Debian Bug report logs -
#911920
ruby25: CVE-2018-16396: Tainted flags are not propagated in Array#pack and String#unpack with some directives
Package:
src:ruby25;
Maintainer for src:ruby25 is Debian Ruby Team <pkg-ruby-extras-maintainers@listsaliothdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg> ...
Several security issues were fixed in Ruby ...
Synopsis
Important: ruby security update
Type/Severity
Security Advisory: Important
Topic
An update for ruby is now available for Red Hat Enterprise Linux 74 Advanced Update Support, Red Hat Enterprise Linux 74 Telco Extended Update Support, and Red Hat Enterprise Linux 74 Update Services for SAP Solutio ...
Synopsis
Important: rh-ruby24-ruby security, bug fix, and enhancement update
Type/Severity
Security Advisory: Important
Topic
An update for rh-ruby24-ruby is now available for Red Hat Software CollectionsRed Hat Product Security has rated this update as having a security impact of Important A Common Vulne ...
Synopsis
Important: rh-ruby23-ruby security, bug fix, and enhancement update
Type/Severity
Security Advisory: Important
Topic
An update for rh-ruby23-ruby is now available for Red Hat Software CollectionsRed Hat Product Security has rated this update as having a security impact of Important A Common Vulne ...
Synopsis
Moderate: ruby security update
Type/Severity
Security Advisory: Moderate
Topic
An update for ruby is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gi ...
Synopsis
Important: rh-ruby25-ruby security, bug fix, and enhancement update
Type/Severity
Security Advisory: Important
Topic
An update for rh-ruby25-ruby is now available for Red Hat Software CollectionsRed Hat Product Security has rated this update as having a security impact of Important A Common Vulne ...
Synopsis
Moderate: ruby security update
Type/Severity
Security Advisory: Moderate
Topic
An update for ruby is now available for Red Hat Enterprise Linux 76 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System ( ...
It was found that WEBrick could be forced to use an excessive amount of memory during the processing of HTTP requests, leading to a Denial of Service An attacker could use this flaw to send huge requests to a WEBrick application, resulting in the server running out of memory (CVE-2018-8777)
It was found that the tmpdir and tempfile modules did no ...
An issue was discovered in the OpenSSL library in Ruby before 238, 24x before 245, 25x before 252, and 26x before 260-preview3 When two OpenSSL::X509::Name objects are compared using ==, depending on the ordering, non-equal objects may return true When the first argument is one character longer than the second, or the second argumen ...
An issue was discovered in Ruby before 238, 24x before 245, 25x before 252, and 26x before 260-preview3 It does not taint strings that result from unpacking tainted strings with some formats (CVE-2018-16396)
The JSON gem through 220 for Ruby, as used in Ruby 24 through 249, 25 through 257, and 26 through 265, has an Unsaf ...
An issue was discovered in Ruby before 238, 24x before 245, 25x before 252, and 26x before 260-preview3 It does not taint strings that result from unpacking tainted strings with some formats ...