Changelog:

alt-ruby22-2.2.8-24

alt-ruby23-2.3.5-16

alt-ruby24-2.4.2-4

  • CVE-2017-0898: buffer underrun vulnerability in Kernel.sprintf;
  • CVE-2017-10784: escape sequence injection vulnerability in the Basic authentication of WEBrick;
  • CVE-2017-14033: buffer underrun vulnerability in OpenSSL ASN1 decode;
  • CVE-2017-14064: heap exposure vulnerability in generating JSON.
  • fixed multiple vulnerabilities in RubyGems;
  • updated bundled libyaml to version 0.1.7.


 lundi, septembre 25, 2017



« Retour