RHEL 8 : Satellite 6.14.2 Async Security Update (Important) (RHSA-2024:0797)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0797 advisory. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to...

openSUSE: Security Advisory for rubygem (SUSE-SU-2023:3957-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Important: Red Hat Security Advisory: Satellite 6.14.2 Async Security Update

Updated Satellite 6.14 packages that fixes Important security bugs and several regular bugs are now available for Red Hat Satellite. Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet...

SUSE SLES15 / openSUSE 15 Security Update : rubygem-puma (SUSE-SU-2023:3957-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:3957-1 advisory. - Puma is a Ruby/Rack web server built for parallelism. Prior to versions 6.3.1 and 5.6.7, puma exhibited incorrect behavior when parsing...

SUSE-SU-2023:3957-1 Security update for rubygem-puma

This update for rubygem-puma fixes the following issues: - CVE-2023-40175: Fixed HTTP request smuggling when parsing chunked transfer encoding bodies and zero-length content-length headers bsc1214425...

CVE-2023-40175

An HTTP request smuggling attack vulnerability was found in Rubygem Puma. This flaw allows an attacker to gain unauthorized access to sensitive data due to an inconsistent interpretation of HTTP requests...

SUSE SLES15 Security Update : rubygem-puma (SUSE-SU-2022:3571-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:3571-1 advisory. - Puma is a simple, fast, multi-threaded, parallel HTTP 1.1 server for Ruby/Rack applications. When using Puma behind a proxy that does not...

SUSE-SU-2022:3571-1 Security update for rubygem-puma

This update for rubygem-puma fixes the following issues: Updated to version 4.3.12: - CVE-2022-24790: Fixed HTTP request smuggling if proxy is not RFC7230 compliant bsc1197818...

SUSE-SU-2022:3339-1 Security update for ardana-ansible, ardana-cobbler, ardana-tempest, grafana, openstack-heat-templates, openstack-horizon-plugin-gbp-ui, openstack-neutron-gbp, openstack-nova, python-Django1, rabbitmq-server, rubygem-puma

This update for ardana-ansible, ardana-cobbler, ardana-tempest, grafana, openstack-heat-templates, openstack-horizon-plugin-gbp-ui, openstack-neutron-gbp, openstack-nova, python-Django1, rabbitmq-server, rubygem-puma fixes the following issues: Security fixes included in this update:...

SUSE-SU-2022:3338-1 Security update for ardana-ansible, ardana-cobbler, grafana, openstack-heat-templates, openstack-murano, python-Django, rabbitmq-server, rubygem-puma

This update for ardana-ansible, ardana-cobbler, grafana, openstack-heat-templates, openstack-murano, python-Django, rabbitmq-server, rubygem-puma fixes the following issues: Security updates included on this update: ardana-ansible, ardana-cobbler, grafana, openstack-heat-templates,...

Fedora: Security Advisory for rubygem-puma (FEDORA-2022-7c8b29195f)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for rubygem-puma (FEDORA-2022-de968d1b6c)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE: Security Advisory for rubygem-puma (SUSE-SU-2022:1515-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE SLES15 Security Update : rubygem-puma (SUSE-SU-2022:1515-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1515-1 advisory. - Puma is a concurrent HTTP 1.1 server for Ruby/Rack applications. The fix for CVE-2019-16770 was incomplete. The original fix only...

SUSE-SU-2022:1515-1 Security update for rubygem-puma

This update for rubygem-puma fixes the following issues: rubygem-puma was updated to version 4.3.11: CVE-2021-29509: Adjusted an incomplete fix for allows Denial of Service DoS bsc1188527 CVE-2021-41136: Fixed request smuggling if HTTP header value contains the LF character bsc1191681...

SUSE-SU-2021:3728-1 Security update for ardana-ansible, ardana-monasca, documentation-suse-openstack-cloud, openstack-ec2-api, openstack-heat-templates, python-Django, python-monasca-common, rubygem-redcarpet, rubygem-puma

This update for ardana-ansible, ardana-monasca, documentation-suse-openstack-cloud, openstack-ec2-api, openstack-heat-templates, python-Django, python-monasca-common, rubygem-redcarpet, rubygem-puma contains the following fixes: Security fixes included in this update: rubygem-redcarpet:...

SUSE-SU-2021:2914-1 Security update for rubygem-puma

This update for rubygem-puma fixes the following issues: - CVE-2021-29509: Incomplete fix for CVE-2019-16770 allows Denial of Service bsc1188527...

SUSE-SU-2021:2761-1 Security update for rubygem-puma

This update for rubygem-puma fixes the following issues: - CVE-2021-29509: Incomplete fix for CVE-2019-16770 allows Denial of Service bsc1188527...

CVE-2021-29509

A flaw was found in rubygem-puma. The fix for CVE-2019-16770 was incomplete. The original fix only protected existing connections that had already been accepted from having their requests starved by greedy persistent-connections saturating all threads in the same process. However, new connections...

Fedora: Security Advisory for rubygem-puma (FEDORA-2020-fe354f24e8)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...