FEDORA-2017-20214ad330

security update in Fedora 26 for rubygems

Status: stable 2 years ago

Update to RubyGems 2.6.13.

How to install

sudo dnf upgrade --advisory=FEDORA-2017-20214ad330

Comments 9

This update has been submitted for testing by vondruch.

vondruch edited this update.

This update has been pushed to testing.

Tested on development envs without issue.

karma: +1 #1487587: +1 #1487588: +1 #1487589: +1 #1487590: +1 #1487591: +1

works for me

karma: +1

This update has been submitted for stable by bodhi.

This update has been pushed to stable.


Add Comment & Feedback
Toggle Preview

Comment fields support Fedora-Flavored Markdown. Comments are governed under this privacy policy.

-1 0 +1 Feedback Guidelines

Is the update generally functional? (karma)

You need to be logged in to add karma!

#1487587 CVE-2017-0901 rubygems: Arbitrary file overwrite due to incorrect validation of specification name
#1487588 CVE-2017-0900 rubygems: No size limit in summary length of gem spec
#1487589 CVE-2017-0902 rubygems: DNS hijacking vulnerability
#1487590 CVE-2017-0899 rubygems: Escape sequence in the "summary" field of gemspec
#1487591 CVE-2017-0899 CVE-2017-0900 CVE-2017-0901 CVE-2017-0902 rubygems: various flaws [fedora-all]
Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
unspecified
Karma
+3
stable threshold: 3
unstable threshold: -3
Autopush
Enabled
Dates
submitted 2 years ago
in testing 2 years ago
in stable 2 years ago
modified 2 years ago

Related Bugs 5

0+1 #1487587 CVE-2017-0901 rubygems: Arbitrary file overwrite due to incorrect validation of specification name
0+1 #1487588 CVE-2017-0900 rubygems: No size limit in summary length of gem spec
0+1 #1487589 CVE-2017-0902 rubygems: DNS hijacking vulnerability
0+1 #1487590 CVE-2017-0899 rubygems: Escape sequence in the "summary" field of gemspec
0+1 #1487591 CVE-2017-0899 CVE-2017-0900 CVE-2017-0901 CVE-2017-0902 rubygems: various flaws [fedora-all]

Automated Test Results