ruby2.7 2.7.2-4ubuntu1.3 source package in Ubuntu
Changelog
ruby2.7 (2.7.2-4ubuntu1.3) hirsute-security; urgency=medium * SECURITY UPDATE: Buffer overrun - debian/patches/CVE-2021-41816.patch: fix integer overflow making sure use of the check in rb_alloc_tmp_buffer2 in ext/cgi/escape/escape.c. - CVE-2021-41816 * SECURITY UPDATE: ReDoS vulnerability - debian/patches/CVE-2021-41817-*.patch: add length limit option for methods that parses date strings and mimic prev behaviour in ext/date/date_core.c, test/date/test_date_parse.rb. - CVE-2021-41817 * SECURITY UPDATE: Mishandles sec prefixes in cookie names - debian/patches/CVE-2021-41819.patch: when parsing cookies, only decode the values in lib/cgi/cookie.rb, test/cgi/test_cgi_cookie.rb. - CVE-2021-41819 -- Leonidas Da Silva Barbosa <email address hidden> Thu, 06 Jan 2022 10:33:35 -0300
Upload details
- Uploaded by:
- Leonidas S. Barbosa
- Uploaded to:
- Hirsute
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- ruby
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
ruby2.7_2.7.2.orig.tar.xz | 10.3 MiB | 917d6fd1780ab426f029ed9b128430ad36210a1e3edf65c3d4858a7520bfe452 |
ruby2.7_2.7.2-4ubuntu1.3.debian.tar.xz | 125.6 KiB | 20ca6af334f1727decca80809b0d237a229ffca2eb8927093dbe880b3aabd1e2 |
ruby2.7_2.7.2-4ubuntu1.3.dsc | 2.6 KiB | 61dc53380fc5c4e3908170d6eb0f2f21ead7cb164b0b080c7b239d878606b2fd |
Available diffs
Binary packages built by this source
- libruby2.7: No summary available for libruby2.7 in ubuntu hirsute.
No description available for libruby2.7 in ubuntu hirsute.
- libruby2.7-dbgsym: No summary available for libruby2.7-dbgsym in ubuntu hirsute.
No description available for libruby2.7-dbgsym in ubuntu hirsute.
- ruby2.7: No summary available for ruby2.7 in ubuntu hirsute.
No description available for ruby2.7 in ubuntu hirsute.
- ruby2.7-dbgsym: No summary available for ruby2.7-dbgsym in ubuntu hirsute.
No description available for ruby2.7-dbgsym in ubuntu hirsute.
- ruby2.7-dev: No summary available for ruby2.7-dev in ubuntu hirsute.
No description available for ruby2.7-dev in ubuntu hirsute.
- ruby2.7-doc: No summary available for ruby2.7-doc in ubuntu hirsute.
No description available for ruby2.7-doc in ubuntu hirsute.