Lucene search

K
redhatRedHatRHSA-2018:0584
HistoryMar 26, 2018 - 9:12 a.m.

(RHSA-2018:0584) Important: rh-ruby24-ruby security, bug fix, and enhancement update

2018-03-2609:12:41
access.redhat.com
17

0.895 High

EPSS

Percentile

98.8%

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks.

The following packages have been upgraded to a later upstream version: rh-ruby24-ruby (2.4.3). (BZ#1549651)

Security Fix(es):

  • ruby: Command injection vulnerability in Net::FTP (CVE-2017-17405)

  • ruby: Command injection in lib/resolv.rb:lazy_initialize() allows arbitrary code execution (CVE-2017-17790)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.