Hello community, here is the log from the commit of package patchinfo.14164 for openSUSE:Leap:15.2:Update checked in at 2020-09-26 06:20:40 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Leap:15.2:Update/patchinfo.14164 (Old) and /work/SRC/openSUSE:Leap:15.2:Update/.patchinfo.14164.new.4249 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "patchinfo.14164" Sat Sep 26 06:20:40 2020 rev:1 rq:836178 version:unknown Changes: -------- New Changes file: NO CHANGES FILE!!! New: ---- _patchinfo ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ _patchinfo ++++++ <patchinfo incident="14164"> <issue tracker="cve" id="2020-8164"/> <issue tracker="bnc" id="1172177">VUL-0: CVE-2020-8164: rubygem-actionpack-2,rubygem-actionpack-5_1,rubygem-actionpack-5.2: Possible Strong Parameters Bypass leading to untrusted user input</issue> <packager>mschnitzer</packager> <rating>important</rating> <category>security</category> <summary>Security update for rubygem-actionpack-5_1</summary> <description>This update for rubygem-actionpack-5_1 fixes the following issues: - CVE-2020-8164: Possible Strong Parameters Bypass in ActionPack. There is a strong parameters bypass vector in ActionPack. (bsc#1172177) This update was imported from the SUSE:SLE-15:Update update project.</description> </patchinfo>