drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Denial of Service in rubygem-addressable
Name: |
Denial of Service in rubygem-addressable |
|
ID: |
FEDORA-2021-e9fc035565 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 33 |
|
Datum: |
Fr, 27. August 2021, 23:40 |
|
Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32740 |
|
Applikationen: |
rubygem-addressable |
|
Originalnachricht |
------------------------------------------------------------------------------- - Fedora Update Notification FEDORA-2021-e9fc035565 2021-08-27 18:55:25.463057 ------------------------------------------------------------------------------- -
Name : rubygem-addressable Product : Fedora 33 Version : 2.7.0 Release : 5.fc33 URL : https://github.com/sporkmonger/addressable Summary : URI Implementation Description : Addressable is an alternative implementation to the URI implementation that is part of Ruby's standard library. It is flexible, offers heuristic parsing, and additionally provides extensive support for IRIs and URI templates.
------------------------------------------------------------------------------- - Update Information:
A security flaw was found on rubygem-addressable that a crafted template may cause DOS. This issue is now assinged as CVE-2021-32740. This new rpm should fix this issue. ------------------------------------------------------------------------------- - ChangeLog:
* Sun Aug 8 2021 Mamoru TASAKA <mtasaka@fedoraproject.org> - 2.7.0-5 - Upstream patch for CVE-2021-32740 (bug 1979702) * Fri Jul 23 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.7.0-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild * Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.7.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #1979703 - CVE-2021-32740 rubygem-addressable: ReDoS in templates [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1979703 ------------------------------------------------------------------------------- -
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-e9fc035565' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
|
|
|
|