Lucene search

K
oraclelinuxOracleLinuxELSA-2021-2588
HistoryJul 07, 2021 - 12:00 a.m.

ruby:2.6 security, bug fix, and enhancement update

2021-07-0700:00:00
linux.oracle.com
60

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

ruby
[2.6.7-107]

  • Upgrade to Ruby 2.6.7.
    Resolves: rhbz#1952627
  • Resolv::DNS: timeouts if multiple IPv6 name servers are given an address
    containing leading zero
    Resolves: rhbz#1954968
  • Fix: Rubygem-bundler: Don’t use insecure tmp directory as home
    allows for execution of malicious code.
    Resolves: rhbz#1954969

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C