[ubuntu/jammy-security] rubygems 3.3.5-2ubuntu1.1 (Accepted)
Nishit Majithia
nishit.majithia at canonical.com
Thu Sep 4 03:45:50 UTC 2025
rubygems (3.3.5-2ubuntu1.1) jammy-security; urgency=medium
* SECURITY UPDATE: ReDoS
- debian/patches/CVE-2023-28755.patch: URI.parse should set empty
string in host instead of nil in lib/uri/rfc3986_parser.rb, raise
ArgumentError with empty host url again in
lib/net/http/generic_request.rb.
- CVE-2023-28755
Date: 2025-09-02 12:40:13.384541+00:00
Changed-By: Nishit Majithia <nishit.majithia at canonical.com>
https://launchpad.net/ubuntu/+source/rubygems/3.3.5-2ubuntu1.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the jammy-changes
mailing list