Ukukhishwa okulungile kolimi lokuhlela i-Ruby 3.1.2, 3.0.4, 2.7.6, 2.6.10 kwakhiwa, lapho ubungozi obubili bususiwe:
- I-CVE-2022-28738 - Inkumbulo yamahhala ephindwe kabili (engenayo kabili) kukhodi evamile yokuhlanganisa yenkulumo eyenzeka lapho kudlula iyunithi yezinhlamvu eklanywe ngokukhethekile lapho kwakhiwa into ye-Regexp. Ukuba sengozini kungase kusetshenziswe uma idatha yangaphandle engaqinisekisiwe isetshenziswa entweni ye-Regexp.
- I-CVE-2022-28739 - Ibhafa ichichima kuyunithi yezinhlamvu ukuze intante ikhodi yokuguqula. Ukuba sengozini kungase kusetshenziswe kabi ukuze kufinyelelwe okuqukethwe yinkumbulo lapho kusingathwa idatha yangaphandle engaqinisekisiwe ngezindlela ezifana ne-Kernel#Float kanye ne-String#to_f.
Source: opennet.ru