Synopsis
Important: ruby:26 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for the ruby:26 module is now available for Red Hat Enterprise Linux 82 Extended Update SupportRed Hat Product Secu ...
Synopsis
Important: ruby:26 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for the ruby:26 module is now available for Red Hat Enterprise Linux 81 Update Services for SAP SolutionsRed Hat Pr ...
Debian Bug report logs -
#972230
CVE-2017-17742 CVE-2019-16201 CVE-2019-16254 CVE-2019-16255 CVE-2020-25613
Package:
jruby;
Maintainer for jruby is Debian Java Maintainers <pkg-java-maintainers@listsaliothdebianorg>; Source for jruby is src:jruby (PTS, buildd, popcon)
Reported by: Moritz Muehlenhoff <jmm@debianorg> ...
Debian Bug report logs -
#830904
ITP: puppetserver -- the next-generation application for managing Puppet agents
Package:
wnpp;
Maintainer for wnpp is wnpp@debianorg;
Reported by: Mathieu Parent <sathieu@debianorg>
Date: Tue, 12 Jul 2016 20:24:02 UTC
Owned by: pollo@debianorg
Severity: wishlist
Fix blocked by 972230: ...
An issue was discovered in Ruby through 258, 26x through 266, and 27x through 271 WEBrick, a simple HTTP server bundled with Ruby, had not checked the transfer-encoding header value rigorously An attacker may potentially exploit this issue to bypass a reverse proxy (which also has a poor header check), which may lead to an HTTP Request ...
An issue was discovered in Ruby through 258, 26x through 266, and 27x through 271 WEBrick, a simple HTTP server bundled with Ruby, had not checked the transfer-encoding header value rigorously An attacker may potentially exploit this issue to bypass a reverse proxy (which also has a poor header check), which may lead to an HTTP Request ...
An issue was discovered in Ruby through 258, 26x through 266, and 27x through 271 WEBrick, a simple HTTP server bundled with Ruby, had not checked the transfer-encoding header value rigorously An attacker may potentially exploit this issue to bypass a reverse proxy (which also has a poor header check), which may lead to an HTTP Request ...
The JSON gem through 220 for Ruby, as used in Ruby 24 through 249, 25 through 257, and 26 through 265, has an Unsafe Object Creation Vulnerability This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby Specifically, use of JSON parsing methods can lead to creation of a malicious object ...