Upstream information
Description
multipart/parser.rb in Rack 1.3.x before 1.3.8 and 1.4.x before 1.4.3 allows remote attackers to cause a denial of service (memory consumption and out-of-memory error) via a long string in a Multipart HTTP packet.NVD CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Novell/SUSE information
Novell Bugzilla entry: 798452 SUSE Security Advisories:- SUSE-SU-2013:0508-1, published Wed, 20 Mar 2013 17:04:42 +0100 (CET)
- openSUSE-SU-2013:0338-1, published Mon, 25 Feb 2013 11:06:04 +0100 (CET)
- openSUSE-SU-2013:0462-1, published Thu, 14 Mar 2013 20:04:25 +0100 (CET)
List of released packages
| Product(s) | Fixed package version(s) | References |
|---|---|---|
| SUSE Studio Extension for System z 1.2 SUSE Studio Onsite 1.2 [Appliance - Studio] SUSE Studio Standard Edition 1.2 WebYaST 1.2 |
| Builds SAT Patch Nr: 7389 |
| SUSE Cloud 1.0 SUSE Linux Enterprise Software Development Kit 11 SP2 |
| Builds SAT Patch Nr: 7388 |
| SUSE Linux Enterprise Software Development Kit 11 SP2 |
| Builds SAT Patch Nr: 7387 |
| BDK 11 SP2 |
| Builds SAT Patch Nr: 7617 |
| SUSE Linux Enterprise Software Development Kit 11 SP2 |
| Builds SAT Patch Nr: 7617 |
| SUSE Lifecycle Management Server 1.3 SUSE Studio Onsite 1.3 WebYaST 1.3 |
| Builds SAT Patch Nr: 7617 |
| SUSE Cloud 1.0 |
| Builds SAT Patch Nr: 7405 |