Bugs fixes in "ruby1.9.1"
Origin | Bug number | Title | Date fixed |
---|---|---|---|
CVE | CVE-2015-1855 | OpenSSL extension hostname matching implementation violates RFC 6125 | 2017-07-25 |
CVE | CVE-2009-5147 | DL::dlopen in Ruby 1.8, 1.9.0, 1.9.2, 1.9.3, 2.0.0 before patchlevel 648, and 2.1 before 2.1.8 opens libraries with tainted names. | 2017-07-25 |
CVE | CVE-2016-7798 | The openssl gem for Ruby uses the same initialization vector (IV) in GCM Mode (aes-*-gcm) when the IV is set before the key, which makes it easier fo | 2017-07-25 |
CVE | CVE-2016-2339 | An exploitable heap overflow vulnerability exists in the Fiddle::Function.new "initialize" function functionality of Ruby. In Fiddle::Function.new "i | 2017-07-25 |
CVE | CVE-2016-2337 | Type confusion exists in _cancel_eval Ruby's TclTkIp class method. Attacker passing different type of object than String as "retval" argument can cau | 2017-07-25 |
CVE | CVE-2015-9096 | Net::SMTP in Ruby before 2.4.0 is vulnerable to SMTP command injection via CRLF sequences in a RCPT TO or MAIL FROM command, as demonstrated by CRLF | 2017-07-25 |
CVE | CVE-2015-1855 | OpenSSL extension hostname matching implementation violates RFC 6125 | 2017-07-25 |
CVE | CVE-2009-5147 | DL::dlopen in Ruby 1.8, 1.9.0, 1.9.2, 1.9.3, 2.0.0 before patchlevel 648, and 2.1 before 2.1.8 opens libraries with tainted names. | 2017-07-25 |
CVE | CVE-2015-1855 | OpenSSL extension hostname matching implementation violates RFC 6125 | 2015-04-14 |
CVE | CVE-2015-1855 | OpenSSL extension hostname matching implementation violates RFC 6125 | 2015-04-14 |
CVE | CVE-2014-8090 | Incomplete fix for CVE-2014-8080 | 2014-11-20 |
CVE | CVE-2014-8090 | Incomplete fix for CVE-2014-8080 | 2014-11-20 |
CVE | CVE-2014-8090 | Incomplete fix for CVE-2014-8080 | 2014-11-20 |
CVE | CVE-2014-8090 | Incomplete fix for CVE-2014-8080 | 2014-11-20 |
CVE | CVE-2014-8090 | Incomplete fix for CVE-2014-8080 | 2014-11-20 |
CVE | CVE-2014-8090 | Incomplete fix for CVE-2014-8080 | 2014-11-20 |
CVE | CVE-2014-8090 | Incomplete fix for CVE-2014-8080 | 2014-11-20 |
CVE | CVE-2014-8090 | Incomplete fix for CVE-2014-8080 | 2014-11-20 |
CVE | CVE-2014-8080 | Denial Of Service XML Expansion | 2014-11-04 |
CVE | CVE-2014-4975 | ruby pack.c buffer overrun | 2014-11-04 |
About
-
Send Feedback to @ubuntu_updates