Advisories » MGASA-2022-0102

Updated ruby packages fix security vulnerability

Publication date: 14 Mar 2022
Modification date: 14 Mar 2022
Type: security
Affected Mageia releases : 8
CVE: CVE-2021-43809

Description

Command injection in ruby bundler. (CVE-2021-43809)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=30162
• https://blog.sonarsource.com/securing-developer-tools-package-managers
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43809

SRPMS

8/core

• ruby-2.7.5-33.3.mga8