UbuntuUpdates.org

Package "ruby2.5"

This package belongs to a PPA: Brightbox Ruby NG Experimental

Name: ruby2.5

Description:

Interpreter of object-oriented scripting language Ruby

Latest version: 2.5.8-1bbox1~bionic1
Release: bionic (18.04)
Level: base
Repository: main

Links


Download "ruby2.5"


Other versions of "ruby2.5" in Bionic

Repository Area Version
base main 2.5.1-1ubuntu1
security main 2.5.1-1ubuntu1.16
updates main 2.5.1-1ubuntu1.16

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 2.5.8-1bbox1~bionic1 2020-07-01 18:08:31 UTC

 ruby2.5 (2.5.8-1bbox1~bionic1) bionic; urgency=medium
 .
   * New upstream release 2.5.8
   * Fixes CVE-2020-10663 and CVE-2020-10933

Source diff to previous version
CVE-2020-10663 The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulne
CVE-2020-10933 An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim calls BasicSocket#read_nonblock(requested_size, buff

Version: 2.5.7-1bbox3~bionic1 2019-10-08 18:09:13 UTC

 ruby2.5 (2.5.7-1bbox3~bionic1) bionic; urgency=medium
 .
   * New upstream release 2.5.7
   * Exclude client_cert_auth test that fails under openssl 1.1.1
   * Fixes CVE-2019-16255, CVE-2019-16254, CVE-2019-15845, CVE-2019-16201,
     CVE-2012-6708, CVE-2015-9251

Source diff to previous version
CVE-2019-16255 RESERVED
CVE-2019-16254 RESERVED
CVE-2019-15845 RESERVED
CVE-2019-16201 RESERVED
CVE-2012-6708 jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in
CVE-2015-9251 jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, ca

Version: 2.5.5-1bbox1~bionic1 2019-03-15 12:08:23 UTC

 ruby2.5 (2.5.5-1bbox1~bionic1) bionic; urgency=medium
 .
   * New upstream release 2.5.5
   * Fixes CVE-2019-8320 through 8325 with Rubygems update.

Source diff to previous version
CVE-2019-8320 RESERVED

Version: 2.5.3-1bbox5~bionic1 2019-01-03 20:07:19 UTC

 ruby2.5 (2.5.3-1bbox5~bionic1) bionic; urgency=low
 .
   * Skip tests broken by timezone data updates on Bionic
   * Fix tests broken by expired ssl cert fixtures

Source diff to previous version

Version: 2.5.3-1bbox1~bionic1 2018-10-22 20:08:38 UTC

 ruby2.5 (2.5.3-1bbox1~bionic1) bionic; urgency=medium
 .
   * New upstream release 2.5.3.
   * Fixes CVE-2018-16396 and CVE-2018-16395.

CVE-2018-16396 RESERVED
CVE-2018-16395 RESERVED



About   -   Send Feedback to @ubuntu_updates