Updated ruby-rake packages fix security vulnerability
Publication date: 06 Mar 2020Modification date: 06 Mar 2020
Type: security
Affected Mageia releases : 7
CVE: CVE-2020-8130
Description
Updated ruby-rake package fixes security vulnerability: There is an OS command injection vulnerability in Rake < 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe character (CVE-2020-8130).
References
SRPMS
7/core
- ruby-rake-12.3.0-21.mga7