Changelog:
alt-ruby22-2.2.8-24
alt-ruby23-2.3.5-16
alt-ruby24-2.4.2-4
- CVE-2017-0898: buffer underrun vulnerability in Kernel.sprintf;
- CVE-2017-10784: escape sequence injection vulnerability in the Basic authentication of WEBrick;
- CVE-2017-14033: buffer underrun vulnerability in OpenSSL ASN1 decode;
- CVE-2017-14064: heap exposure vulnerability in generating JSON.
- fixed multiple vulnerabilities in RubyGems;
- updated bundled libyaml to version 0.1.7.
lundi, septembre 25, 2017
