Download
| Alert*
oval:org.secpod.oval:def:89044023
ruby2.5 is installed oval:org.secpod.oval:def:89050926 This update for ruby2.5 and ruby-bundled-gems-rpmhelper fixes the following issues: Changes in ruby2.5: Update to 2.5.5 and 2.5.4: https://www.ruby-lang.org/en/news/2019/03/15/ruby-2-5-5-released/ https://www.ruby-lang.org/en/news/2019/03/13/ruby-2-5-4-released/ Security issues fixed: - CVE-2019-832 ... oval:org.secpod.oval:def:89050999 This update for ruby2.5 fixes the following issues: * CVE-2023-28755: Fixed a ReDoS vulnerability in URI. * CVE-2023-28756: Fixed an expensive regexp in the RFC2822 time parser. * CVE-2021-41817: Fixed a Regular Expression Denial of Service Vulnerability of Date Parsing Methods. * CVE-2021-33621: ... oval:org.secpod.oval:def:3300710 SUSE Security Update: Security update for ruby2.5 oval:org.secpod.oval:def:89047353 This update for ruby2.5 fixes the following issues: - CVE-2021-41819: Fixed cookie prefix spoofing in CGI::Cookie.parse . oval:org.secpod.oval:def:89050368 This update for ruby2.5 to version 2.5.8 fixes the following issues: - CVE-2020-10663: Unsafe Object Creation Vulnerability in JSON . - CVE-2020-10933: Heap exposure vulnerability in the socket library . oval:org.secpod.oval:def:89047085 This update for ruby2.5 fixes the following issues: - CVE-2020-25613: Fixed a potential HTTP Request Smuggling in WEBrick . - Enable optimizations also on ARM64 oval:org.secpod.oval:def:89044022 This update for ruby2.5 toversion 2.5.7 fixes the following issues: ruby 2.5 was updated to version 2.5.7 - CVE-2020-8130: Fixed a command injection in intree copy of rake . - CVE-2019-16255: Fixed a code injection vulnerability of Shell#[] and Shell#test . - CVE-2019-16254: Fixed am HTTP response s ... oval:org.secpod.oval:def:89047204 This update for ruby2.5 fixes the following issues: - CVE-2021-31799: Fixed Command injection vulnerability in RDoc . - CVE-2021-31810: Fixed trusting FTP PASV responses vulnerability in Net:FTP . - CVE-2021-32066: Fixed StartTLS stripping vulnerability in Net:IMAP . oval:org.secpod.oval:def:3301307 SUSE Security Update: Security update for ruby2.5 oval:org.secpod.oval:def:89047475 This update for ruby2.5 fixes the following issues: - CVE-2022-28739: Fixed a buffer overrun in String-to-Float conversion . - CVE-2021-41817: Fixed a regular expression denial of service in Date Parsing Methods . - CVE-2021-32066: Fixed a StartTLS stripping vulnerability in Net:IMAP . - CVE-2021-31 ... |