[ubuntu/oracular-security] ruby3.3 3.3.4-2ubuntu5.1 (Accepted)
Nishit Majithia
nishit.majithia at canonical.com
Tue Nov 5 03:40:55 UTC 2024
ruby3.3 (3.3.4-2ubuntu5.1) oracular-security; urgency=medium
* SECURITY UPDATE: denial of service in REXML
- debian/patches/CVE-2024-41946.patch: Add support for XML entity
expansion limitation in SAX and pull parsers
- debian/patches/CVE-2024-49761.patch: fix a bug that �x...; is
accepted as a character reference
- CVE-2024-41946
- CVE-2024-49761
Date: 2024-10-31 09:02:21.855083+00:00
Changed-By: Nishit Majithia <nishit.majithia at canonical.com>
https://launchpad.net/ubuntu/+source/ruby3.3/3.3.4-2ubuntu5.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the oracular-changes
mailing list