openSUSE Security Update: Security update for rubygem-excon
Announcement ID: openSUSE-SU-2020:0036-1
openSUSE Leap 15.1
An update that fixes one vulnerability is now available.
This update for rubygem-excon fixes the following issues:
CVE-2019-16779 (boo#1159342): Fix a race condition around persistent
connections, where a connection, which was interrupted, would leave data
on the socket. Subsequent requests would then read this data, returning
content from the previous response.
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 15.1:
zypper in -t patch openSUSE-2020-36=1
- openSUSE Leap 15.1 (x86_64):
To unsubscribe, e-mail: opensuse-security-announce+unsubscribe(a)opensuse.org
For additional commands, e-mail: opensuse-security-announce+help(a)opensuse.org