Описание
Security update for rubygem-activerecord-5_1
This update for rubygem-activerecord-5_1 fixes the following issues:
- CVE-2021-22880: Fixed possible DoS vector in PostgreSQL money type (bsc#1182169).
Список пакетов
Image SLES15-SAP-Azure
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SAP-Azure-BYOS
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SAP-Azure-LI-BYOS-Production
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SAP-Azure-VLI-BYOS-Production
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SAP-EC2-HVM
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SAP-EC2-HVM-BYOS
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SAP-GCE
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SAP-GCE-BYOS
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP1-SAP-Azure
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP1-SAP-Azure-BYOS
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP1-SAP-Azure-LI-BYOS-Production
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP1-SAP-Azure-VLI-BYOS-Production
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP1-SAP-EC2-HVM
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP1-SAP-EC2-HVM-BYOS
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP1-SAP-GCE
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP1-SAP-GCE-BYOS
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP2-SAP-Azure
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP2-SAP-Azure-LI-BYOS-Production
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP2-SAP-BYOS-Azure
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP2-SAP-BYOS-EC2-HVM
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP2-SAP-BYOS-GCE
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP2-SAP-EC2-HVM
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP2-SAP-GCE
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP3-SAP-Azure-LI-BYOS-Production
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP3-SAP-BYOS-Azure
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP3-SAP-BYOS-EC2-HVM
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP3-SAP-BYOS-GCE
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP4-SAP-Azure-LI-BYOS
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP4-SAP-Azure-LI-BYOS-Production
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP4-SAP-Azure-VLI-BYOS
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP4-SAP-Azure-VLI-BYOS-Production
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP4-SAP-BYOS
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP4-SAP-BYOS-Azure
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP4-SAP-BYOS-EC2
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP4-SAP-BYOS-GCE
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP4-SAP-Hardened
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP4-SAP-Hardened-Azure
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP4-SAP-Hardened-BYOS
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP4-SAP-Hardened-BYOS-Azure
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP4-SAP-Hardened-BYOS-EC2
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP4-SAP-Hardened-BYOS-GCE
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP4-SAP-Hardened-EC2
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP4-SAP-Hardened-GCE
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP5-SAP-Azure-3P
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP5-SAP-Azure-LI-BYOS
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP5-SAP-Azure-LI-BYOS-Production
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP5-SAP-Azure-VLI-BYOS
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP5-SAP-Azure-VLI-BYOS-Production
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP5-SAP-BYOS-Azure
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP5-SAP-BYOS-EC2
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP5-SAP-BYOS-GCE
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP5-SAP-Hardened-Azure
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP5-SAP-Hardened-BYOS-Azure
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP5-SAP-Hardened-BYOS-EC2
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP5-SAP-Hardened-BYOS-GCE
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP5-SAP-Hardened-EC2
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP5-SAP-Hardened-GCE
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP6-SAP-Azure-LI-BYOS
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP6-SAP-Azure-LI-BYOS-Production
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP6-SAP-Azure-VLI-BYOS
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP6-SAP-Azure-VLI-BYOS-Production
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP6-SAP-BYOS
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP6-SAP-BYOS-Azure
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP6-SAP-BYOS-EC2
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP6-SAP-BYOS-GCE
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP6-SAP-Hardened
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP6-SAP-Hardened-Azure
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP6-SAP-Hardened-BYOS
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP6-SAP-Hardened-BYOS-Azure
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP6-SAP-Hardened-BYOS-EC2
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP6-SAP-Hardened-BYOS-GCE
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP6-SAP-Hardened-EC2
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SP6-SAP-Hardened-GCE
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
SUSE Linux Enterprise High Availability Extension 15
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
SUSE Linux Enterprise High Availability Extension 15 SP1
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
SUSE Linux Enterprise High Availability Extension 15 SP2
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
SUSE Linux Enterprise High Availability Extension 15 SP3
ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Ссылки
- Link for SUSE-SU-2021:3634-1
- E-Mail link for SUSE-SU-2021:3634-1
- SUSE Security Ratings
- SUSE Bug 1182169
- SUSE CVE CVE-2021-22880 page
Описание
The PostgreSQL adapter in Active Record before 6.1.2.1, 6.0.3.5, 5.2.4.5 suffers from a regular expression denial of service (REDoS) vulnerability. Carefully crafted input can cause the input validation in the `money` type of the PostgreSQL adapter in Active Record to spend too much time in a regular expression, resulting in the potential for a DoS attack. This only impacts Rails applications that are using PostgreSQL along with money type columns that take user input.
Затронутые продукты
Image SLES15-SAP-Azure-BYOS:ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SAP-Azure-LI-BYOS-Production:ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SAP-Azure-VLI-BYOS-Production:ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Image SLES15-SAP-Azure:ruby2.5-rubygem-activerecord-5_1-5.1.4-5.3.3
Ссылки
- CVE-2021-22880
- SUSE Bug 1182169
- SUSE Bug 1188335