Описание
Security update for rmt-server
This update for rmt-server fixes the following issues:
- Update to version 2.17
- CVE-2024-28103: Fixed Permissions-Policy that was only served on responses with an HTML related Content-Type. (bsc#1225997)
Список пакетов
Container suse/rmt-server:latest
rmt-server-2.17-150500.3.16.1
rmt-server-config-2.17-150500.3.16.1
SUSE Linux Enterprise Module for Public Cloud 15 SP5
rmt-server-pubcloud-2.17-150500.3.16.1
SUSE Linux Enterprise Module for Public Cloud 15 SP6
rmt-server-pubcloud-2.17-150500.3.16.1
SUSE Linux Enterprise Module for Server Applications 15 SP5
rmt-server-2.17-150500.3.16.1
rmt-server-config-2.17-150500.3.16.1
SUSE Linux Enterprise Module for Server Applications 15 SP6
rmt-server-2.17-150500.3.16.1
rmt-server-config-2.17-150500.3.16.1
openSUSE Leap 15.5
rmt-server-2.17-150500.3.16.1
rmt-server-config-2.17-150500.3.16.1
rmt-server-pubcloud-2.17-150500.3.16.1
openSUSE Leap 15.6
rmt-server-2.17-150500.3.16.1
rmt-server-config-2.17-150500.3.16.1
rmt-server-pubcloud-2.17-150500.3.16.1
Ссылки
- Link for SUSE-SU-2024:1974-1
- E-Mail link for SUSE-SU-2024:1974-1
- SUSE Security Ratings
- SUSE Bug 1203171
- SUSE Bug 1225997
- SUSE CVE CVE-2024-28103 page
Описание
Action Pack is a framework for handling and responding to web requests. Since 6.1.0, the application configurable Permissions-Policy is only served on responses with an HTML related Content-Type. This vulnerability is fixed in 6.1.7.8, 7.0.8.2, and 7.1.3.3.
Затронутые продукты
Container suse/rmt-server:latest:rmt-server-2.17-150500.3.16.1
Container suse/rmt-server:latest:rmt-server-config-2.17-150500.3.16.1
SUSE Linux Enterprise Module for Public Cloud 15 SP5:rmt-server-pubcloud-2.17-150500.3.16.1
SUSE Linux Enterprise Module for Public Cloud 15 SP6:rmt-server-pubcloud-2.17-150500.3.16.1
Ссылки
- CVE-2024-28103
- SUSE Bug 1225996