Debian: DLA-2864-1 Moderate: ruby-haml Code Execution Risk

debian lts

December 29, 2021

In ruby-haml, which is an elegant, structured XHTML/XML templating engine, when using user input to perform tasks on the server, characters like < > " ' must be escaped prope...

Topics Covered

security advisory code execution debian input sanitization attack vector ruby-haml

Summary

For Debian 9 stretch, this problem has been fixed in version
4.0.7-1+deb9u1.

We recommend that you upgrade your ruby-haml packages.

For the detailed security status of ruby-haml please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/source-package/ruby-haml

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

Package: ruby-haml

Version: 4.0.7-1+deb9u1

CVE ID: CVE-2017-1002201

Topics Covered

security advisory code execution debian input sanitization attack vector ruby-haml

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Debian: DLA-2864-1 Moderate: ruby-haml Code Execution Risk

Topics Covered

Summary

Topics Covered

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Debian: DLA-2864-1 Moderate: ruby-haml Code Execution Risk

Topics Covered

Summary

Topics Covered

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!