UbuntuUpdates.org

Bugs fixes in "ruby2.5"

Origin Bug number Title Date fixed
Launchpad 2018547 puppet can no longer find puppet:// resources after ruby2.7 CVE Update 2023-05-05
Launchpad 2018547 puppet can no longer find puppet:// resources after ruby2.7 CVE Update 2023-05-05
CVE CVE-2023-28756 A ReDoS issue was discovered in the Time component through 0.2.1 in Ruby through 3.2.1. The Time parser mishandles invalid URLs that have specific ch 2023-05-04
CVE CVE-2023-28755 A ReDoS issue was discovered in the URI component through 0.12.0 in Ruby through 3.2.1. The URI parser mishandles invalid URLs that have specific cha 2023-05-04
CVE CVE-2023-28756 A ReDoS issue was discovered in the Time component through 0.2.1 in Ruby through 3.2.1. The Time parser mishandles invalid URLs that have specific ch 2023-05-04
CVE CVE-2023-28755 A ReDoS issue was discovered in the URI component through 0.12.0 in Ruby through 3.2.1. The URI parser mishandles invalid URLs that have specific cha 2023-05-04
CVE CVE-2021-33621 The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 for Ruby allows HTTP response splitting. This is relevant to applications that 2023-01-23
CVE CVE-2021-33621 The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 for Ruby allows HTTP response splitting. This is relevant to applications that 2023-01-23
CVE CVE-2022-28739 RESERVED 2022-06-06
CVE CVE-2022-28739 RESERVED 2022-06-06
CVE CVE-2021-41819 RESERVED 2022-01-18
CVE CVE-2021-41817 RESERVED 2022-01-18
CVE CVE-2021-41819 RESERVED 2022-01-18
CVE CVE-2021-41817 RESERVED 2022-01-18
CVE CVE-2021-32066 A StartTLS stripping vulnerability in Net::IMAP 2021-07-21
CVE CVE-2021-31810 An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. A malicious FTP server can use the PASV response to trick 2021-07-21
CVE CVE-2021-31799 A command injection vulnerability in RDoc 2021-07-21
CVE CVE-2021-32066 A StartTLS stripping vulnerability in Net::IMAP 2021-07-21
CVE CVE-2021-31810 An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. A malicious FTP server can use the PASV response to trick 2021-07-21
CVE CVE-2021-31799 A command injection vulnerability in RDoc 2021-07-21



About   -   Send Feedback to @ubuntu_updates