| Errata ID | 300 |
|---|---|
| Date | 2018-11-07 |
| Source package | ruby2.3 |
| Fixed in version | 2.3.3-1+deb9u4 |
| Description | This update addresses the following issues: * OpenSSL::X509::Name equality check does not work correctly (CVE-2018-16395) * Tainted flags are not propagated in Array#pack and String#unpack with some directives (CVE-2018-16396) |
| Additional notes | |
| CVE ID | CVE-2018-16395 CVE-2018-16396 |
| UCS Bug number | #48094 |
