ruby2.7-rubygem-passenger-6.0.8-3.2 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:11341-1 Final 1 1 2024-06-15T00:00:00Z current 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z ruby2.7-rubygem-passenger-6.0.8-3.2 on GA media These are all security issues fixed in the ruby2.7-rubygem-passenger-6.0.8-3.2 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-11341 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2013-2119/ SUSE CVE CVE-2013-2119 page https://www.suse.com/security/cve/CVE-2013-4547/ SUSE CVE CVE-2013-4547 page https://www.suse.com/security/cve/CVE-2014-1831/ SUSE CVE CVE-2014-1831 page https://www.suse.com/security/cve/CVE-2014-1832/ SUSE CVE CVE-2014-1832 page https://www.suse.com/security/cve/CVE-2015-7519/ SUSE CVE CVE-2015-7519 page https://www.suse.com/security/cve/CVE-2016-1247/ SUSE CVE CVE-2016-1247 page https://www.suse.com/security/cve/CVE-2017-7529/ SUSE CVE CVE-2017-7529 page https://www.suse.com/security/cve/CVE-2018-12026/ SUSE CVE CVE-2018-12026 page https://www.suse.com/security/cve/CVE-2018-12029/ SUSE CVE CVE-2018-12029 page openSUSE Tumbleweed ruby2.7-rubygem-passenger-6.0.8-3.2 ruby3.0-rubygem-passenger-6.0.8-3.2 rubygem-passenger-6.0.8-3.2 rubygem-passenger-apache2-6.0.8-3.2 rubygem-passenger-nginx-6.0.8-3.2 ruby2.7-rubygem-passenger-6.0.8-3.2 as a component of openSUSE Tumbleweed ruby3.0-rubygem-passenger-6.0.8-3.2 as a component of openSUSE Tumbleweed rubygem-passenger-6.0.8-3.2 as a component of openSUSE Tumbleweed rubygem-passenger-apache2-6.0.8-3.2 as a component of openSUSE Tumbleweed rubygem-passenger-nginx-6.0.8-3.2 as a component of openSUSE Tumbleweed Phusion Passenger gem before 3.0.21 and 4.0.x before 4.0.5 for Ruby allows local users to cause a denial of service (prevent application start) or gain privileges by pre-creating a temporary "config" file in a directory with a predictable name in /tmp/ before it is used by the gem. CVE-2013-2119 openSUSE Tumbleweed:ruby2.7-rubygem-passenger-6.0.8-3.2 openSUSE Tumbleweed:ruby3.0-rubygem-passenger-6.0.8-3.2 openSUSE Tumbleweed:rubygem-passenger-6.0.8-3.2 openSUSE Tumbleweed:rubygem-passenger-apache2-6.0.8-3.2 openSUSE Tumbleweed:rubygem-passenger-nginx-6.0.8-3.2 moderate 4.6 AV:L/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-2119.html CVE-2013-2119 https://bugzilla.suse.com/828005 SUSE Bug 828005 https://bugzilla.suse.com/919726 SUSE Bug 919726 nginx 0.8.41 through 1.4.3 and 1.5.x before 1.5.7 allows remote attackers to bypass intended restrictions via an unescaped space character in a URI. CVE-2013-4547 openSUSE Tumbleweed:ruby2.7-rubygem-passenger-6.0.8-3.2 openSUSE Tumbleweed:ruby3.0-rubygem-passenger-6.0.8-3.2 openSUSE Tumbleweed:rubygem-passenger-6.0.8-3.2 openSUSE Tumbleweed:rubygem-passenger-apache2-6.0.8-3.2 openSUSE Tumbleweed:rubygem-passenger-nginx-6.0.8-3.2 important 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2013-4547.html CVE-2013-4547 https://bugzilla.suse.com/851295 SUSE Bug 851295 Phusion Passenger before 4.0.37 allows local users to write to certain files and directories via a symlink attack on (1) control_process.pid or a (2) generation-* file. CVE-2014-1831 openSUSE Tumbleweed:ruby2.7-rubygem-passenger-6.0.8-3.2 openSUSE Tumbleweed:ruby3.0-rubygem-passenger-6.0.8-3.2 openSUSE Tumbleweed:rubygem-passenger-6.0.8-3.2 openSUSE Tumbleweed:rubygem-passenger-apache2-6.0.8-3.2 openSUSE Tumbleweed:rubygem-passenger-nginx-6.0.8-3.2 moderate 2.1 AV:L/AC:L/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-1831.html CVE-2014-1831 https://bugzilla.suse.com/860994 SUSE Bug 860994 https://bugzilla.suse.com/864352 SUSE Bug 864352 Phusion Passenger 4.0.37 allows local users to write to certain files and directories via a symlink attack on (1) control_process.pid or a (2) generation-* file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-1831. CVE-2014-1832 openSUSE Tumbleweed:ruby2.7-rubygem-passenger-6.0.8-3.2 openSUSE Tumbleweed:ruby3.0-rubygem-passenger-6.0.8-3.2 openSUSE Tumbleweed:rubygem-passenger-6.0.8-3.2 openSUSE Tumbleweed:rubygem-passenger-apache2-6.0.8-3.2 openSUSE Tumbleweed:rubygem-passenger-nginx-6.0.8-3.2 moderate 2.1 AV:L/AC:L/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-1832.html CVE-2014-1832 https://bugzilla.suse.com/860994 