[ubuntu/bionic-security] ruby2.5 2.5.1-1ubuntu1.16 (Accepted)
Leonidas S. Barbosa
leo.barbosa at canonical.com
Thu May 18 09:51:31 UTC 2023
ruby2.5 (2.5.1-1ubuntu1.16) bionic-security; urgency=medium
* SECURITY UPDATE: ReDoS
- debian/patches/CVE-2023-28755.patch: adds '+' once or more in specific
places of the RFC3986 regex in order to avoid the increase in execution
time for parsing strings to URI objects in lib/uri/rfc3986_parser.rb.
- CVE-2023-28755
Date: 2023-05-15 14:06:09.396211+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
https://launchpad.net/ubuntu/+source/ruby2.5/2.5.1-1ubuntu1.16
-------------- next part --------------
Sorry, changesfile not available.
More information about the Bionic-changes
mailing list