Opened 3 years ago

Closed 3 years ago

#10597 closed enhancement (fixed)

ruby-2.5.1

Reported by: Bruce Dubbs Owned by: Bruce Dubbs
Priority: normal Milestone: 8.3
Component: BOOK Version: SVN
Severity: normal Keywords:
Cc:

Description

New point version.

Change History (3)

comment:1 by Bruce Dubbs, 3 years ago

Owner: changed from blfs-book to Bruce Dubbs
Status: newassigned

comment:2 by Bruce Dubbs, 3 years ago

Ruby 2.5.1 has been released.

This release includes some bug fixes and some security fixes.

  • CVE-2017-17742: HTTP response splitting in WEBrick
  • CVE-2018-6914: Unintentional file and directory creation with directory traversal in tempfile and tmpdir
  • CVE-2018-8777: DoS by large request in WEBrick
  • CVE-2018-8778: Buffer under-read in String#unpack
  • CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in UNIXServer and UNIXSocket
  • CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir
  • Multiple vulnerabilities in RubyGems

comment:3 by Bruce Dubbs, 3 years ago

Resolution: fixed
Status: assignedclosed

Fixed at revision 20026.

Note: See TracTickets for help on using tickets.