Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Step:15-SP3
patchinfo.11866
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.11866
<patchinfo incident="11866"> <issue tracker="cve" id="2019-16255"/> <issue tracker="cve" id="2019-16254"/> <issue tracker="cve" id="2012-6708"/> <issue tracker="cve" id="2019-15845"/> <issue tracker="cve" id="2019-16201"/> <issue tracker="cve" id="2015-9251"/> <issue tracker="cve" id="2020-8130"/> <issue tracker="bnc" id="1164804">VUL-0: CVE-2020-8130: rubygem-rake: command injection when supplying a filename that begins with the pipe character</issue> <issue tracker="bnc" id="1152994">VUL-0: CVE-2019-15845: ruby2.5,ruby,ruby2.1: A NUL injection vulnerability of File.fnmatch and File.fnmatch?</issue> <issue tracker="bnc" id="1152995">VUL-0: CVE-2019-16201: ruby2.5,ruby,ruby2.1: Regular Expression Denial of Service vulnerability of WEBrick's Digest access authentication</issue> <issue tracker="bnc" id="1152990">VUL-0: CVE-2019-16255: ruby2.5,ruby,ruby2.1: code injection vulnerability of Shell#[] and Shell#test</issue> <issue tracker="bnc" id="1162396">Non-commercial license in ruby2.5-stdlib package</issue> <issue tracker="bnc" id="1152992">VUL-0: CVE-2019-16254: ruby2.5,ruby,ruby2.1: HTTP response splitting in WEBrick (Additional fix)</issue> <issue tracker="bnc" id="1140844">ruby2.5 test suite is not executed due to a wrong parameter (-x) being supplied</issue> <packager>darix</packager> <rating>important</rating> <category>security</category> <summary>Recommended update for ruby2.5</summary> <description>This update for ruby2.5 toversion 2.5.7 fixes the following issues: ruby 2.5 was updated to version 2.5.7 - CVE-2020-8130: Fixed a command injection in intree copy of rake (bsc#1164804). - CVE-2019-16255: Fixed a code injection vulnerability of Shell#[] and Shell#test (bsc#1152990). - CVE-2019-16254: Fixed am HTTP response splitting in WEBrick (bsc#1152992). - CVE-2019-15845: Fixed a null injection vulnerability of File.fnmatch and File.fnmatch? (bsc#1152994). - CVE-2019-16201: Fixed a regular expression denial of service of WEBrick Digest access authentication (bsc#1152995). - CVE-2012-6708: Fixed an XSS in JQuery - CVE-2015-9251: Fixed an XSS in JQuery - Fixed unit tests (bsc#1140844) - Removed some unneeded test files (bsc#1162396). </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor