Ubuntu
ruby2.5 package

ruby2.5 2.5.5-4ubuntu2.1 source package in Ubuntu

Changelog

ruby2.5 (2.5.5-4ubuntu2.1) eoan-security; urgency=medium

  * SECURITY UPDATE: NULL injection vulnerability
    - debian/patches/CVE-2019-15845.patch: ensure that
      pattern does not contain a NULL character in dir.c,
      test/ruby/test_fnmatch.rb.
    - CVE-2019-15845
  * SECURITY UPDATE: Denial of service vulnerability
    - debian/patches/CVE-2019-16201.patch: fix in
      lib/webrick/httpauth/digestauth.rb,
      test/webrick/test_httpauth.rb.
    - CVE-2019-16201.patch
  * SECURITY UPDATE: HTTP response splitting in WEBrick
    - debian/patches/CVE-2019-16254.patch: prevent response
      splitting and header injection in lib/webrick/httpresponse.rb,
      test/webrick/test_httpresponse.rb.
    - CVE-2019-16254
  * SECURITY UPDATE: Code injection
    - debian/patches/CVE-2019-16255.patch: prevent unknown command
      in lib/shell/command-processor.rb, test/shell/test_command_processor.rb.
    - CVE-2019-16255

 -- <email address hidden> (Leonidas S. Barbosa)  Mon, 25 Nov 2019 15:00:47 -0300

Upload details

Uploaded by:
Leonidas S. Barbosa
Uploaded to:
Eoan
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
ruby
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
ruby2.5_2.5.5.orig.tar.xz 9.7 MiB a49a222bbeeeb0191ae043a509cd05137869f971a33fef74d3c0aaae95170877
ruby2.5_2.5.5-4ubuntu2.1.debian.tar.xz 119.2 KiB 0c90cb88d492ca2cbbfddb6db3604709b3f33bc39235d99b281131fc290353db
ruby2.5_2.5.5-4ubuntu2.1.dsc 2.5 KiB 2f7640d0c76faa29635d4537e7b87983023b4e139180eb386b6a0405708af3e9

View changes file

Binary packages built by this source

libruby2.5: No summary available for libruby2.5 in ubuntu eoan.

No description available for libruby2.5 in ubuntu eoan.

libruby2.5-dbgsym: No summary available for libruby2.5-dbgsym in ubuntu eoan.

No description available for libruby2.5-dbgsym in ubuntu eoan.

ruby2.5: No summary available for ruby2.5 in ubuntu eoan.

No description available for ruby2.5 in ubuntu eoan.

ruby2.5-dbgsym: No summary available for ruby2.5-dbgsym in ubuntu eoan.

No description available for ruby2.5-dbgsym in ubuntu eoan.

ruby2.5-dev: No summary available for ruby2.5-dev in ubuntu eoan.

No description available for ruby2.5-dev in ubuntu eoan.

ruby2.5-doc: No summary available for ruby2.5-doc in ubuntu eoan.

No description available for ruby2.5-doc in ubuntu eoan.