Page MenuHomeDevCentral
Create Task
Maniphest T379

Upgraded ruby22-gems from 2.4.6 to 2.4.7
Closed, ResolvedPublic
Actions

Description

Security issue

root@ysul:/ # pkg audit
ruby22-gems-2.4.6 is vulnerable:
rubygems -- request hijacking vulnerability
CVE: CVE-2015-3900
WWW: http://vuxml.FreeBSD.org/freebsd/a0089e18-fc9e-11e4-bc58-001e67150279.html

1 problem(s) in the installed packages found.

Event Timeline

dereckson closed this task as Resolved.May 19 2015, 12:11
dereckson claimed this task.
dereckson triaged this task as Normal priority.
dereckson added a project: Servers.
dereckson added a subscriber: dereckson.
dereckson updated the task description. (Show Details)EditedMay 19 2015, 12:11
dereckson added a project: security.
$ cd /usr/ports/devel/ruby-gems
$ make build deinstall reinstall
[...]
===>   Registering installation for ruby22-gems-2.4.7
[...]
$ pkg audit
0 problem(s) in the installed packages found.
Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator