What Are You Looking For?

Sign Up
MGASA-2022-0102 - Updated ruby packages fix security vulnerability

Publication date: 14 Mar 2022
URL: https://advisories.mageia.org/MGASA-2022-0102.html
Type: security
Affected Mageia releases: 8
CVE: CVE-2021-43809

Command injection in ruby bundler. (CVE-2021-43809)

References:
- https://bugs.mageia.org/show_bug.cgi?id=30162
- https://blog.sonarsource.com/securing-developer-tools-package-managers- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43809

SRPMS:
- 8/core/ruby-2.7.5-33.3.mga8

Mageia 2022-0102: ruby security update

Command injection in ruby bundler

Summary

Command injection in ruby bundler. (CVE-2021-43809)

References

- https://bugs.mageia.org/show_bug.cgi?id=30162

- https://blog.sonarsource.com/securing-developer-tools-package-managers- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43809

Resolution

MGASA-2022-0102 - Updated ruby packages fix security vulnerability

SRPMS

- 8/core/ruby-2.7.5-33.3.mga8

Severity
Publication date: 14 Mar 2022
URL: https://advisories.mageia.org/MGASA-2022-0102.html
Type: security
CVE: CVE-2021-43809

Related News

New CacheWarp AMD CPU attack lets hackers gain root in Linux VMs

Nov 15, 2023

Nitrux Devs Make It Easier to Upgrade Your Immutable Nitrux OS Installations

Jun 20, 2023

Critical SQL Injection Flaws Expose Gentoo Soko to Remote Code Execution

Jun 30, 2023

Hackers Deploy Open-Source Tool Sliver C2, Replacing Cobalt Strike, Metasploit

Jan 24, 2023

News

Advisories

HOWTOs

Features

Unlocking the Future of Authentication: Passkeys vs. Passwords
Empowering MSPs with Straightforward Linux Device Management
A Complete Guide to Torrenting Safely in 2024
Cloud Security Basics for Small Businesses
Scanning and Defending Networks with Nmap

About Us

Powered By

Footer Logo