Details

    • Template:
    • Team:
      Night's Watch
    • Story Points:
      2
    • Sprint:
      NW - 2019-10-16
    • QA Risk Assessment:
      Needs Assessment

      Description

      Bump Ruby to address the following CVEs:
      This release includes security fixes. Please check the topics below for details.

      CVE-2019-16255: A code injection vulnerability of Shell#[] and Shell#test
      CVE-2019-16254: HTTP response splitting in WEBrick (Additional fix)
      CVE-2019-15845: A NUL injection vulnerability of File.fnmatch and File.fnmatch?
      CVE-2019-16201: Regular Expression Denial of Service vulnerability of WEBrick’s Digest access authentication

        Attachments

          Activity

            People

            • Assignee:
              gabriel.nagy Gabriel Nagy
              Reporter:
              mihai.buzgau Mihai Buzgau
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Zendesk Support