RLSA-2021:3020 --- rubyID: oval:org.secpod.oval:def:4501353 | Date: (C)2023-04-03 (M)2024-05-09 |
Class: PATCH | Family: unix |
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fix: * rubygem-bundler: Dependencies of gems with explicit source may be installed from a different source * rubygem-rdoc: Command injection vulnerability in RDoc * ruby: FTP PASV command response can cause Net::FTP to connect to arbitrary host * ruby: StartTLS stripping vulnerability in Net::IMAP For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.