it-securitynotifies AT lists.piratenpartei.de
Betreff: Sicherheitsankündigungen
Listenarchiv
- From: Moritz Muehlenhoff <jmm AT debian.org>
- To: debian-security-announce AT lists.debian.org
- Subject: [IT-SecNots] [SECURITY] [DSA 5067-1] ruby2.7 security update
- Date: Thu, 3 Feb 2022 19:30:34 +0000
- List-archive: https://lists.debian.org/msgid-search/20220203193034.GB32234 AT seger.debian.org
- List-id: <debian-security-announce.lists.debian.org>
- List-url: <http://lists.debian.org/debian-security-announce/>
- Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Content-Type:MIME-Version:Message-ID:Subject:To:From: Date:Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=NlqHCpjxZ1s0du9GAIyBEc3Z1VapeOjq14fVtQIm3gU=; b=S5 F3e5S8Agx45fYQeaslfi0knXfoQwnkhO3ygaA1K1L/7aV+f4Pd/QIXCmq8ffWEWCfHV61pHFXcbWo p2tY+rm+UhsFiadKqRwG/CknzhmfnTb/yAy8ZXRxuCf/nfAknse76BqxSZhTwdia5+9GjSrzmVUvW dEjs1r1UvMFA3QPb37zInI7QjUgB5mP5o40Zkvs/PSMAN5Octd4QKVlWtRtBpfGyo+8i0TiLVL/Dj PXb7XRrhOaLBt4PsGVcA5bO7s4yLhE4/Ilytmz/u3rOXpa01klLSBpZIEHwJ3pugBsoiVu2nFwswo RsXCd5PuZJTXh4gAg5hfM7Jx+foCDnBg==;
- Old-return-path: <jmm AT seger.debian.org>
- Priority: urgent
- Resent-date: Thu, 3 Feb 2022 19:30:54 +0000 (UTC)
- Resent-from: debian-security-announce AT lists.debian.org
- Resent-message-id: <v3MHyyR1neD.A.-LC.u1C_hB@bendel>
- Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian Security Advisory DSA-5067-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
February 03, 2022 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : ruby2.7
CVE ID : CVE-2021-41816 CVE-2021-41817 CVE-2021-41819
Several vulnerabilities have been discovered in the interpreter for
the Ruby language and the Rubygems included, which may result on
result in information disclosure or denial of service.
For the stable distribution (bullseye), these problems have been fixed in
version 2.7.4-1+deb11u1.
We recommend that you upgrade your ruby2.7 packages.
For the detailed security status of ruby2.7 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/ruby2.7
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmH8Kn4ACgkQEMKTtsN8
TjbTxRAAuUOw3o3ErLuVtbb215FdUNe9F0ENKk9PMwc2Na3cF+Nvg3Vo5+G54g8V
VhcJw/3rTohAdmwvPwmLiQ6rgWRXNgKGx7Bf9qXaBzD9mdPcQ5A1VoiK61mtgh0n
2Ax93kWJ/gDK0xYK7haIRXe1TQQEkg4hjAegsP1yWCBn/axXTOKSNIaRj4iuSkfD
PUcTfKQiH+PoRkAOd8+gOVDej2uYFsvkeQJzNMWzJuLLym96Hs5IAOUigpFImDTc
L+QzEBbyPdW6T9nh1ED5/lR/X6avah1nm7wFnSsaaDZhFj9OXXY5tWpQytHC32nG
F10WvcfY6t786pO7ckZv+C0XqXfoN0mBrh6LR1CXl/B9dKRRii8b2QuoEPwKY5KA
l5cdvF33DWmNaH6z9XiGhOrqkYmFuPGxGyXyXZ48eKb+GgJJT9ARNQw3243kxedj
lZ+FlL8C+3mqsZKShTKb1zQmGun1945/qJ6VdGLZEEfhEkBGr9EhJHdzM97O6YV9
XDP2QdalTeQXGVya1DeWkdIP/6mwcZNbS/N2LLV2qnjSfgesiYlkXYhuwKjbtLrd
KV+An5grnoyKNwnWiaDlKFvoIOsI+WgimfcY8zMek+Icjui9bnnNAlGbM/2Ch1TN
i74G3y+xdqcZYKR0z7MigISX1X8EFDOKI3x6P3X9rOaHiInISbU=
=Lzsl
-----END PGP SIGNATURE-----
- [IT-SecNots] [SECURITY] [DSA 5067-1] ruby2.7 security update, Moritz Muehlenhoff, 03.02.2022
Archiv bereitgestellt durch MHonArc 2.6.24.