Overview Details

File _patchinfo of Package patchinfo

<patchinfo incident="6567">
  <issue id="1018808" tracker="bnc">VUL-0: CVE-2016-2339: ruby19,ruby: heap overflow vulnerability in the Fiddle::Function.new"initialize"</issue>
  <issue id="959495" tracker="bnc">VUL-0: CVE-2015-7551: ruby19,ruby: Unsafe tainted string usage in Fiddle and DL</issue>
  <issue id="2015-7551" tracker="cve" />
  <issue id="2016-2339" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>darix</packager>
  <description>
This update for ruby2.2, ruby2.3 fixes the following issues:

Security issues fixed:
- CVE-2016-2339: heap overflow vulnerability in the Fiddle::Function.new"initialize" (boo#1018808)
- CVE-2015-7551: Unsafe tainted string usage in Fiddle and DL (boo#959495)

Detailed ChangeLog:
- http://svn.ruby-lang.org/repos/ruby/tags/v2_2_6/ChangeLog
- http://svn.ruby-lang.org/repos/ruby/tags/v2_3_3/ChangeLog
</description>
  <summary>Security update for ruby2.2, ruby2.3</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places