| Errata ID | 625 |
|---|---|
| Date | 2019-12-18 |
| Source package | ruby2.3 |
| Fixed in version | 2.3.3-1+deb9u7 |
| Description | This update addresses the following issues: * Ruby allows HTTP Response Splitting. If a program using WEBrick inserts untrusted input into the response header, an attacker can exploit it to insert a newline character to split a header, and inject malicious content to deceive clients. NOTE: this issue exists because of an incomplete fix for CVE-2017-17742, which addressed the CRLF vector, but did not address an isolated CR or an isolated LF. (CVE-2019-16254) * Ruby mishandles path checking within File.fnmatch functions. (CVE-2019-15845) * Regular expression denial of service vulnerability of WEBrick's Digest access authentication (CVE-2019-16201) * Ruby allows code injection if the first argument (aka the "command" argument) to Shell#[] or Shell#test in lib/shell.rb is untrusted data. An attacker can exploit this to call an arbitrary Ruby method. (CVE-2019-16255) |
| Additional notes | |
| CVE ID | CVE-2019-15845 CVE-2019-16201 CVE-2019-16254 CVE-2019-16255 |
| UCS Bug number | #50655 |
