Описание
Security update for rmt-server
This update for rmt-server fixes the following issues:
- Update to version 2.17
- CVE-2024-28103: Fixed Permissions-Policy that was only served on responses with an HTML related Content-Type. (bsc#1225997)
Список пакетов
SUSE Enterprise Storage 7.1
rmt-server-2.17-150300.3.37.1
rmt-server-config-2.17-150300.3.37.1
SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS
rmt-server-2.17-150300.3.37.1
rmt-server-config-2.17-150300.3.37.1
SUSE Linux Enterprise Module for Public Cloud 15 SP3
rmt-server-pubcloud-2.17-150300.3.37.1
SUSE Linux Enterprise Server 15 SP3-LTSS
rmt-server-2.17-150300.3.37.1
rmt-server-config-2.17-150300.3.37.1
SUSE Linux Enterprise Server for SAP Applications 15 SP3
rmt-server-2.17-150300.3.37.1
rmt-server-config-2.17-150300.3.37.1
Ссылки
- Link for SUSE-SU-2024:2140-1
- E-Mail link for SUSE-SU-2024:2140-1
- SUSE Security Ratings
- SUSE Bug 1203171
- SUSE Bug 1225997
- SUSE CVE CVE-2024-28103 page
Описание
Action Pack is a framework for handling and responding to web requests. Since 6.1.0, the application configurable Permissions-Policy is only served on responses with an HTML related Content-Type. This vulnerability is fixed in 6.1.7.8, 7.0.8.2, and 7.1.3.3.
Затронутые продукты
SUSE Enterprise Storage 7.1:rmt-server-2.17-150300.3.37.1
SUSE Enterprise Storage 7.1:rmt-server-config-2.17-150300.3.37.1
SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:rmt-server-2.17-150300.3.37.1
SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:rmt-server-config-2.17-150300.3.37.1
Ссылки
- CVE-2024-28103
- SUSE Bug 1225996