Package "ruby3.1-doc"
Name: |
ruby3.1-doc
|
Description: |
Documentation for Ruby 3.1
|
Latest version: |
3.1.2-6ubuntu0.23.04.2 |
Release: |
lunar (23.04) |
Level: |
updates |
Repository: |
main |
Head package: |
ruby3.1 |
Homepage: |
https://www.ruby-lang.org/ |
Links
Download "ruby3.1-doc"
Other versions of "ruby3.1-doc" in Lunar
Changelog
ruby3.1 (3.1.2-6ubuntu0.23.04.2) lunar-security; urgency=medium
* SECURITY UPDATE: ReDoS
- debian/patches/CVE-2023-36617.patch: changes regex behaviour
in lib/url/rfc2396_parser.rb, lib/uri/rfc3986_parser.rb.
- CVE-2023-36617
-- Leonidas Da Silva Barbosa <email address hidden> Tue, 04 Jul 2023 11:43:58 -0300
|
Source diff to previous version |
CVE-2023-36617 |
A ReDoS issue was discovered in the URI component before 0.12.2 for Ruby. The URI parser mishandles invalid URLs that have specific characters. There |
|
ruby3.1 (3.1.2-6ubuntu0.23.04.1) lunar-security; urgency=medium
* SECURITY UPDATE: ReDoS
- debian/patches/CVE-2023-28755.patch: URI.parse should set empty
string in host instead of nil in lib/uri/rfc3986_parser.rb, raise
ArgumentError with empty host url again in
lib/net/http/generic_request.rb.
- debian/patches/fix-uri-tests.patch: Added assert_linear_performance
for URI tests
- CVE-2023-28755
* SECURITY UPDATE: ReDos
- debian/patches/CVE-2023-28756.patch: fix quadratic backtracking on
invalid time and make RFC2822 regexp linear in lib/time.rb.
- CVE-2023-28756
* debian/patches/fix-wss-tests.patch: Fix uninitialized constant URI::WSS
* debian/patches/fix-fiber-tests.patch: Fix actual hostname resolution
* debian/patches/fix-generic-tests.patch: Raise ArgumentError with empty
host url again
-- Nishit Majithia <email address hidden> Fri, 16 Jun 2023 09:50:29 +0530
|
CVE-2023-28755 |
A ReDoS issue was discovered in the URI component through 0.12.0 in Ruby through 3.2.1. The URI parser mishandles invalid URLs that have specific cha |
CVE-2023-28756 |
A ReDoS issue was discovered in the Time component through 0.2.1 in Ruby through 3.2.1. The Time parser mishandles invalid URLs that have specific ch |
|
About
-
Send Feedback to @ubuntu_updates