Lucene search
SuseOPENSUSE-SU-2021:1535-1HistoryDec 06, 2021 - 12:00 a.m.
Security update for ruby2.5 (important)
2021-12-0600:00:00
lists.opensuse.org
15
0.01 Low
EPSS
Percentile
83.7%
An update that fixes three vulnerabilities is now available.
Description:
This update for ruby2.5 fixes the following issues:
- CVE-2021-31799: Fixed Command injection vulnerability in RDoc
(bsc#1190375). - CVE-2021-31810: Fixed trusting FTP PASV responses vulnerability in
Net:FTP (bsc#1188161). - CVE-2021-32066: Fixed StartTLS stripping vulnerability in Net:IMAP
(bsc#1188160).
This update was imported from the SUSE:SLE-15:Update update project.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
-
openSUSE Leap 15.2:
zypper in -t patch openSUSE-2021-1535=1
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE Leap | 15.2 | i586 | < - openSUSE Leap 15.2 (i586 x86_64): | - openSUSE Leap 15.2 (i586 x86_64):.i586.rpm | |
| openSUSE Leap | 15.2 | x86_64 | < - openSUSE Leap 15.2 (i586 x86_64): | - openSUSE Leap 15.2 (i586 x86_64):.x86_64.rpm | |
| openSUSE Leap | 15.2 | noarch | < - openSUSE Leap 15.2 (noarch): | - openSUSE Leap 15.2 (noarch):.noarch.rpm |
Related
nessus
nessus
CentOS 8 : ruby:2.5 (CESA-2022:0672)
2022-02-25 00:00:00
FreeBSD : Ruby -- multiple vulnerabilities (7ed5779c-e4c7-11eb-91d7-08002728f74c)
2021-07-16 00:00:00
Debian DLA-2780-1 : ruby2.3 - LTS security update
2021-10-13 00:00:00
osv
osv
ruby2.3 - security update
2021-10-11 00:00:00
Moderate: ruby:2.5 security update
2022-02-24 00:00:00
Moderate: ruby:2.5 security update
2022-02-24 15:11:44
openvas
openvas
Debian: Security Advisory (DLA-2780-1)
2021-10-14 00:00:00
Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2021-2721)
2021-11-12 00:00:00
Ubuntu: Security Advisory (USN-5020-1)
2021-07-22 00:00:00
cloudfoundry
cloudfoundry
USN-5020-1: Ruby vulnerabilities | Cloud Foundry
2021-09-07 00:00:00
suse
suse
Security update for ruby2.5 (important)
2021-12-01 00:00:00
Security update for ruby2.5 (important)
2022-05-03 00:00:00
oraclelinux
oraclelinux
ruby:2.5 security update
2022-02-28 00:00:00
ruby:2.5 security update
2022-03-08 00:00:00
ruby:2.7 security update
2021-08-06 00:00:00
rocky
rocky
ruby:2.5 security update
2022-02-24 15:11:44
ruby:2.7 security update
2021-08-05 14:06:16
ruby:2.6 security update
2022-02-16 08:26:13
redhat
redhat
(RHSA-2022:0672) Moderate: ruby:2.5 security update
2022-02-24 15:11:44
(RHSA-2021:3559) Important: rh-ruby27-ruby security update
2021-09-20 07:32:43
(RHSA-2021:3020) Important: ruby:2.7 security update
2021-08-05 14:06:16
debian
debian
[SECURITY] [DLA 2780-1] ruby2.3 security update
2021-10-13 14:12:23
[SECURITY] [DSA 5066-1] ruby2.5 security update
2022-02-03 19:26:40
[SECURITY] [DLA 3408-1] jruby security update
2023-04-30 20:58:08
ubuntu
ubuntu
Ruby vulnerabilities
2021-07-21 00:00:00
almalinux
almalinux
Moderate: ruby:2.5 security update
2022-02-24 00:00:00
Important: ruby:2.7 security update
2021-08-05 14:06:16
Important: ruby:2.6 security update
2022-02-16 08:26:13
archlinux
archlinux
[ASA-202107-25] ruby2.6: multiple issues
2021-07-14 00:00:00
[ASA-202107-23] ruby: multiple issues
2021-07-14 00:00:00
[ASA-202107-24] ruby2.7: multiple issues
2021-07-14 00:00:00
freebsd
freebsd
Ruby -- multiple vulnerabilities
2021-07-07 00:00:00
RDoc -- command injection vulnerability
2021-05-02 00:00:00
fedora
fedora
[SECURITY] Fedora 34 Update: ruby-3.0.2-149.fc34
2021-07-29 01:09:21
mageia
mageia
Updated ruby packages fix security vulnerability
2021-12-24 00:01:45
cnvd
cnvd
Ruby Information Disclosure Vulnerability (CNVD-2021-59129)
2021-07-12 00:00:00
debiancve
debiancve
photon
photon
Important Photon OS Security Update - PHSA-2021-0084
2021-08-20 00:00:00
Moderate Photon OS Security Update - PHSA-2021-0096
2021-09-07 00:00:00
Moderate Photon OS Security Update - PHSA-2021-4.0-0096
2021-09-07 00:00:00
prion
prion
ubuntucve
ubuntucve
cve
cve
amazon
amazon
redhatcve
redhatcve
veracode
veracode
Denial Of Service (DoS)
2021-07-11 16:10:12
Denial Of Service (DoS)
2021-07-11 15:57:38
Man In The Middle (MitM)
2021-07-10 14:45:44
alpinelinux
alpinelinux
nvd
nvd
hackerone
hackerone
Ruby: OS Command Injection in 'rdoc' documentation generator
2021-04-12 16:47:15
Ruby: imap: StartTLS stripping attack (CVE-2016-0772).
2021-04-28 16:06:30
Ruby: lib/net/ftp.rb: trusting PASV responses allow client abuse
2021-04-02 15:56:47
github
github
Arbitrary Code Execution in Rdoc
2021-09-01 18:53:15
cbl_mariner
cbl_mariner
CVE-2021-32066 affecting package ruby 2.6.7-3
2021-09-09 15:03:01
CVE-2021-32066 affecting package ruby for versions less than 2.7.4-1
2022-04-09 06:51:53
cvelist
cvelist
gentoo
gentoo
RDoc: Command Injection
2024-01-05 00:00:00
Ruby: Multiple vulnerabilities
2024-01-24 00:00:00
attackerkb
attackerkb
CVE-2021-31799
2021-07-30 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - April 2022
2022-04-19 00:00:00