[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

253164

 
 

909

 
 

197077

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
OVAL

SUSE-SU-2022:1512-1 -- SLES ruby2.5, libruby2_5-2_5

ID: oval:org.secpod.oval:def:89047475Date: (C)2022-11-04   (M)2024-05-22
Class: PATCHFamily: unix




This update for ruby2.5 fixes the following issues: - CVE-2022-28739: Fixed a buffer overrun in String-to-Float conversion . - CVE-2021-41817: Fixed a regular expression denial of service in Date Parsing Methods . - CVE-2021-32066: Fixed a StartTLS stripping vulnerability in Net:IMAP . - CVE-2021-31810: Fixed a trusting FTP PASV responses vulnerability in Net:FTP . - CVE-2021-31799: Fixed a command injection vulnerability in RDoc .

Platform:
SUSE Linux Enterprise Desktop 15 SP4
SUSE Linux Enterprise Server 15 SP4
SUSE Linux Enterprise Server 15 SP3
SUSE Linux Enterprise Desktop 15 SP3
Product:
ruby2.5
libruby2_5-2_5
Reference:
SUSE-SU-2022:1512-1
CVE-2021-31799
CVE-2021-31810
CVE-2021-32066
CVE-2021-41817
CVE-2022-28739
CVE    5
CVE-2021-32066
CVE-2021-31799
CVE-2021-31810
CVE-2021-41817
...
CPE    6
cpe:/a:libruby2_5-2_5:libruby2_5-2_5
cpe:/a:ruby2.5:ruby2.5
cpe:/o:suse:suse_linux_enterprise_server:15:sp4
cpe:/o:suse:suse_linux_enterprise_server:15:sp3
...

© SecPod Technologies