Opened 7 years ago

Closed 7 years ago

#9768 closed enhancement (fixed)

ruby-2.4.2

Reported by: bdubbs@… Owned by: bdubbs@…
Priority: normal Milestone: 8.2
Component: BOOK Version: SVN
Severity: normal Keywords:
Cc:

Description

New point version.

Change History (3)

comment:1 by bdubbs@…, 7 years ago

Owner: changed from blfs-book@… to bdubbs@…
Status: newassigned

comment:2 by bdubbs@…, 7 years ago

We are pleased to announce the release of Ruby 2.4.2. This release contains some security fixes.

  • CVE-2017-0898: Buffer underrun vulnerability in Kernel.sprintf
  • CVE-2017-10784: Escape sequence injection vulnerability in the Basic authentication of WEBrick
  • CVE-2017-14033: Buffer underrun vulnerability in OpenSSL ASN1 decode
  • CVE-2017-14064: Heap exposure in generating JSON
  • Multiple vulnerabilities in RubyGems
  • Update bundled libyaml to version 0.1.7.

comment:3 by bdubbs@…, 7 years ago

Resolution: fixed
Status: assignedclosed

Fixed at revision 19245.

Note: See TracTickets for help on using tickets.