defaults which enables potential command injection vulnerabilities in cases where...

PT-2025-33099

Name of the Vulnerable Software and Affected Versions: Active Record versions prior to 7.1.5.2 Active Record versions prior to 7.2.2.2 Active Record versions prior to 8.0.2.1 Description: Active Record connects classes to relational database tables. The ID passed to find or similar methods may be...