[SUSE-SU-2020:0737-1] Recommended update for ruby2.5
Severity
Important
Affected Packages
20
CVEs
7
Recommended update for ruby2.5
This update for ruby2.5 toversion 2.5.7 fixes the following issues:
ruby 2.5 was updated to version 2.5.7
- CVE-2020-8130: Fixed a command injection in intree copy of rake (bsc#1164804).
- CVE-2019-16255: Fixed a code injection vulnerability of Shell#[] and Shell#test (bsc#1152990).
- CVE-2019-16254: Fixed am HTTP response splitting in WEBrick (bsc#1152992).
- CVE-2019-15845: Fixed a null injection vulnerability of File.fnmatch and File.fnmatch? (bsc#1152994).
- CVE-2019-16201: Fixed a regular expression denial of service of WEBrick Digest access authentication (bsc#1152995).
- CVE-2012-6708: Fixed an XSS in JQuery
- CVE-2015-9251: Fixed an XSS in JQuery
- Fixed unit tests (bsc#1140844)
- Removed some unneeded test files (bsc#1162396).
- ID
- SUSE-SU-2020:0737-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2020/suse-su-20200737-1/
- Published
-
2020-03-20T12:47:31
(4 years ago) - Modified
-
2020-03-20T12:47:31
(4 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- ALAS-2020-1384
- ALAS-2020-1385
- ALAS-2020-1422
- ALAS2-2020-1519
- ALAS2-2024-2486
- ALPINE:CVE-2012-6708
- ALPINE:CVE-2015-9251
- ALPINE:CVE-2019-15845
- ALPINE:CVE-2019-16201
- ALPINE:CVE-2019-16254
- ALPINE:CVE-2019-16255
- ALSA-2020:4670
- ALSA-2020:4847
- ALSA-2021:2587
- ALSA-2021:2588
- ASA-201910-2
- ASA-201910-4
- DSA-4586-1
- DSA-4587-1
- ELSA-2020-3936
- ELSA-2021-2587
- ELSA-2021-2588
- FEDORA-2020-28e06b5f08
- FEDORA-2020-dc1ae17bb5
- FREEBSD:416CA0F4-3FE0-11E9-BBDD-6805CA0B3D42
- FREEBSD:ED8D5535-CA78-11E9-980B-999FF59C22EA
- FREEBSD:F7FCB75C-E537-11E9-863E-B9B7AF01BA9E
- GLSA-202003-06
- MAVEN:GHSA-2PQJ-H3VJ-PQGW
- MAVEN:GHSA-RMXG-73GG-4P98
- MS:CVE-2019-15845
- MS:CVE-2019-16201
- MS:CVE-2019-16254
- MS:CVE-2019-16255
- NPM:GHSA-2PQJ-H3VJ-PQGW
- NPM:GHSA-RMXG-73GG-4P98
- openSUSE-SU-2020:0395-1
- RHSA-2020:3936
- RHSA-2020:4670
- RHSA-2020:4847
- RHSA-2021:2587
- RHSA-2021:2588
- RLSA-2020:4670
- RLSA-2020:4847
- RLSA-2021:2587
- RLSA-2021:2588
- RUBYSEC:JQUERY-RAILS-2012-6708
- RUBYSEC:JQUERY-RAILS-2015-9251
- RUBYSEC:PUMA-2020-5247
- RUBYSEC:RAKE-2020-8130
- SUSE-SU-2020:1570-1
- SUSE-SU-2022:3212-1
- USN-4201-1
- USN-4295-1
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/suse/ruby2.5?arch=x86_64&distro=sles-15 | suse | ruby2.5 | < 2.5.7-4.8.1 | sles-15 | x86_64 | |
Affected | pkg:rpm/suse/ruby2.5?arch=s390x&distro=sles-15 | suse | ruby2.5 | < 2.5.7-4.8.1 | sles-15 | s390x | |
Affected | pkg:rpm/suse/ruby2.5?arch=ppc64le&distro=sles-15 | suse | ruby2.5 | < 2.5.7-4.8.1 | sles-15 | ppc64le | |
Affected | pkg:rpm/suse/ruby2.5?arch=aarch64&distro=sles-15 | suse | ruby2.5 | < 2.5.7-4.8.1 | sles-15 | aarch64 | |
Affected | pkg:rpm/suse/ruby2.5-stdlib?arch=x86_64&distro=sles-15 | suse | ruby2.5-stdlib | < 2.5.7-4.8.1 | sles-15 | x86_64 | |
Affected | pkg:rpm/suse/ruby2.5-stdlib?arch=s390x&distro=sles-15 | suse | ruby2.5-stdlib | < 2.5.7-4.8.1 | sles-15 | s390x | |
Affected | pkg:rpm/suse/ruby2.5-stdlib?arch=ppc64le&distro=sles-15 | suse | ruby2.5-stdlib | < 2.5.7-4.8.1 | sles-15 | ppc64le | |
Affected | pkg:rpm/suse/ruby2.5-stdlib?arch=aarch64&distro=sles-15 | suse | ruby2.5-stdlib | < 2.5.7-4.8.1 | sles-15 | aarch64 | |
Affected | pkg:rpm/suse/ruby2.5-devel?arch=x86_64&distro=sles-15 | suse | ruby2.5-devel | < 2.5.7-4.8.1 | sles-15 | x86_64 | |
Affected | pkg:rpm/suse/ruby2.5-devel?arch=s390x&distro=sles-15 | suse | ruby2.5-devel | < 2.5.7-4.8.1 | sles-15 | s390x | |
Affected | pkg:rpm/suse/ruby2.5-devel?arch=ppc64le&distro=sles-15 | suse | ruby2.5-devel | < 2.5.7-4.8.1 | sles-15 | ppc64le | |
Affected | pkg:rpm/suse/ruby2.5-devel?arch=aarch64&distro=sles-15 | suse | ruby2.5-devel | < 2.5.7-4.8.1 | sles-15 | aarch64 | |
Affected | pkg:rpm/suse/ruby2.5-devel-extra?arch=x86_64&distro=sles-15 | suse | ruby2.5-devel-extra | < 2.5.7-4.8.1 | sles-15 | x86_64 | |
Affected | pkg:rpm/suse/ruby2.5-devel-extra?arch=s390x&distro=sles-15 | suse | ruby2.5-devel-extra | < 2.5.7-4.8.1 | sles-15 | s390x | |
Affected | pkg:rpm/suse/ruby2.5-devel-extra?arch=ppc64le&distro=sles-15 | suse | ruby2.5-devel-extra | < 2.5.7-4.8.1 | sles-15 | ppc64le | |
Affected | pkg:rpm/suse/ruby2.5-devel-extra?arch=aarch64&distro=sles-15 | suse | ruby2.5-devel-extra | < 2.5.7-4.8.1 | sles-15 | aarch64 | |
Affected | pkg:rpm/suse/libruby2_5-2_5?arch=x86_64&distro=sles-15 | suse | libruby2_5-2_5 | < 2.5.7-4.8.1 | sles-15 | x86_64 | |
Affected | pkg:rpm/suse/libruby2_5-2_5?arch=s390x&distro=sles-15 | suse | libruby2_5-2_5 | < 2.5.7-4.8.1 | sles-15 | s390x | |
Affected | pkg:rpm/suse/libruby2_5-2_5?arch=ppc64le&distro=sles-15 | suse | libruby2_5-2_5 | < 2.5.7-4.8.1 | sles-15 | ppc64le | |
Affected | pkg:rpm/suse/libruby2_5-2_5?arch=aarch64&distro=sles-15 | suse | libruby2_5-2_5 | < 2.5.7-4.8.1 | sles-15 | aarch64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |