SUSE-CU-2025:2580-1: Security update of suse/rmt-server

[sle-container-updates at lists.suse.com]

SUSE Container Update Advisory: suse/rmt-server
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:2580-1
Container Tags        : suse/rmt-server:2 , suse/rmt-server:2.21 , suse/rmt-server:2.21-61.3 , suse/rmt-server:latest
Container Release     : 61.3
Severity              : important
Type                  : security
References            : 1185842 CVE-2020-36327 
-----------------------------------------------------------------

The container suse/rmt-server was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:1294-1
Released:    Wed Apr 16 09:52:35 2025
Summary:     Security update for rubygem-bundler
Type:        security
Severity:    important
References:  1185842,CVE-2020-36327
This update for rubygem-bundler fixes the following issues:

- CVE-2020-36327: Fixed bundler choosing a dependency source based
  on the highest gem version number, which means that a rogue gem
  found at a public source may be chosen (bsc#1185842)

Other fixes:    
- Updated to version 2.2.34


The following package changes have been done:

- ruby2.5-rubygem-bundler-2.2.34-150000.3.11.1 updated