Publishing details
Changelog
ruby3.0 (3.0.2-7ubuntu2) jammy; urgency=medium
* SECURITY UPDATE: Buffer overrun
- debian/patches/CVE-2021-41816.patch: fix integer overflow making
sure use of the check in rb_alloc_tmp_buffer2 in
ext/cgi/escape/escape.c.
- CVE-2021-41816
* SECURITY UPDATE: ReDoS vulnerability
- debian/patches/CVE-2021-41817-*.patch: add length limit option
for methods that parses date strings and mimic prev behaviour
in ext/date/date_core.c, test/date/test_date_parse.rb.
- CVE-2021-41817
* SECURITY UPDATE: Mishandles sec prefixes in cookie names
- debian/patches/CVE-2021-41819.patch: when parsing cookies, only
decode the values in lib/cgi/cookie.rb, test/cgi/test_cgi_cookie.rb.
- CVE-2021-41819
-- Leonidas Da Silva Barbosa <email address hidden> Thu, 17 Mar 2022 13:09:20 -0300
Builds
Built packages
-
libruby3.0
Libraries necessary to run Ruby 3.0
-
libruby3.0-dbgsym
debug symbols for libruby3.0
-
ruby3.0
Interpreter of object-oriented scripting language Ruby
-
ruby3.0-dbgsym
debug symbols for ruby3.0
-
ruby3.0-dev
Header files for compiling extension modules for the Ruby 3.0
-
ruby3.0-doc
Documentation for Ruby 3.0
Package files