UbuntuUpdates.org

Package "ruby-webrick"

Name: ruby-webrick

Description:

HTTP server toolkit in Ruby

Latest version: 1.8.1-1ubuntu0.1
Release: noble (24.04)
Level: updates
Repository: main
Homepage: https://github.com/ruby/webrick

Links


Download "ruby-webrick"


Other versions of "ruby-webrick" in Noble

Repository Area Version
base main 1.8.1-1
security main 1.8.1-1ubuntu0.1

Changelog

Version: 1.8.1-1ubuntu0.1 2024-10-07 15:06:57 UTC

  ruby-webrick (1.8.1-1ubuntu0.1) noble-security; urgency=medium

  * SECURITY UPDATE: HTTP request smuggling via both a Content-Length
    header and a Transfer-Encoding header
    - debian/patches/CVE-2024-47220.patch: check for both headers in
      lib/webrick/httprequest.rb, test/webrick/test_httprequest.rb.
    - CVE-2024-47220

 -- Marc Deslauriers <email address hidden> Fri, 04 Oct 2024 07:54:03 -0400

CVE-2024-47220 An issue was discovered in the WEBrick toolkit through 1.8.1 for Ruby. It allows HTTP request smuggling by providing both a Content-Length header and



About   -   Send Feedback to @ubuntu_updates