Site icon API Security Blog

ruby:2.7 security update

ruby
[2.7.4-137]
– Upgrade to Ruby 2.7.4.
– Fix command injection vulnerability in RDoc.
Resolves: rhbz#1986768
– Fix FTP PASV command response can cause Net::FTP to connect to arbitrary host.
Resolves: rhbz#1986812
– Fix StartTLS stripping vulnerability in Net::IMAP.
Resolves: rhbz#1986813
– Upgrade to Bundler 2.2.24.
Resolves: CVE-2020-36327Read More

Exit mobile version