UbuntuUpdates.org

Package "yard-doc"

Name: yard-doc

Description:

Ruby documentation tool - documentation

Latest version: 0.9.26-1ubuntu0.1
Release: jammy (22.04)
Level: security
Repository: universe
Head package: yard
Homepage: https://yardoc.org

Links


Download "yard-doc"


Other versions of "yard-doc" in Jammy

Repository Area Version
base universe 0.9.26-1
updates universe 0.9.26-1ubuntu0.1

Changelog

Version: 0.9.26-1ubuntu0.1 2024-04-15 09:06:56 UTC

  yard (0.9.26-1ubuntu0.1) jammy-security; urgency=medium

  * SECURITY UPDATE: Cross-Site Scripting
    - d/p/0010-Disable-failing-test-searching-for-.gem-files.patch:
      Disable failing test searching for .gem files
    - debian/patches/CVE-2024-27285-1.patch: Update frames.erb
    - debian/patches/CVE-2024-27285-2.patch: Update frames.erb
    - debian/patches/CVE-2024-27285-3.patch: assign url_for_main to a
      variable
    - debian/patches/CVE-2024-27285-4.patch: Fix semicolon
    - CVE-2024-27285

 -- Giampaolo Fresi Roglia <email address hidden> Sun, 14 Apr 2024 20:31:12 +0200

CVE-2024-27285 YARD is a Ruby Documentation tool. The "frames.html" file within the Yard Doc's generated documentation is vulnerable to Cross-Site Scripting (XSS) a



About   -   Send Feedback to @ubuntu_updates