[FEDORA-2017-6e6f4f95e6] Fedora 26: ruby

Severity Critical

Affected Packages 1

CVEs 3

Update to Ruby 2.4.2.

Package	Affected Version
pkg:rpm/fedora/ruby?distro=fedora-26	< 2.4.2.84.fc26

ID

FEDORA-2017-6e6f4f95e6

Severity

critical

Severity from

CVE-2017-0898

URL

Published

2017-12-26T16:32:32
(6 years ago)

Modified

2017-12-26T16:32:32
(6 years ago)

Rights

Other Advisories

Source	# ID	Name	URL
Bugzilla	1491866	Bug #1491866 - CVE-2017-14033 ruby: Buffer underrun in OpenSSL ASN1 decode	https://bugzilla.redhat.com/show_bug.cgi?id=1491866
Bugzilla	1492015	Bug #1492015 - CVE-2017-0898 ruby: Buffer underrun vulnerability in Kernel.sprintf	https://bugzilla.redhat.com/show_bug.cgi?id=1492015
Bugzilla	1492012	Bug #1492012 - CVE-2017-10784 ruby: Escape sequence injection vulnerability in the Basic authentication of WEBrick	https://bugzilla.redhat.com/show_bug.cgi?id=1492012

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform	Arch	Patch / Fix
Affected	pkg:rpm/fedora/ruby?distro=fedora-26	fedora	ruby	< 2.4.2.84.fc26	fedora-26

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date