UbuntuUpdates.org

Package "libruby2.5"

This package belongs to a PPA: Brightbox Ruby NG Experimental

Name: libruby2.5

Description:

Libraries necessary to run Ruby 2.5

Latest version: 2.5.8-1bbox1~xenial1
Release: xenial (16.04)
Level: base
Repository: main
Head package: ruby2.5

Links


Download "libruby2.5"


Other versions of "libruby2.5" in Xenial

No other version of this package is available in the Xenial release.

Changelog

Version: 2.5.8-1bbox1~xenial1 2020-07-01 18:08:31 UTC

 ruby2.5 (2.5.8-1bbox1~xenial1) xenial; urgency=medium
 .
   * New upstream release 2.5.8
   * Fixes CVE-2020-10663 and CVE-2020-10933

Source diff to previous version
CVE-2020-10663 The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulne
CVE-2020-10933 An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim calls BasicSocket#read_nonblock(requested_size, buff

Version: 2.5.7-1bbox3~xenial1 2019-10-08 18:09:11 UTC

 ruby2.5 (2.5.7-1bbox3~xenial1) xenial; urgency=medium
 .
   * New upstream release 2.5.7
   * Exclude client_cert_auth test that fails under openssl 1.1.1
   * Fixes CVE-2019-16255, CVE-2019-16254, CVE-2019-15845, CVE-2019-16201,
     CVE-2012-6708, CVE-2015-9251

Source diff to previous version
CVE-2019-16255 RESERVED
CVE-2019-16254 RESERVED
CVE-2019-15845 RESERVED
CVE-2019-16201 RESERVED
CVE-2012-6708 jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in
CVE-2015-9251 jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, ca

Version: 2.5.7-1bbox2~xenial1 2019-10-04 17:08:28 UTC

 ruby2.5 (2.5.7-1bbox2~xenial1) xenial; urgency=medium
 .
   * New upstream release 2.5.7
   * Fixes CVE-2019-16255, CVE-2019-16254, CVE-2019-15845, CVE-2019-16201,
     CVE-2012-6708, CVE-2015-9251

Source diff to previous version
CVE-2019-16255 RESERVED
CVE-2019-16254 RESERVED
CVE-2019-15845 RESERVED
CVE-2019-16201 RESERVED
CVE-2012-6708 jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in
CVE-2015-9251 jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, ca

Version: 2.5.7-1bbox1~xenial1 2019-10-03 18:08:37 UTC

 ruby2.5 (2.5.7-1bbox1~xenial1) xenial; urgency=medium
 .
   * New upstream release 2.5.7
   * Fixes CVE-2019-16255, CVE-2019-16254, CVE-2019-15845, CVE-2019-16201,
     CVE-2012-6708, CVE-2015-9251

Source diff to previous version
CVE-2019-16255 RESERVED
CVE-2019-16254 RESERVED
CVE-2019-15845 RESERVED
CVE-2019-16201 RESERVED
CVE-2012-6708 jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in
CVE-2015-9251 jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, ca

Version: 2.5.5-1bbox1~xenial1 2019-03-15 13:07:53 UTC

 ruby2.5 (2.5.5-1bbox1~xenial1) xenial; urgency=medium
 .
   * New upstream release 2.5.5
   * Fixes CVE-2019-8320 through 8325 with Rubygems update.

CVE-2019-8320 RESERVED



About   -   Send Feedback to @ubuntu_updates