Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 543
Alerts This Week
Warning Icon 1 543

Debian 10 buster DLA-3447-1 Critical: Ruby2.5 Denial of Service

debian lts
Calendar Grey June 7, 2023
Dist Debian Esm H88
Tackling ReDoS vulnerabilities within Ruby for Debian LTS. Essential upgrade for improved security measures and safeguarding systems.
Two regular expression Denial of Service (ReDoS) issues were discovered in Ruby: the first in the URI component, and the second in the Time module

Summary

For Debian 10 buster, these problems have been fixed in version
2.5.5-3+deb10u5.

We recommend that you upgrade your ruby2.5 packages.

For the detailed security status of ruby2.5 please refer to
its security tracker page at:


Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS



Severity
critical
Lowest
Low
Medium
High
Critical

Package: ruby2.5
Version: 2.5.5-3+deb10u5

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.