[ubuntu/plucky-proposed] ruby3.3 3.3.4-2ubuntu6 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Tue Nov 5 12:14:58 UTC 2024
ruby3.3 (3.3.4-2ubuntu6) plucky; urgency=medium
* SECURITY UPDATE: denial of service in REXML
- debian/patches/CVE-2024-41946.patch: Add support for XML entity
expansion limitation in SAX and pull parsers
- debian/patches/CVE-2024-49761.patch: fix a bug that �x...; is
accepted as a character reference
- CVE-2024-41946
- CVE-2024-49761
Date: 2024-10-31 09:03:10.072512+00:00
Changed-By: Nishit Majithia <nishit.majithia at canonical.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/ruby3.3/3.3.4-2ubuntu6
-------------- next part --------------
Sorry, changesfile not available.
More information about the plucky-changes
mailing list