Publishing details

• Removed from disk on 2022-06-08.
• Removal requested on 2022-06-07.
• Superseded on 2022-06-06 by ruby2.7 - 2.7.0-5ubuntu1.7
• Published on 2022-01-18
• Copied from ubuntu focal in PPA for Ubuntu Security Proposed by Leonidas S. Barbosa

Changelog

ruby2.7 (2.7.0-5ubuntu1.6) focal-security; urgency=medium

  * SECURITY UPDATE: Buffer overrun
    - debian/patches/CVE-2021-41816.patch: fix integer overflow making
      sure use of the check in rb_alloc_tmp_buffer2 in
      ext/cgi/escape/escape.c.
    - CVE-2021-41816
  * SECURITY UPDATE: ReDoS vulnerability
    - debian/patches/CVE-2021-41817-*.patch: add length limit option
      for methods that parses date strings and mimic prev behaviour
      in  ext/date/date_core.c, test/date/test_date_parse.rb.
    - CVE-2021-41817
  * SECURITY UPDATE: Mishandles sec prefixes in cookie names
    - debian/patches/CVE-2021-41819.patch: when parsing cookies, only
      decode the values in lib/cgi/cookie.rb, test/cgi/test_cgi_cookie.rb.
    - CVE-2021-41819

 -- Leonidas Da Silva Barbosa <email address hidden>  Thu, 06 Jan 2022 09:34:12 -0300

Builds

• amd64
• arm64
• armhf
• i386
• ppc64el
• riscv64
• s390x

Package files

• libruby2.7-dbgsym_2.7.0-5ubuntu1.6_amd64.ddeb (6.3 MiB)
• libruby2.7-dbgsym_2.7.0-5ubuntu1.6_arm64.ddeb (6.1 MiB)
• libruby2.7-dbgsym_2.7.0-5ubuntu1.6_armhf.ddeb (5.9 MiB)
• libruby2.7-dbgsym_2.7.0-5ubuntu1.6_i386.ddeb (5.6 MiB)
• libruby2.7-dbgsym_2.7.0-5ubuntu1.6_ppc64el.ddeb (7.5 MiB)
• libruby2.7-dbgsym_2.7.0-5ubuntu1.6_riscv64.ddeb (5.8 MiB)
• libruby2.7-dbgsym_2.7.0-5ubuntu1.6_s390x.ddeb (6.4 MiB)
• libruby2.7_2.7.0-5ubuntu1.6_amd64.deb (3.4 MiB)
• libruby2.7_2.7.0-5ubuntu1.6_arm64.deb (3.2 MiB)
• libruby2.7_2.7.0-5ubuntu1.6_armhf.deb (3.1 MiB)
• libruby2.7_2.7.0-5ubuntu1.6_i386.deb (3.5 MiB)
• libruby2.7_2.7.0-5ubuntu1.6_ppc64el.deb (3.6 MiB)
• libruby2.7_2.7.0-5ubuntu1.6_riscv64.deb (3.2 MiB)
• libruby2.7_2.7.0-5ubuntu1.6_s390x.deb (3.2 MiB)
• ruby2.7-dbgsym_2.7.0-5ubuntu1.6_amd64.ddeb (5.2 KiB)
• ruby2.7-dbgsym_2.7.0-5ubuntu1.6_arm64.ddeb (5.3 KiB)
• ruby2.7-dbgsym_2.7.0-5ubuntu1.6_armhf.ddeb (5.4 KiB)
• ruby2.7-dbgsym_2.7.0-5ubuntu1.6_i386.ddeb (5.2 KiB)
• ruby2.7-dbgsym_2.7.0-5ubuntu1.6_ppc64el.ddeb (5.2 KiB)
• ruby2.7-dbgsym_2.7.0-5ubuntu1.6_riscv64.ddeb (5.3 KiB)
• ruby2.7-dbgsym_2.7.0-5ubuntu1.6_s390x.ddeb (5.1 KiB)
• ruby2.7-dev_2.7.0-5ubuntu1.6_amd64.deb (177.8 KiB)
• ruby2.7-dev_2.7.0-5ubuntu1.6_arm64.deb (180.9 KiB)
• ruby2.7-dev_2.7.0-5ubuntu1.6_armhf.deb (178.1 KiB)
• ruby2.7-dev_2.7.0-5ubuntu1.6_i386.deb (177.9 KiB)
• ruby2.7-dev_2.7.0-5ubuntu1.6_ppc64el.deb (180.0 KiB)
• ruby2.7-dev_2.7.0-5ubuntu1.6_riscv64.deb (177.7 KiB)
• ruby2.7-dev_2.7.0-5ubuntu1.6_s390x.deb (179.3 KiB)
• ruby2.7-doc_2.7.0-5ubuntu1.6_all.deb (2.1 MiB)
• ruby2.7_2.7.0-5ubuntu1.6.debian.tar.xz (124.6 KiB)
• ruby2.7_2.7.0-5ubuntu1.6.dsc (2.5 KiB)
• ruby2.7_2.7.0-5ubuntu1.6_amd64.deb (93.4 KiB)
• ruby2.7_2.7.0-5ubuntu1.6_arm64.deb (93.4 KiB)
• ruby2.7_2.7.0-5ubuntu1.6_armhf.deb (93.2 KiB)
• ruby2.7_2.7.0-5ubuntu1.6_i386.deb (93.5 KiB)
• ruby2.7_2.7.0-5ubuntu1.6_ppc64el.deb (93.5 KiB)
• ruby2.7_2.7.0-5ubuntu1.6_riscv64.deb (93.1 KiB)
• ruby2.7_2.7.0-5ubuntu1.6_s390x.deb (93.2 KiB)
• ruby2.7_2.7.0.orig.tar.xz (10.2 MiB)