=========================================================================Ubuntu Security Notice USN-4560-1 September 30, 2020 ruby-gon vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS Summary: Gon gem could be made to run programs if it received specially crafted network traffic. Software Description: - ruby-gon: Ruby library to send data to JavaScript from a Ruby application Details: It was discovered that Gon gem did not properly escape certain input. An attacker could use this vulnerability to execute a cross-site scripting (XSS) attack. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS: ruby-gon 6.1.0-1+deb9u1build0.18.04.1 In general, a standard system update will make all the necessary changes. References: https://usn.ubuntu.com/4560-1 CVE-2020-25739 Package Information: https://launchpad.net/ubuntu/+source/ruby-gon/6.1.0-1+deb9u1build0.18.04.1 -- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
Ubuntu 4560-1: Gon gem vulnerability
September 30, 2020
Gon gem could be made to run programs if it received specially crafted network traffic.
Summary
Update Instructions
The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS: ruby-gon 6.1.0-1+deb9u1build0.18.04.1 In general, a standard system update will make all the necessary changes.
References
https://usn.ubuntu.com/4560-1
CVE-2020-25739
Severity
September 30, 2020
Package Information
https://launchpad.net/ubuntu/+source/ruby-gon/6.1.0-1+deb9u1build0.18.04.1 -- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
News
HOWTOs
About Us
Powered By
