[ubuntu/kinetic-security] ruby3.0 3.0.4-7ubuntu0.1 (Accepted)
Leonidas S. Barbosa
leo.barbosa at canonical.com
Mon Jan 23 15:18:04 UTC 2023
ruby3.0 (3.0.4-7ubuntu0.1) kinetic-security; urgency=medium
* SECURITY UPDATE: HTTP response splitting
- debian/patches/CVE-2021-33621*.patch: adds regex to lib/cgi/core.rb and
lib/cgi/cookie.rb along with tests to check http response headers and
cookie fields for invalid characters.
- debian/patches/fix_tzdata-2022.patch: fix for tzdata-2022g tests
in test/ruby/test_time_tz.rb.
- CVE-2021-33621
Date: 2023-01-20 11:14:09.738805+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
https://launchpad.net/ubuntu/+source/ruby3.0/3.0.4-7ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the kinetic-changes
mailing list