Overview

File _patchinfo of Package patchinfo.21931

<patchinfo incident="21931">
  <issue tracker="bnc" id="1188160">VUL-0: CVE-2021-32066: ruby,ruby2.1,ruby2.5: A StartTLS stripping vulnerability in Net:IMAP</issue>
  <issue tracker="bnc" id="1188161">VUL-0: CVE-2021-31810: ruby,ruby2.1,ruby2.5: Trusting FTP PASV responses vulnerability in Net:FTP</issue>
  <issue tracker="bnc" id="1190375">VUL-0: CVE-2021-31799: rubygem-rdoc,rubygem-rdoc-3,ruby,ruby2.1,ruby2.5: Command injection vulnerability in RDoc</issue>
  <issue tracker="cve" id="2021-31799"/>
  <issue tracker="cve" id="2021-31810"/>
  <issue tracker="cve" id="2021-32066"/>
  <packager>alix82</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for ruby2.5</summary>
  <description>This update for ruby2.5 fixes the following issues:

- CVE-2021-31799: Fixed Command injection vulnerability in RDoc (bsc#1190375).
- CVE-2021-31810: Fixed trusting FTP PASV responses vulnerability in Net:FTP (bsc#1188161).
- CVE-2021-32066: Fixed StartTLS stripping vulnerability in Net:IMAP (bsc#1188160).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places