[ubuntu/bionic-security] ruby2.5 2.5.1-1ubuntu1.13 (Accepted)

Leonidas S. Barbosa leo.barbosa at canonical.com
Mon Jan 23 15:17:59 UTC 2023


ruby2.5 (2.5.1-1ubuntu1.13) bionic-security; urgency=medium

  * SECURITY UPDATE: HTTP response splitting
    - debian/patches/CVE-2021-33621*.patch: adds regex to lib/cgi/core.rb and
      lib/cgi/cookie.rb along with tests to check http response headers and
      cookie fields for invalid characters.
    - debian/patches/fix_tzdata-2022.patch: fix for tzdata-2022g tests
      in test/ruby/test_time_tz.rb.
    - CVE-2021-33621

Date: 2023-01-18 14:27:09.308533+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
https://launchpad.net/ubuntu/+source/ruby2.5/2.5.1-1ubuntu1.13
-------------- next part --------------
Sorry, changesfile not available.


More information about the Bionic-changes mailing list