Hello People, We have just released Open Build Service 2.10.22 which fixes security vulnerabilities. You should update your installations as soon as possible. ## Fixed Issues Frontend: * Update rack to version 2.2.8.1 - Fixed ReDoS in Accept header parsing [CVE-2024-26146] - Fixed ReDoS in Content Type header parsing [CVE-2024-25126] - Reject Range headers which are too large [CVE-2024-26141] DoS Vulnerability in Multipart MIME parsing. ## How to Update Package updates are available from the 2.10 repositories https://build.opensuse.org/project/show/OBS:Server:2.10 Fixed appliances can be downloaded from http://openbuildservice.org/download Kind regards, --- Daniel Donisa daniel.donisa@suse.com Build Solutions Team SUSE Software Solutions Germany GmbH