Alerts This Week
Warning Icon 1 640
Alerts This Week
Warning Icon 1 640

Debian Jessie DLA-1467-1: Ruby-Zip Directory Traversal Risk Repair

debian lts
Calendar Grey August 15, 2018
Dist Debian Esm H88
Update ruby-zip to version 1.1.6-1+deb8u2 to address a Directory Traversal vulnerability that permits unauthorized file modifications.
It was found that rubyzip, a Ruby module for reading and writing zip files, contained a Directory Traversal vulnerability that can be exploited to write arbitrary files to the file...

Summary

We recommend that you upgrade your ruby-zip packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS


Severity
important
Lowest
Low
Medium
High
Critical

Package: ruby-zip
Version: 1.1.6-1+deb8u2
CVE ID: CVE-2018-1000544
Debian Bug: 902720

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here