Package "ruby2.6"
Name: |
ruby2.6
|
Description: |
Interpreter of object-oriented scripting language Ruby
|
Latest version: |
2.6.10-1bbox1~bionic1 |
Release: |
bionic (18.04) |
Level: |
base |
Repository: |
main |
Links
Download "ruby2.6"
Other versions of "ruby2.6" in Bionic
No other version of this package is available
in the Bionic release.
Packages in group
Deleted packages are displayed in grey.
Changelog
ruby2.6 (2.6.10-1bbox1~bionic1) bionic; urgency=medium
.
* New upstream release 2.6.10
* Fixes CVE-2020-25613, CVE-2021-28965, CVE-2021-31810, CVE-2021-32066,
CVE-2021-31799, CVE-2021-41817, CVE-2021-41819, CVE-2022-28739
|
Source diff to previous version |
CVE-2020-25613 |
An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, had not |
CVE-2021-28965 |
The REXML gem before 3.2.5 in Ruby before 2.6.7, 2.7.x before 2.7.3, and 3.x before 3.0.1 does not properly address XML round-trip issues. An incorre |
CVE-2021-31810 |
An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. A malicious FTP server can use the PASV response to trick |
CVE-2021-32066 |
A StartTLS stripping vulnerability in Net::IMAP |
CVE-2021-31799 |
A command injection vulnerability in RDoc |
CVE-2021-41817 |
RESERVED |
CVE-2021-41819 |
RESERVED |
CVE-2022-28739 |
RESERVED |
|
ruby2.6 (2.6.6-1bbox1~bionic1) bionic; urgency=medium
.
* New upstream release 2.6.6
* Fixes CVE-2020-10663, CVE-2020-10933
|
Source diff to previous version |
CVE-2020-10663 |
The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulne |
CVE-2020-10933 |
An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim calls BasicSocket#read_nonblock(requested_size, buff |
|
ruby2.6 (2.6.5-1bbox1~bionic1) bionic; urgency=medium
.
* New upstream release 2.6.5
* Fixes CVE-2019-16255, CVE-2019-16254, CVE-2019-15845, CVE-2019-16201,
CVE-2012-6708, CVE-2015-9251
|
Source diff to previous version |
CVE-2019-16255 |
RESERVED |
CVE-2019-16254 |
RESERVED |
CVE-2019-15845 |
RESERVED |
CVE-2019-16201 |
RESERVED |
CVE-2012-6708 |
jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in |
CVE-2015-9251 |
jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, ca |
|
ruby2.6 (2.6.2-1bbox1~bionic1) bionic; urgency=medium
.
* New upstream release 2.6.2
* Fixes CVE-2019-8320 through 8325 with Rubygems update.
|
Source diff to previous version |
|
ruby2.6 (2.6.1-1bbox11~bionic1) bionic; urgency=medium
.
* New upstream release, 2.6.1
|
About
-
Send Feedback to @ubuntu_updates