openSUSE Security Update : rubygem-sprockets (openSUSE-2018-773)
Medium Nessus Plugin ID 111425
SynopsisThe remote openSUSE host is missing a security update.
DescriptionThis update for rubygem-sprockets fixes the following issues :
The following security vulnerability was addressed :
- CVE-2018-3760: Fixed a path traversal issue in sprockets/server.rb:forbidden_request?(), which allowed remote attackers to read arbitrary files (bsc#1098369)
This update was imported from the SUSE:SLE-15:Update update project.
SolutionUpdate the affected rubygem-sprockets package.