FEDORA-2017-ba12b45469

security update in Fedora 24 for ruby

Status: pending 3 months ago
  • Update to Ruby 2.3.4.
  • Fix SMTP command injection via CRLF sequences in RCPT TO or MAIL FROM commands in Net::SMTP (CVE-2015-9096).

Comments 2

This update has been submitted for testing by vondruch.

vondruch edited this update.


Add Comment & Feedback
Toggle Preview

Comment fields support Fedora-Flavored Markdown.

-1 0 +1 Feedback Guidelines
#1461848 CVE-2015-9096 ruby: SMTP command injection via CRLF sequences in RCPT TO or MAIL FROM commands in Net::SMTP [fedora-all]
#1461846 CVE-2015-9096 ruby: SMTP command injection via CRLF sequences in RCPT TO or MAIL FROM commands in Net::SMTP
Is the update generally functional?
Content Type
RPM
Status
pending
Request
testing
Submitted by
Update Type
security
Karma
0
stable threshold: 3
unstable threshold: -3
Autopush
Enabled
Dates
submitted 3 months ago
modified 3 months ago

Related Bugs 2

00 #1461848 CVE-2015-9096 ruby: SMTP command injection via CRLF sequences in RCPT TO or MAIL FROM commands in Net::SMTP [fedora-all]
00 #1461846 CVE-2015-9096 ruby: SMTP command injection via CRLF sequences in RCPT TO or MAIL FROM commands in Net::SMTP

Automated Test Results