Information on source package ruby2.5

Available versions

Release	Version
buster	2.5.5-3
bullseye	2.5.7-1
sid	2.5.7-1

Open issues

Bug	buster	bullseye	sid	Description
CVE-2019-16255	vulnerable	fixed	fixed	A code injection vulnerability of Shell#[] and Shell#test
CVE-2019-16254	vulnerable	fixed	fixed	HTTP response splitting in WEBrick (Additional fix)
CVE-2019-16201	vulnerable	fixed	fixed	Regular Expression Denial of Service vulnerability of WEBrick's Digest access authentication
CVE-2019-15845	vulnerable	fixed	fixed	A NUL injection vulnerability of File.fnmatch and File.fnmatch?

Resolved issues

Bug	Description
CVE-2019-8325	An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since ...
CVE-2019-8324	An issue was discovered in RubyGems 2.6 and later through 3.0.2. A cra ...
CVE-2019-8323	An issue was discovered in RubyGems 2.6 and later through 3.0.2. Gem:: ...
CVE-2019-8322	An issue was discovered in RubyGems 2.6 and later through 3.0.2. The g ...
CVE-2019-8321	An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since ...
CVE-2019-8320	A Directory Traversal issue was discovered in RubyGems 2.7.6 and later ...
CVE-2018-8780	In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x b ...
CVE-2018-8779	In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x b ...
CVE-2018-8778	In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x b ...
CVE-2018-8777	In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x b ...
CVE-2018-6914	Directory traversal vulnerability in the Dir.mktmpdir method in the tm ...
CVE-2018-16396	An issue was discovered in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5. ...
CVE-2018-16395	An issue was discovered in the OpenSSL library in Ruby before 2.3.8, 2 ...
CVE-2018-1000079	RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: ...
CVE-2018-1000078	RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: ...
CVE-2018-1000077	RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: ...
CVE-2018-1000076	RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: ...
CVE-2018-1000075	RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: ...
CVE-2018-1000074	RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: ...
CVE-2018-1000073	RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: ...
CVE-2017-17790	The lazy_initialize function in lib/resolv.rb in Ruby through 2.4.3 us ...
CVE-2017-17742	Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x befo ...
CVE-2017-17405	Ruby before 2.4.3 allows Net::FTP command injection. Net::FTP#get, get ...