SUSE-SU-2022:1512-1 -- SLES ruby2.5, libruby2_5-2_5ID: oval:org.secpod.oval:def:89047475 | Date: (C)2022-11-04 (M)2024-05-22 |
Class: PATCH | Family: unix |
This update for ruby2.5 fixes the following issues: - CVE-2022-28739: Fixed a buffer overrun in String-to-Float conversion . - CVE-2021-41817: Fixed a regular expression denial of service in Date Parsing Methods . - CVE-2021-32066: Fixed a StartTLS stripping vulnerability in Net:IMAP . - CVE-2021-31810: Fixed a trusting FTP PASV responses vulnerability in Net:FTP . - CVE-2021-31799: Fixed a command injection vulnerability in RDoc .
Platform: |
SUSE Linux Enterprise Desktop 15 SP4 |
SUSE Linux Enterprise Server 15 SP4 |
SUSE Linux Enterprise Server 15 SP3 |
SUSE Linux Enterprise Desktop 15 SP3 |
Product: |
ruby2.5 |
libruby2_5-2_5 |