[ubuntu/artful-updates] ruby2.3 2.3.3-1ubuntu1.4 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Thu Apr 5 15:58:19 UTC 2018
ruby2.3 (2.3.3-1ubuntu1.4) artful-security; urgency=medium
* SECURITY UPDATE: Directory traversal
- debian/patches/CVE-2018-1000073.patch: fix in
lib/rubygems/package.rb.
- CVE-2018-1000073
* SECURITY UPDATE: Deserialization untrusted data
- debian/patches/CVE-2018-1000074.patch fix in
lib/rubygems/commands/owner_command.rb,
test/rubygems/test_gem_commands_owner_command.rb.
- CVE-2018-1000074
* SECURITY UPDATE: Infinite loop
- debian/patches/CVE-2018-1000075.patch: fix in
lib/rubygems/package/tar_header.rb,
test/rubygems/test_gem_package_tar_header.rb.
- CVE-2018-1000075
* SECURITY UPDATE: Improper verification of crypto
signature
- debian/patches/CVE-2018-1000076.patch: fix in
lib/rubygems/package.rb, lib/rubygems/pacage/tar_writer.rb,
test/rubygems/test_gem_pacakge.rg
- CVE-2018-1000076
* SECURITY UPDATE: Validation vulnerability
- debian/patches/CVE-2018-1000077.patch: fix in
lib/rubygems/specification.rb,
test/rubygems/test_gem_specification.rb.
- CVE-2018-1000077
* SECURITY UPDATE: Cross site scripting
- debian/patches/CVE-2018-1000078.patch: fix in
lib/rubygems/server.rb.
- CVE-2018-1000078
* SECURITY UPDATE: Directory traversal
- debian/patches/CVE-2018-1000079.patch: fix in
lib/rubygems/package.rb.
- CVE-2018-1000079
Date: 2018-04-04 17:34:14.533730+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/ruby2.3/2.3.3-1ubuntu1.4
-------------- next part --------------
Sorry, changesfile not available.
More information about the Artful-changes
mailing list