Package "ruby2.5"
Name: |
ruby2.5
|
Description: |
Interpreter of object-oriented scripting language Ruby
|
Latest version: |
2.5.8-1bbox1~xenial1 |
Release: |
xenial (16.04) |
Level: |
base |
Repository: |
main |
Links
Download "ruby2.5"
Other versions of "ruby2.5" in Xenial
No other version of this package is available
in the Xenial release.
Packages in group
Deleted packages are displayed in grey.
Changelog
ruby2.5 (2.5.8-1bbox1~xenial1) xenial; urgency=medium
.
* New upstream release 2.5.8
* Fixes CVE-2020-10663 and CVE-2020-10933
|
Source diff to previous version |
CVE-2020-10663 |
The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulne |
CVE-2020-10933 |
An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim calls BasicSocket#read_nonblock(requested_size, buff |
|
ruby2.5 (2.5.7-1bbox3~xenial1) xenial; urgency=medium
.
* New upstream release 2.5.7
* Exclude client_cert_auth test that fails under openssl 1.1.1
* Fixes CVE-2019-16255, CVE-2019-16254, CVE-2019-15845, CVE-2019-16201,
CVE-2012-6708, CVE-2015-9251
|
Source diff to previous version |
CVE-2019-16255 |
RESERVED |
CVE-2019-16254 |
RESERVED |
CVE-2019-15845 |
RESERVED |
CVE-2019-16201 |
RESERVED |
CVE-2012-6708 |
jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in |
CVE-2015-9251 |
jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, ca |
|
ruby2.5 (2.5.7-1bbox2~xenial1) xenial; urgency=medium
.
* New upstream release 2.5.7
* Fixes CVE-2019-16255, CVE-2019-16254, CVE-2019-15845, CVE-2019-16201,
CVE-2012-6708, CVE-2015-9251
|
Source diff to previous version |
CVE-2019-16255 |
RESERVED |
CVE-2019-16254 |
RESERVED |
CVE-2019-15845 |
RESERVED |
CVE-2019-16201 |
RESERVED |
CVE-2012-6708 |
jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in |
CVE-2015-9251 |
jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, ca |
|
ruby2.5 (2.5.7-1bbox1~xenial1) xenial; urgency=medium
.
* New upstream release 2.5.7
* Fixes CVE-2019-16255, CVE-2019-16254, CVE-2019-15845, CVE-2019-16201,
CVE-2012-6708, CVE-2015-9251
|
Source diff to previous version |
CVE-2019-16255 |
RESERVED |
CVE-2019-16254 |
RESERVED |
CVE-2019-15845 |
RESERVED |
CVE-2019-16201 |
RESERVED |
CVE-2012-6708 |
jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in |
CVE-2015-9251 |
jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, ca |
|
ruby2.5 (2.5.5-1bbox1~xenial1) xenial; urgency=medium
.
* New upstream release 2.5.5
* Fixes CVE-2019-8320 through 8325 with Rubygems update.
|
|
About
-
Send Feedback to @ubuntu_updates