Sinthani Ruby 2.6.5, 2.5.7 ndi 2.4.8 ndi zofooka zokhazikika
Zowongolera za chilankhulo cha pulogalamu ya Ruby zapangidwa 2.6.5, 2.5.7 ΠΈ 2.4.8, zomwe zinakonza zofooka zinayi. Chiwopsezo chowopsa kwambiri (CVE-2019-16255) mulaibulale wamba Nkhono (lib/shell.rb), amene timatha kupanga code m'malo. Ngati deta yomwe yalandilidwa kuchokera kwa wogwiritsa ntchito yasinthidwa pamakangano oyamba a Shell#[] kapena Shell#test njira zogwiritsiridwa ntchito kuwunika kupezeka kwa fayilo, wowukira angapangitse kuti njira ya Ruby itchulidwe.
Mavuto ena:
CVE-2019-16254 - kuwonekera kwa seva yomangidwa mkati mwa http WEBrick Kuwukira kwa HTTP kugawanika (ngati pulogalamu iyika deta yosatsimikizirika pamutu wa mayankho a HTTP, ndiye kuti mutuwo ukhoza kugawidwa poyika chizindikiro chatsopano);
CVE-2019-15845 m'malo mwa null character (\0) m'zimene zachongedwa kudzera mu njira za βFile.fnmatchβ ndi βFile.fnmatch?β. Njira zamafayilo zitha kugwiritsidwa ntchito kuyambitsa cheke;
CVE-2019-16201 - kukana ntchito mu gawo lovomerezeka la Diges la WEBrick.