Oval Definition:oval:org.opensuse.security:def:93292
Revision Date:2022-05-03Version:1
Title: (Important)
Description:

This update for ruby2.5 fixes the following issues:

- CVE-2022-28739: Fixed a buffer overrun in String-to-Float conversion (bsc#1198441). - CVE-2021-41817: Fixed a regular expression denial of service in Date Parsing Methods (bsc#1193035). - CVE-2021-32066: Fixed a StartTLS stripping vulnerability in Net:IMAP (bsc#1188160). - CVE-2021-31810: Fixed a trusting FTP PASV responses vulnerability in Net:FTP (bsc#1188161). - CVE-2021-31799: Fixed a command injection vulnerability in RDoc (bsc#1190375).
Family:unixClass:patch
Status:Reference(s):1184123
1188160
1188161
1190375
1190381
1193035
1198441
CVE-2021-31799
CVE-2021-31810
CVE-2021-32066
CVE-2021-3781
CVE-2021-41817
CVE-2022-28739
SUSE-SU-2021:3044-1
Platform(s):Image SLES15-SP4-Manager-Proxy-4-3-BYOS-Azure
SUSE Manager Server 4.0
Product(s):
Definition Synopsis
  • Image SLES15-SP4-Manager-Proxy-4-3-BYOS-Azure is installed
  • AND Package Information
  • libruby2_5-2_5-2.5.9-150000.4.23.1 is installed
  • OR ruby2.5-2.5.9-150000.4.23.1 is installed
  • OR ruby2.5-stdlib-2.5.9-150000.4.23.1 is installed
    • Definition Synopsis
  • SUSE Manager Server 4.0 is installed
  • AND Package Information
  • ghostscript-9.52-155.1 is installed
  • OR ghostscript-devel-9.52-155.1 is installed
  • OR ghostscript-x11-9.52-155.1 is installed
  • OR libspectre-devel-0.2.8-3.12.1 is installed
  • OR libspectre1-0.2.8-3.12.1 is installed
    • BACK