Ubuntu
ruby2.3 package

ruby2.3 2.3.3-1ubuntu1.3 source package in Ubuntu

Changelog

ruby2.3 (2.3.3-1ubuntu1.3) artful-security; urgency=medium

  * SECURITY UPDATE: fails to validade specification names
    - debian/patches/CVE-2017-0901-0902.patch:  fix this.
    - CVE-2017-0901
  * SECURITY UPDATE: vulnerable to a DNS hijacking
    - debian/patches/CVE-2017-0901-0902.patch fix this.
    - CVE-2017-0902
  * SECURITY UPDATE: possible remote code execution
    - debian/patches/CVE-2017-0903.patch: whitelist classes
      and symbols that are in Gem spec YAML in lib/rubygems.rb,
      lib/rubygens/config_file.rb, lib/rubygems/package.rb,
      lib/rubygems/package/old.rb, lib/rubygems/safe_yaml.rb,
      lib/rubygems/specification.rb.
    - CVE-2017-0903

 -- <email address hidden> (Leonidas S. Barbosa)  Tue, 30 Jan 2018 15:00:37 -0300

Upload details

Uploaded by:
Leonidas S. Barbosa
Uploaded to:
Artful
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
ruby
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
ruby2.3_2.3.3.orig.tar.xz 8.0 MiB 799796bb740832c7257f45089fdbd9cd57686cac033f88d0b078063b6d3d77ad
ruby2.3_2.3.3-1ubuntu1.3.debian.tar.xz 103.7 KiB 42686fb545fb6193a5da18b413bffd0bacecbfc73fb7ce2e88b9e08423781a31
ruby2.3_2.3.3-1ubuntu1.3.dsc 2.5 KiB ee8c26cdb61fc851286ba3464bfb017b610769f95459fb0d91182dd356b2810b

View changes file

Binary packages built by this source

libruby2.3: No summary available for libruby2.3 in ubuntu artful.

No description available for libruby2.3 in ubuntu artful.

libruby2.3-dbgsym: No summary available for libruby2.3-dbgsym in ubuntu artful.

No description available for libruby2.3-dbgsym in ubuntu artful.

ruby2.3: No summary available for ruby2.3 in ubuntu artful.

No description available for ruby2.3 in ubuntu artful.

ruby2.3-dbgsym: No summary available for ruby2.3-dbgsym in ubuntu artful.

No description available for ruby2.3-dbgsym in ubuntu artful.

ruby2.3-dev: No summary available for ruby2.3-dev in ubuntu artful.

No description available for ruby2.3-dev in ubuntu artful.

ruby2.3-doc: No summary available for ruby2.3-doc in ubuntu artful.

No description available for ruby2.3-doc in ubuntu artful.

ruby2.3-tcltk: No summary available for ruby2.3-tcltk in ubuntu artful.

No description available for ruby2.3-tcltk in ubuntu artful.

ruby2.3-tcltk-dbgsym: No summary available for ruby2.3-tcltk-dbgsym in ubuntu artful.

No description available for ruby2.3-tcltk-dbgsym in ubuntu artful.