39292 2020-11-16 04:53:37 +0300 Обновить 2020-11-25 17:31:06 +0300 1 1 3 Distributions Branch p9 ruby не указана all Linux CLOSED FIXED P5 major --- 1 aen majioa majioa qa-p9 oldest_to_newest 194223 0 aen 2020-11-16 04:53:37 +0300 У версии 5.5 https://nvd.nist.gov/vuln/detail/CVE-2019-16255 Надо обновить на полностью совместимую, возможно, пока 5.8 194468 1 repository-robot 2020-11-25 17:31:06 +0300 ruby-2.5.9-alt1 -> p9: Mon Nov 16 2020 Pavel Skrylev <majioa@altlinux> 2.5.9-alt1 - ^ 2.5.5 -> 2.5.9 - Fixes: + CVE-2019-16255: A code injection vulnerability of Shell#[] and Shell#test (closes #39292) + CVE-2019-16254: HTTP response splitting in WEBrick (Additional fix) + CVE-2019-15845: A NUL injection vulnerability of File.fnmatch and File.fnmatch? + CVE-2019-16201: Regular Expression Denial of Service vulnerability of WEBrick's Digest access authentication