Package "yard-doc"

Name: yard-doc


Ruby documentation tool - documentation

Latest version: 0.9.28-2ubuntu0.1
Release: mantic (23.10)
Level: security
Repository: universe
Head package: yard
Homepage: https://yardoc.org


Download "yard-doc"

Other versions of "yard-doc" in Mantic

Repository Area Version
base universe 0.9.28-2
updates universe 0.9.28-2ubuntu0.1


Version: 0.9.28-2ubuntu0.1 2024-04-15 09:06:59 UTC

  yard (0.9.28-2ubuntu0.1) mantic-security; urgency=medium

  * SECURITY UPDATE: Cross-Site Scripting
    - debian/patches/CVE-2024-27285-1.patch: Update frames.erb
    - debian/patches/CVE-2024-27285-2.patch: Update frames.erb
    - debian/patches/CVE-2024-27285-3.patch: assign url_for_main to a
    - debian/patches/CVE-2024-27285-4.patch: Fix semicolon
    - CVE-2024-27285

 -- Giampaolo Fresi Roglia <email address hidden> Sun, 14 Apr 2024 20:27:44 +0200

CVE-2024-27285 YARD is a Ruby Documentation tool. The "frames.html" file within the Yard Doc's generated documentation is vulnerable to Cross-Site Scripting (XSS) a

About   -   Send Feedback to @ubuntu_updates