Oval Definition:oval:org.opensuse.security:def:119196
Revision Date:2022-05-03Version:1
Title:Security update for ruby2.5 (Important)
Description:

This update for ruby2.5 fixes the following issues:

- CVE-2022-28739: Fixed a buffer overrun in String-to-Float conversion (bsc#1198441). - CVE-2021-41817: Fixed a regular expression denial of service in Date Parsing Methods (bsc#1193035). - CVE-2021-32066: Fixed a StartTLS stripping vulnerability in Net:IMAP (bsc#1188160). - CVE-2021-31810: Fixed a trusting FTP PASV responses vulnerability in Net:FTP (bsc#1188161). - CVE-2021-31799: Fixed a command injection vulnerability in RDoc (bsc#1190375).
Family:unixClass:patch
Status:Reference(s):1188160
1188161
1190375
1193035
1198441
CVE-2021-31799
CVE-2021-31810
CVE-2021-32066
CVE-2021-41817
CVE-2022-28739
SUSE-SU-2022:1512-1
Platform(s):SUSE Linux Enterprise Server 15 SP2-BCL
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Server 15 SP2-BCL is installed
  • AND Package Information
  • libruby2_5-2_5-2.5.9-150000.4.23.1 is installed
  • OR ruby2.5-2.5.9-150000.4.23.1 is installed
  • OR ruby2.5-devel-2.5.9-150000.4.23.1 is installed
  • OR ruby2.5-devel-extra-2.5.9-150000.4.23.1 is installed
  • OR ruby2.5-stdlib-2.5.9-150000.4.23.1 is installed
  • BACK