SUSE Bug 860994 https://bugzilla.suse.com/864352 SUSE Bug 864352 agent/Core/Controller/SendRequest.cpp in Phusion Passenger before 4.0.60 and 5.0.x before 5.0.22, when used in Apache integration mode or in standalone mode without a filtering proxy, allows remote attackers to spoof headers passed to applications by using an _ (underscore) character instead of a - (dash) character in an HTTP header, as demonstrated by an X_User header. CVE-2015-7519 openSUSE Tumbleweed:ruby2.7-rubygem-passenger-6.0.8-3.2 openSUSE Tumbleweed:ruby3.0-rubygem-passenger-6.0.8-3.2 openSUSE Tumbleweed:rubygem-passenger-6.0.8-3.2 openSUSE Tumbleweed:rubygem-passenger-apache2-6.0.8-3.2 openSUSE Tumbleweed:rubygem-passenger-nginx-6.0.8-3.2 moderate 4.9 AV:N/AC:M/Au:S/C:P/I:P/A:N 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-7519.html CVE-2015-7519 https://bugzilla.suse.com/956281 SUSE Bug 956281 The nginx package before 1.6.2-5+deb8u3 on Debian jessie, the nginx packages before 1.4.6-1ubuntu3.6 on Ubuntu 14.04 LTS, before 1.10.0-0ubuntu0.16.04.3 on Ubuntu 16.04 LTS, and before 1.10.1-0ubuntu1.1 on Ubuntu 16.10, and the nginx ebuild before 1.10.2-r3 on Gentoo allow local users with access to the web server user account to gain root privileges via a symlink attack on the error log. CVE-2016-1247 openSUSE Tumbleweed:ruby2.7-rubygem-passenger-6.0.8-3.2 openSUSE Tumbleweed:ruby3.0-rubygem-passenger-6.0.8-3.2 openSUSE Tumbleweed:rubygem-passenger-6.0.8-3.2 openSUSE Tumbleweed:rubygem-passenger-apache2-6.0.8-3.2 openSUSE Tumbleweed:rubygem-passenger-nginx-6.0.8-3.2 moderate 5.5 AV:L/AC:M/Au:S/C:C/I:P/A:P 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-1247.html CVE-2016-1247 https://bugzilla.suse.com/1007000 SUSE Bug 1007000 Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer overflow vulnerability in nginx range filter module resulting into leak of potentially sensitive information triggered by specially crafted request. CVE-2017-7529 openSUSE Tumbleweed:ruby2.7-rubygem-passenger-6.0.8-3.2 openSUSE Tumbleweed:ruby3.0-rubygem-passenger-6.0.8-3.2 openSUSE Tumbleweed:rubygem-passenger-6.0.8-3.2 openSUSE Tumbleweed:rubygem-passenger-apache2-6.0.8-3.2 openSUSE Tumbleweed:rubygem-passenger-nginx-6.0.8-3.2 important 5 AV:N/AC:L/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-7529.html CVE-2017-7529 https://bugzilla.suse.com/1048265 SUSE Bug 1048265 During the spawning of a malicious Passenger-managed application, SpawningKit in Phusion Passenger 5.3.x before 5.3.2 allows such applications to replace key files or directories in the spawning communication directory with symlinks. This then could result in arbitrary reads and writes, which in turn can result in information disclosure and privilege escalation. CVE-2018-12026 openSUSE Tumbleweed:ruby2.7-rubygem-passenger-6.0.8-3.2 openSUSE Tumbleweed:ruby3.0-rubygem-passenger-6.0.8-3.2 openSUSE Tumbleweed:rubygem-passenger-6.0.8-3.2 openSUSE Tumbleweed:rubygem-passenger-apache2-6.0.8-3.2 openSUSE Tumbleweed:rubygem-passenger-nginx-6.0.8-3.2 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-12026.html CVE-2018-12026 https://bugzilla.suse.com/1097655 SUSE Bug 1097655 https://bugzilla.suse.com/1097663 SUSE Bug 1097663 https://bugzilla.suse.com/1097664 SUSE Bug 1097664 A race condition in the nginx module in Phusion Passenger 3.x through 5.x before 5.3.2 allows local escalation of privileges when a non-standard passenger_instance_registry_dir with insufficiently strict permissions is configured. Replacing a file with a symlink after the file was created, but before it was chowned, leads to the target of the link being chowned via the path. Targeting sensitive files such as root's crontab file allows privilege escalation. CVE-2018-12029 openSUSE Tumbleweed:ruby2.7-rubygem-passenger-6.0.8-3.2 openSUSE Tumbleweed:ruby3.0-rubygem-passenger-6.0.8-3.2 openSUSE Tumbleweed:rubygem-passenger-6.0.8-3.2 openSUSE Tumbleweed:rubygem-passenger-apache2-6.0.8-3.2 openSUSE Tumbleweed:rubygem-passenger-nginx-6.0.8-3.2 moderate 4.4 AV:L/AC:M/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-12029.html CVE-2018-12029 https://bugzilla.suse.com/1097655 SUSE Bug 1097655 https://bugzilla.suse.com/1097663 SUSE Bug 1097663 https://bugzilla.suse.com/1097664 SUSE Bug 1097664