Пакет ruby: Информация

    Исходный пакет: ruby
    Версия: 2.4.4-alt0.M70C.1
    Собран:  24 мая 2018 г. 13:18 в задании #206388
    Скопирован в задании: #206923
    Категория: Разработка/Ruby
    Сообщить об ошибке в пакете
    Gear: https://git.altlinux.org/gears/r/ruby.git?a=tree;hb=a879cdadef80…
    Домашняя страница: http://www.ruby-lang.org/
    Лицензия: BSD (revised) or Ruby
    О пакете: An Interpreted Object-Oriented Scripting Language
    Описание: 
    Ruby is an interpreted scripting language for quick and easy object-oriented
programming. It has many features for processing text files and performing system
management tasks (as in Perl). It is simple, straight-forward, and extensible.

This package contains interpreter of object-oriented scripting language Ruby.
    Список rpm-пакетов, предоставляемых данным srpm-пакетом:
    irb (noarch)
    libruby (x86_64, i586)
    libruby-debuginfo (x86_64, i586)
    libruby-devel (x86_64, i586)
    libruby-devel-static (x86_64, i586)
    ri (noarch)
    ruby (x86_64, i586)
    ruby-debuginfo (x86_64, i586)
    ruby-doc-ri (noarch)
    ruby-stdlibs (x86_64, i586)
    ruby-stdlibs-debuginfo (x86_64, i586)
    ruby-tools (noarch)
    Сопровождающий: Andrey Cherepanov
    Список участников:
    Andrey Cherepanov
    Denis Medvedev
    Vladimir D. Seleznev
    Led
    Andriy Stepanov
    Sir Raorn
    Kirill A. Shutemov
    Pavlov Konstantin
    qa-robot
    Kachalov Anton
    Alexander Bokovoy
    Grigory Milev
    Stanislav Ievlev
      1. libyaml-devel
      2. libncursesw-devel
      3. ruby
      4. libffi-devel
      5. libssl-devel
      6. ruby-stdlibs
      7. doxygen
      8. groff-base
      9. libgdbm-devel
      10. rpm-build-ruby >= 1:0.1.3
      11. gcc-c++
      12. libdb4-devel
      13. libreadline-devel
      14. zlib-devel

    Последнее изменение

    15 мая 2018 г. Andrey Cherepanov 2.4.4-alt0.M70C.1
    - New version.
- Fixes:
  + CVE-2017-17742: HTTP response splitting in WEBrick
  + CVE-2018-6914: Unintentional file and directory creation with directory traversal in tempfile and tmpdir
  + CVE-2018-8777: DoS by large request in WEBrick
  + CVE-2018-8778: Buffer under-read in String#unpack
  + CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in UNIXServer and UNIXSocket
  + CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir
    1 февраля 2018 г. Andrey Cherepanov 2.4.3-alt0.M70C.1
    - New version
- Fixes:
  + CVE-2017-17405: Command injection vulnerability in Net::FTP
    12 октября 2017 г. Andrey Cherepanov 2.4.2-alt1.M70C.1
    - New version in c7 branch with security fixes
- Merge rubygems-2.6.14 changes
- Fixes:
  + CVE-2017-0898 Buffer underrun vulnerability in Kernel.sprintf
  + CVE-2017-10784 Escape sequence injection vulnerability in the Basic authentication of WEBrick
  + CVE-2017-14033 Buffer underrun vulnerability in OpenSSL ASN1 decode
  + CVE-2017-14064 Heap exposure in generating JSON
  + CVE-2017-0902 A DNS request hijacking vulnerability
  + CVE-2017-0899 An ANSI escape sequence vulnerability
  + CVE-2017-0900 A DoS vulnerability in the query command
  + CVE-2017-0901 A vulnerability in the gem installer that allowed a malicious gem to overwrite arbitrary files
  + CVE-2017-0903 Unsafe Object Deserialization Vulnerability in RubyGems
  + CVE-2017-0898 Buffer underrun vulnerability in Kernel.sprintf
  + CVE-2017-10784 Escape sequence injection vulnerability in the Basic authentication of WEBrick
  + CVE-2017-14033 Buffer underrun vulnerability in OpenSSL ASN1 decode
  + CVE-2017-14064 Heap exposure in generating JSON
  + CVE-2017-0902 A DNS request hijacking vulnerability
  + CVE-2017-0899 An ANSI escape sequence vulnerability
  + CVE-2017-0900 A DoS vulnerability in the query command
  + CVE-2017-0901 A vulnerability in the gem installer that allowed a malicious gem to overwrite arbitrary files
    VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
    Версия: v24.4.2
    Наверх