Ubuntu
ruby2.5 package

ruby2.5 2.5.5-1ubuntu1.1 source package in Ubuntu

Changelog

ruby2.5 (2.5.5-1ubuntu1.1) disco-security; urgency=medium

  * SECURITY UPDATE: NULL injection vulnerability
    - debian/patches/CVE-2019-15845.patch: ensure that
      pattern does not contain a NULL character in dir.c,
      test/ruby/test_fnmatch.rb.
    - CVE-2019-15845
  * SECURITY UPDATE: Denial of service vulnerability
    - debian/patches/CVE-2019-16201.patch: fix in
      lib/webrick/httpauth/digestauth.rb,
      test/webrick/test_httpauth.rb.
    - CVE-2019-16201.patch
  * SECURITY UPDATE: HTTP response splitting in WEBrick
    - debian/patches/CVE-2019-16254.patch: prevent response
      splitting and header injection in lib/webrick/httpresponse.rb,
      test/webrick/test_httpresponse.rb.
    - CVE-2019-16254
  * SECURITY UPDATE: Code injection
    - debian/patches/CVE-2019-16255.patch: prevent unknown command
      in lib/shell/command-processor.rb, test/shell/test_command_processor.rb.
    - CVE-2019-16255

 -- <email address hidden> (Leonidas S. Barbosa)  Mon, 25 Nov 2019 15:19:36 -0300

Upload details

Uploaded by:
Leonidas S. Barbosa
Uploaded to:
Disco
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
ruby
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
ruby2.5_2.5.5.orig.tar.xz 9.7 MiB a49a222bbeeeb0191ae043a509cd05137869f971a33fef74d3c0aaae95170877
ruby2.5_2.5.5-1ubuntu1.1.debian.tar.xz 118.7 KiB 11fb6582836b985afec1d4d27a8df53c287c70e54667297c0347c558ecc17ac9
ruby2.5_2.5.5-1ubuntu1.1.dsc 2.5 KiB 03997bcbd6f3c2c1af30d3ca32a27225185e61a66447dc66c06ba3ced179432f

View changes file

Binary packages built by this source

libruby2.5: No summary available for libruby2.5 in ubuntu disco.

No description available for libruby2.5 in ubuntu disco.

libruby2.5-dbgsym: No summary available for libruby2.5-dbgsym in ubuntu disco.

No description available for libruby2.5-dbgsym in ubuntu disco.

ruby2.5: No summary available for ruby2.5 in ubuntu disco.

No description available for ruby2.5 in ubuntu disco.

ruby2.5-dbgsym: No summary available for ruby2.5-dbgsym in ubuntu disco.

No description available for ruby2.5-dbgsym in ubuntu disco.

ruby2.5-dev: No summary available for ruby2.5-dev in ubuntu disco.

No description available for ruby2.5-dev in ubuntu disco.

ruby2.5-doc: No summary available for ruby2.5-doc in ubuntu disco.

No description available for ruby2.5-doc in ubuntu disco.