34 matches found
Debian: Security Advisory (DLA-1735-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-1735-1 : ruby2.1 security update
Several vulnerabilities have been discovered in rubygems embedded in ruby2.1, the interpreted scripting language. CVE-2019-8320 A Directory Traversal issue was discovered in RubyGems. Before making new directories or touching files which now include path-checking code for symlinks, it would delet...
[SECURITY] [DLA 1735-1] ruby2.1 security update
Package : ruby2.1 Version : 2.1.5-2+deb8u7 CVE ID : CVE-2019-8320 CVE-2019-8322 CVE-2019-8323 CVE-2019-8324 CVE-2019-8325 Several vulnerabilities have been discovered in rubygems embedded in ruby2.1, the interpreted scripting language. CVE-2019-8320 A Directory Traversal issue was discovered in...
Debian DLA-1558-1 : ruby2.1 security update
CVE-2018-16395 Fix for OpenSSL::X509::Name equality check. CVE-2018-16396 Tainted flags are not propagated in Arraypack and Stringunpack with some directives. For Debian 8 'Jessie', these problems have been fixed in version 2.1.5-2+deb8u6. We recommend that you upgrade your ruby2.1 packages. NOTE...
[SECURITY] [DLA 1558-1] ruby2.1 security update
Package : ruby2.1 Version : 2.1.5-2+deb8u6 CVE ID : CVE-2018-16395 CVE-2018-16396 CVE-2018-16395 Fix for OpenSSL::X509::Name equality check. CVE-2018-16396 Tainted flags are not propagated in Arraypack and Stringunpack with some directives. For Debian 8 "Jessie", these problems have been fixed in...
Debian: Security Advisory (DLA-1558-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 1421-1] ruby2.1 security update
Package : ruby2.1 Version : 2.1.5-2+deb8u4 CVE ID : CVE-2015-9096 CVE-2016-2339 CVE-2016-7798 CVE-2017-0898 CVE-2017-0899 CVE-2017-0900 CVE-2017-0901 CVE-2017-0902 CVE-2017-0903 CVE-2017-10784 CVE-2017-14033 CVE-2017-14064 CVE-2017-17405 CVE-2017-17742 CVE-2017-17790 CVE-2018-6914 CVE-2018-8777...
openSUSE Security Update : ruby2.1 (openSUSE-2017-527)
This ruby2.1 update to version 2.1.9 fixes the following issues : Security issues fixed : - CVE-2016-2339: heap overflow vulnerability in the Fiddle::Function.new'initialize' bsc1018808 - CVE-2015-7551: Unsafe tainted string usage in Fiddle and DL bsc959495 - CVE-2015-3900: hostname validation do...
openSUSE: Security Advisory for ruby2.1 (openSUSE-SU-2017:1128-1)
The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE SLED12 / SLES12 Security Update : ruby2.1 (SUSE-SU-2017:1067-1)
This ruby2.1 update to version 2.1.9 fixes the following issues: Security issues fixed : - CVE-2016-2339: heap overflow vulnerability in the Fiddle::Function.new'initialize' bsc1018808 - CVE-2015-7551: Unsafe tainted string usage in Fiddle and DL bsc959495 - CVE-2015-3900: hostname validation doe...
Debian DSA-3247-1 : ruby2.1 - security update
It was discovered that the Ruby OpenSSL extension, part of the interpreter for the Ruby language, did not properly implement hostname matching, in violation of RFC 6125. This could allow remote attackers to perform a man-in-the-middle attack via crafted SSL certificates. %NASLMINLEVEL 70300 C...
[SECURITY] [DSA 3247-1] ruby2.1 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3247-1 [email protected] http://www.debian.org/security/ Alessandro Ghedini May 02, 2015 http://www.debian.org/security/faq -...
Debian Security Advisory DSA 3247-1 (ruby2.1 - security update)
It was discovered that the Ruby OpenSSL extension, part of the interpreter for the Ruby language, did not properly implement hostname matching, in violation of RFC 6125. This could allow remote attackers to perform a man-in-the-middle attack via crafted SSL certificates. OpenVAS Vulnerability Tes...
openSUSE Security Update : ruby2.1 (openSUSE-SU-2015:0007-1)
The following issues were fixed in this update : - CVE-2014-8090: Denial Of Service XML Expansion bnc905326 - CVE-2014-8080: Denial Of Service XML Expansion bnc902851 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...