UbuntuUpdates.org

Package "rake"

Name: rake

Description:

ruby make-like utility

Latest version: 10.5.0-2ubuntu0.1
Release: xenial (16.04)
Level: security
Repository: main
Homepage: https://github.com/jimweirich/rake

Links


Download "rake"


Other versions of "rake" in Xenial

Repository Area Version
base main 10.5.0-2
updates main 10.5.0-2ubuntu0.1

Changelog

Version: 10.5.0-2ubuntu0.1 2020-03-03 18:07:16 UTC

  rake (10.5.0-2ubuntu0.1) xenial-security; urgency=medium

  * SECURITY UPDATE: OS command injection
    - debian/patches/CVE-2020-8130.patch: use File.open explicitly
      lib/rake/file_list.rb.
    - CVE-2020-8130

 -- <email address hidden> (Leonidas S. Barbosa) Tue, 03 Mar 2020 10:44:59 -0300

CVE-2020-8130 There is an OS command injection vulnerability in Ruby Rake < 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe character



About   -   Send Feedback to @ubuntu_updates