Linuxeden 开源社区 --
Ruby 2.5.1 已正式发布,本次更新包含 bug 修复和安全修复。
- CVE-2017-17742: HTTP response splitting in WEBrick
- CVE-2018-6914: Unintentional file and directory creation with directory traversal in tempfile and tmpdir
- CVE-2018-8777: DoS by large request in WEBrick
- CVE-2018-8778: Buffer under-read in String#unpack
- CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in UNIXServer and UNIXSocket
- CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir
- Multiple vulnerabilities in RubyGems
关于安全修复的内容, 查看 commit logs 了解具体细节。
下载地址和更新说明请查看:https://www.ruby-lang.org/en/news/2018/03/28/ruby-2-5-1-released/
转自 https://ift.tt/2GzrLga
The post Ruby 2.5.1 正式发布,包含 bug 修复和安全修复 appeared first on Linuxeden开源社区.
https://ift.tt/2pOlcg3
没有评论:
发表评论