UbuntuUpdates.org

Package "ruby2.6-dev"

This package belongs to a PPA: Brightbox Ruby NG Experimental

Name: ruby2.6-dev

Description:

Header files for compiling extension modules for the Ruby 2.6
Latest version: 2.6.10-1bbox1~bionic1
Release: bionic (18.04)
Level: base
Repository: main
Head package: ruby2.6

Links

All versions of this package
Bug fixes

Repository home page

Download "ruby2.6-dev"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "ruby2.6-dev" in Bionic

No other version of this package is available in the Bionic release.

Changelog

Version: 2.6.10-1bbox1~bionic1 2022-04-20 17:08:09 UTC

 ruby2.6 (2.6.10-1bbox1~bionic1) bionic; urgency=medium
 .
   * New upstream release 2.6.10
   * Fixes CVE-2020-25613, CVE-2021-28965, CVE-2021-31810, CVE-2021-32066,
     CVE-2021-31799, CVE-2021-41817, CVE-2021-41819, CVE-2022-28739

Source diff to previous version
CVE-2020-25613 An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, had not
CVE-2021-28965 The REXML gem before 3.2.5 in Ruby before 2.6.7, 2.7.x before 2.7.3, and 3.x before 3.0.1 does not properly address XML round-trip issues. An incorre
CVE-2021-31810 An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. A malicious FTP server can use the PASV response to trick
CVE-2021-32066 A StartTLS stripping vulnerability in Net::IMAP
CVE-2021-31799 A command injection vulnerability in RDoc
CVE-2021-41817 RESERVED
CVE-2021-41819 RESERVED
CVE-2022-28739 RESERVED

Version: 2.6.6-1bbox1~bionic1 2020-06-11 12:08:15 UTC

 ruby2.6 (2.6.6-1bbox1~bionic1) bionic; urgency=medium
 .
   * New upstream release 2.6.6
   * Fixes CVE-2020-10663, CVE-2020-10933

Source diff to previous version
CVE-2020-10663 The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulne
CVE-2020-10933 An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim calls BasicSocket#read_nonblock(requested_size, buff

Version: 2.6.5-1bbox1~bionic1 2019-10-03 18:08:37 UTC

 ruby2.6 (2.6.5-1bbox1~bionic1) bionic; urgency=medium
 .
   * New upstream release 2.6.5
   * Fixes CVE-2019-16255, CVE-2019-16254, CVE-2019-15845, CVE-2019-16201,
     CVE-2012-6708, CVE-2015-9251

Source diff to previous version
CVE-2019-16255 RESERVED
CVE-2019-16254 RESERVED
CVE-2019-15845 RESERVED
CVE-2019-16201 RESERVED
CVE-2012-6708 jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in
CVE-2015-9251 jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, ca

Version: 2.6.2-1bbox1~bionic1 2019-03-15 14:08:33 UTC

 ruby2.6 (2.6.2-1bbox1~bionic1) bionic; urgency=medium
 .
   * New upstream release 2.6.2
   * Fixes CVE-2019-8320 through 8325 with Rubygems update.

Source diff to previous version
CVE-2019-8320 RESERVED

Version: 2.6.1-1bbox11~bionic1 2019-02-18 00:08:03 UTC

 ruby2.6 (2.6.1-1bbox11~bionic1) bionic; urgency=medium
 .
   * New upstream release, 2.6.1



About   -   Send Feedback to @ubuntu_updates