UbuntuUpdates.org

Package "rubygems"

Name: rubygems

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Package management framework for Ruby
Latest version: 3.3.5-2ubuntu1.2
Release: jammy (22.04)
Level: updates
Repository: main

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Other versions of "rubygems" in Jammy

Repository Area Version
base main 3.3.5-2
base universe 2.3.5-2
security main 3.3.5-2ubuntu1.2
security universe 2.3.5-2ubuntu1.2
updates universe 2.3.5-2ubuntu1.2

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 3.3.5-2ubuntu1.2 2025-09-15 19:08:15 UTC

  rubygems (3.3.5-2ubuntu1.2) jammy-security; urgency=medium

  * SECURITY UPDATE: ReDoS
    - debian/patches/CVE-2023-36617.patch: Fix regular expressions
      used to parse URLs in rfc2396_parser.rb and rfc3986_parser.rb.
    - CVE-2023-36617

 -- Edwin Jiang <email address hidden> Thu, 11 Sep 2025 18:03:22 +0000
Source diff to previous version
CVE-2023-36617 A ReDoS issue was discovered in the URI component before 0.12.2 for Ruby. The URI parser mishandles invalid URLs that have specific characters. There

Version: 3.3.5-2ubuntu1.1 2025-09-04 11:06:59 UTC

  rubygems (3.3.5-2ubuntu1.1) jammy-security; urgency=medium

  * SECURITY UPDATE: ReDoS
    - debian/patches/CVE-2023-28755.patch: URI.parse should set empty
      string in host instead of nil in lib/uri/rfc3986_parser.rb, raise
      ArgumentError with empty host url again in
      lib/net/http/generic_request.rb.
    - CVE-2023-28755

 -- Nishit Majithia <email address hidden> Tue, 02 Sep 2025 18:04:56 +0530
CVE-2023-28755 A ReDoS issue was discovered in the URI component through 0.12.0 in Ruby through 3.2.1. The URI parser mishandles invalid URLs that have specific cha


About   -   Send Feedback to @ubuntu_updates