Advisories ยป MGASA-2019-0123

Updated ruby-ox packages fix security vulnerability

Publication date: 05 Apr 2019
Modification date: 05 Apr 2019
Type: security
Affected Mageia releases : 6
CVE: CVE-2017-15928

Description

In the Ox gem 2.8.0 for Ruby, the process crashes with a segmentation fault
when a crafted input is supplied to parse_obj (CVE-2017-15928).

Also, the package was broken and has been fixed to function properly.
                

References

SRPMS

6/core