UbuntuUpdates.org

Bugs fixes in "ruby2.7"

Origin Bug number Title Date fixed
CVE CVE-2024-27280 A buffer-overread issue was discovered in StringIO 3.0.1, as distributed in Ruby 3.0.x through 3.0.6 and 3.1.x through 3.1.4. The ungetbyte and unget 2024-06-26
CVE CVE-2024-27280 A buffer-overread issue was discovered in StringIO 3.0.1, as distributed in Ruby 3.0.x through 3.0.6 and 3.1.x through 3.1.4. The ungetbyte and unget 2024-06-26
CVE CVE-2024-27282 An issue was discovered in Ruby 3.x through 3.3.0. If attacker-supplied data is provided to the Ruby regex compiler, it is possible to extract arbitr 2024-06-17
CVE CVE-2024-27281 An issue was discovered in RDoc 6.3.3 through 6.6.2, as distributed in Ruby 3.x through 3.3.0. When parsing .rdoc_options (used for configuration in 2024-06-17
CVE CVE-2024-27282 An issue was discovered in Ruby 3.x through 3.3.0. If attacker-supplied data is provided to the Ruby regex compiler, it is possible to extract arbitr 2024-06-17
CVE CVE-2024-27281 An issue was discovered in RDoc 6.3.3 through 6.6.2, as distributed in Ruby 3.x through 3.3.0. When parsing .rdoc_options (used for configuration in 2024-06-17
CVE CVE-2023-36617 A ReDoS issue was discovered in the URI component before 0.12.2 for Ruby. The URI parser mishandles invalid URLs that have specific characters. There 2023-07-12
CVE CVE-2023-36617 A ReDoS issue was discovered in the URI component before 0.12.2 for Ruby. The URI parser mishandles invalid URLs that have specific characters. There 2023-07-12
Launchpad 2018215 ruby2.7: backport upstream fix to \ 2023-05-25
Launchpad 2018215 ruby2.7: backport upstream fix to \ 2023-05-18
Launchpad 2018547 puppet can no longer find puppet:// resources after ruby2.7 CVE Update 2023-05-05
Launchpad 2018547 puppet can no longer find puppet:// resources after ruby2.7 CVE Update 2023-05-05
CVE CVE-2023-28756 A ReDoS issue was discovered in the Time component through 0.2.1 in Ruby through 3.2.1. The Time parser mishandles invalid URLs that have specific ch 2023-05-04
CVE CVE-2023-28755 A ReDoS issue was discovered in the URI component through 0.12.0 in Ruby through 3.2.1. The URI parser mishandles invalid URLs that have specific cha 2023-05-04
CVE CVE-2023-28756 A ReDoS issue was discovered in the Time component through 0.2.1 in Ruby through 3.2.1. The Time parser mishandles invalid URLs that have specific ch 2023-05-04
CVE CVE-2023-28755 A ReDoS issue was discovered in the URI component through 0.12.0 in Ruby through 3.2.1. The URI parser mishandles invalid URLs that have specific cha 2023-05-04
CVE CVE-2021-33621 The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 for Ruby allows HTTP response splitting. This is relevant to applications that 2023-03-20
CVE CVE-2021-33621 The cgi gem before 0.1.0.2, 0.2.x before 0.2.2, and 0.3.x before 0.3.5 for Ruby allows HTTP response splitting. This is relevant to applications that 2023-03-20
CVE CVE-2022-28739 RESERVED 2022-06-06
CVE CVE-2022-28739 RESERVED 2022-06-06



About   -   Send Feedback to @ubuntu_updates