drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Zwei Probleme in Ruby (Aktualisierung)
| Name: |
Zwei Probleme in Ruby (Aktualisierung) |
|
| ID: |
USN-7256-2 |
|
| Distribution: |
Ubuntu |
|
| Plattformen: |
Ubuntu 20.04 LTS |
|
| Datum: |
Fr, 14. Februar 2025, 07:08 |
|
| Referenzen: |
Keine Angabe |
|
| Applikationen: |
Ruby |
|
| Update von: |
Zwei Probleme in Ruby |
|
Originalnachricht |
--===============1094924641709763537==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="pccjdyjcolqbcyj5"
Content-Disposition: inline
--pccjdyjcolqbcyj5
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
==========================================================================
Ubuntu Security Notice USN-7256-2
February 13, 2025
ruby2.7 regression
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
Summary:
USN-7256-1 caused some minor regressions in Ruby
Software Description:
- ruby2.7: Object-oriented scripting language
Details:
USN-7256-1 fixed vulnerabilities in Ruby. The update introduced a minor
regression. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
It was discovered that Ruby incorrectly handled parsing of an XML document
that has specific XML characters in an attribute value using REXML gem. An
attacker could use this issue to cause Ruby to crash, resulting in a
denial of service.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS
libruby2.7 2.7.0-5ubuntu1.17
ruby2.7 2.7.0-5ubuntu1.17
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7256-2
https://ubuntu.com/security/notices/USN-7256-1
https://launchpad.net/bugs/2097527
Package Information:
https://launchpad.net/ubuntu/+source/ruby2.7/2.7.0-5ubuntu1.17
--pccjdyjcolqbcyj5
Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQGzBAABCgAdFiEEs16801xnF7wK3rCK7Ic6ztRocjwFAmetpaoACgkQ7Ic6ztRo
cjy7wAv8Dk7xic83niiwnsf5mble8rVGOubGXaOS3/Cucjs8LCkA0j3WJINNjDLg
9QcYtX0jmkTrxDPSXR0sSQE6ED1M5ua0zzoTseymsj+jkShWdz1gZeDZSunSkoLN
uC5WGQ7ngxXxV2qOjA0u1/F8S8u4caKnLfe60mqbDGx10ttQDJ+acKDhJ4X4Lw7v
JYwtvBYyRyC2ozRPs99EtXMsqUOS+XCtNNvq03SjYWzQP1hKsxDJBpP0r1to1LxQ
zP5viaBfhhgcreinjkhiNWTWxscAxC1vQTQfC+fD6v7brCCUi3esptfRSZZIl6cA
ItJuISttEk0ec7UAuwbglt2BNSvkjITlG0/rLi+T52+ftoKdmcKsHt0qowjPU+FC
H7Z/lCiKfsPfXrkPp9M2AmL+lgqd+98q/eNx2omKyr0FQcxXoST9eitIAH3WiDEH
qqcHEiaLQ3Ih6NimLJ13pq6WOK5pcytpbUukiH1rAG2XGvb0WShyV1poG5wuOMBy
343x/6UR
=qQPA
-----END PGP SIGNATURE-----
--pccjdyjcolqbcyj5--
--===============1094924641709763537==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline
--===============1094924641709763537==--
|
|
|
|
