ruby:2.5 security update - API Security Blog

Main / ruby:2.5 security update

ruby:2.5 security update

Discription

ruby
[2.5.9-109.0.1]
– Rebuild with a dependency containing fix for Orabug: 33921593
[2.5.9-109]
– Properly fix command injection vulnerability in Rdoc.
Related: CVE-2021-31799
[2.5.9-108]
– Fix command injection vulnerability in RDoc.
Resolves: CVE-2021-31799
– Fix StartTLS stripping vulnerability in Net::IMAP
Resolves: CVE-2021-32066
– Fix FTP PASV command response can cause Net::FTP to connect to arbitrary host.
Resolves: CVE-2021-31810Read More

References

Back to Main

Subscribe for the latest news: