Ubuntu
ruby3.0 package

ruby3.0 3.0.4-7ubuntu0.2 source package in Ubuntu

Changelog

ruby3.0 (3.0.4-7ubuntu0.2) kinetic-security; urgency=medium

  * SECURITY UPDATE: ReDoS
    - debian/patches/CVE-2023-28755.patch: adds '+' once or more in specific
      places of the  RFC3986 regex in order to avoid the increase in execution
      time for parsing strings to URI objects in lib/uri/rfc3986_parser.rb.
    - debian/patches/CVE-2023-28755-fix-test-uri-empty-host-again.patch:
      fix test uri in lib/net/http/generic_request.rb.
    - CVE-2023-28755
  * SECURITY UPDATE: ReDoS
    - debian/patches/CVE-2023-36617.patch: changes regex behaviour
      in lib/url/rfc2396_parser.rb, lib/uri/rfc3986_parser.rb.
    - CVE-2023-36617

 -- Leonidas Da Silva Barbosa <email address hidden>  Thu, 06 Jul 2023 12:59:52 -0300

Upload details

Uploaded by:
Leonidas S. Barbosa
Uploaded to:
Kinetic
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
ruby
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
ruby3.0_3.0.4.orig.tar.xz 13.0 MiB 876b5becac51e15d805e69c7e3c85276d40d63237071a58ee6266410850fda2e
ruby3.0_3.0.4-7ubuntu0.2.debian.tar.xz 163.3 KiB 6705976939b88e51976c72ddac2a0d171dc6908e9238be7d2919999868642755
ruby3.0_3.0.4-7ubuntu0.2.dsc 2.6 KiB 5a19e3198c35d280066b74b7c110c74e3ba2e121820dc4931b79ee9a41212c4e

View changes file

Binary packages built by this source

libruby3.0: No summary available for libruby3.0 in ubuntu kinetic.

No description available for libruby3.0 in ubuntu kinetic.

libruby3.0-dbgsym: No summary available for libruby3.0-dbgsym in ubuntu kinetic.

No description available for libruby3.0-dbgsym in ubuntu kinetic.

ruby3.0: No summary available for ruby3.0 in ubuntu kinetic.

No description available for ruby3.0 in ubuntu kinetic.

ruby3.0-dbgsym: No summary available for ruby3.0-dbgsym in ubuntu kinetic.

No description available for ruby3.0-dbgsym in ubuntu kinetic.

ruby3.0-dev: No summary available for ruby3.0-dev in ubuntu kinetic.

No description available for ruby3.0-dev in ubuntu kinetic.

ruby3.0-doc: No summary available for ruby3.0-doc in ubuntu kinetic.

No description available for ruby3.0-doc in ubuntu kinetic.