#12597 closed enhancement (fixed)

ruby-2.6.5

Reported by: Douglas R. Reno Owned by: Bruce Dubbs
Priority: high Milestone: 9.1
Component: BOOK Version: SVN
Severity: normal Keywords:
Cc:

Description

New point version

Change History (3)

comment:1 by Bruce Dubbs, 22 months ago

Owner: changed from blfs-book to Bruce Dubbs
Status: newassigned

comment:2 by Bruce Dubbs, 22 months ago

Priority: normalhigh

Ruby 2.6.5 has been released.

This release includes security fixes.

  • CVE-2019-16255: A code injection vulnerability of Shell#[] and Shell#test
  • CVE-2019-16254: HTTP response splitting in WEBrick (Additional fix)
  • CVE-2019-15845: A NUL injection vulnerability of File.fnmatch and File.fnmatch?
  • CVE-2019-16201: Regular Expression Denial of Service vulnerability of WEBrick’s Digest access authentication

comment:3 by Bruce Dubbs, 22 months ago

Resolution: fixed
Status: assignedclosed

Fixed at revision 22221.

Note: See TracTickets for help on using tickets.