Advisories ยป MGASA-2019-0062

Updated jruby packages fix security vulnerability

Publication date: 13 Feb 2019
Modification date: 13 Feb 2019
Type: security
Affected Mageia releases : 6
CVE: CVE-2018-1000073 , CVE-2018-1000074 , CVE-2018-1000075 , CVE-2018-1000076 , CVE-2018-1000077 , CVE-2018-1000078 , CVE-2018-1000079

Description

Several vulnerabilities were discovered in jruby. They would allow an
attacker to use specially crafted gem files to mount cross-site scripting
attacks, cause denial of service through an infinite loop, write arbitrary
files, or run malicious code (CVE-2018-1000073, CVE-2018-1000074,
CVE-2018-1000075, CVE-2018-1000076, CVE-2018-1000077, CVE-2018-1000078,
CVE-2018-1000079).
                

References

SRPMS

6/core