September 2017 Archives
CVE-2017-10784: Escape sequence injection vulnerability in the Basic authentication of WEBrick
There is an escape sequence injection vulnerability in the Basic authentication of WEBrick bundled by Ruby. This vulnerability has been assigned the CVE identifier CVE-2017-10784.
Posted by usa on 14 Sep 2017
CVE-2017-0898: Buffer underrun vulnerability in Kernel.sprintf
There is a buffer underrun vulnerability in the sprintf method of Kernel module.
This vulnerability has been assigned the CVE identifier CVE-2017-0898.
Posted by usa on 14 Sep 2017
Ruby 2.2.8 Released
Ruby 2.2.8 has been released. This release includes several security fixes. Please check the topics below for details.
Posted by usa on 14 Sep 2017
CVE-2017-14033: Buffer underrun vulnerability in OpenSSL ASN1 decode
There is a buffer underrun vulnerability in OpenSSL bundled by Ruby. This vulnerability has been assigned the CVE identifier CVE-2017-14033.
Posted by usa on 14 Sep 2017
CVE-2017-14064: Heap exposure vulnerability in generating JSON
There is a heap exposure vulnerability in JSON bundled by Ruby. This vulnerability has been assigned the CVE identifier CVE-2017-14064.
Posted by usa on 14 Sep 2017
Ruby 2.4.2 Released
We are pleased to announce the release of Ruby 2.4.2. This release contains some security fixes.
Posted by nagachika on 14 Sep 2017