FEDORA-2017-ba12b45469

security update in Fedora 24 for ruby

Status: pending a year ago
  • Update to Ruby 2.3.4.
  • Fix SMTP command injection via CRLF sequences in RCPT TO or MAIL FROM commands in Net::SMTP (CVE-2015-9096).

Comments 2

This update has been submitted for testing by vondruch.

vondruch edited this update.


Add Comment & Feedback
Toggle Preview

Comment fields support Fedora-Flavored Markdown. Comments are governed under this privacy policy.

-1 0 +1 Feedback Guidelines

Is the update generally functional? (karma)

You need to be logged in to add karma!

#1461846 CVE-2015-9096 ruby: SMTP command injection via CRLF sequences in RCPT TO or MAIL FROM commands in Net::SMTP
#1461848 CVE-2015-9096 ruby: SMTP command injection via CRLF sequences in RCPT TO or MAIL FROM commands in Net::SMTP [fedora-all]
Content Type
RPM
Status
pending
Test Gating
Request
testing
Submitted by
Update Type
security
Update Severity
unspecified
Karma
0
stable threshold: 3
unstable threshold: -3
Autopush
Enabled
Dates
submitted a year ago
modified a year ago

Related Bugs 2

00 #1461846 CVE-2015-9096 ruby: SMTP command injection via CRLF sequences in RCPT TO or MAIL FROM commands in Net::SMTP
00 #1461848 CVE-2015-9096 ruby: SMTP command injection via CRLF sequences in RCPT TO or MAIL FROM commands in Net::SMTP [fedora-all]

Automated Test Results