Summary: | Обновить | ||
---|---|---|---|
Product: | Branch p9 | Reporter: | AEN <aen> |
Component: | ruby | Assignee: | majioa <majioa> |
Status: | CLOSED FIXED | QA Contact: | qa-p9 <qa-p9> |
Severity: | major | ||
Priority: | P5 | CC: | majioa |
Version: | не указана | ||
Hardware: | all | ||
OS: | Linux |
Description
AEN
2020-11-16 04:53:37 MSK
ruby-2.5.9-alt1 -> p9: Mon Nov 16 2020 Pavel Skrylev <majioa@altlinux> 2.5.9-alt1 - ^ 2.5.5 -> 2.5.9 - Fixes: + CVE-2019-16255: A code injection vulnerability of Shell#[] and Shell#test (closes #39292) + CVE-2019-16254: HTTP response splitting in WEBrick (Additional fix) + CVE-2019-15845: A NUL injection vulnerability of File.fnmatch and File.fnmatch? + CVE-2019-16201: Regular Expression Denial of Service vulnerability of WEBrick's Digest access authentication |