logo
DATABASE RESOURCES PRICING ABOUT US

Updated ruby packages fix a security vulnerability

Description

A potential HTTP request smuggling vulnerability in WEBrick was reported. WEBrick was too tolerant against an invalid Transfer-Encoding header. This may lead to inconsistent interpretation between WEBrick and some HTTP proxy servers, which may allow the attacker to “smuggle” a request (CVE-2020-25613).


Affected Package


OS OS Version Package Name Package Version
Mageia 7 ruby 2.5.8-22

Related