Ruby-Sprockets Security Update for Debian 8 LTS

Debian 9896 Published by

Updated ruby-sprockets packages has been released for Debian GNU/Linux 8 LTS



Package : ruby-sprockets
Version : 2.12.3-1+deb8u1
CVE IDs : CVE-2018-3760
Debian Bug : #901913

It was discovered that there was a discovered a path traversal flaw
in ruby-sprockets, a Rack-based asset packaging system. A remote
attacker could take advantage of this flaw to read arbitrary files
outside an application's root directory via "file://" requests.

For Debian 8 "Jessie", this issue has been fixed in ruby-sprockets version
2.12.3-1+deb8u1.

We recommend that you upgrade your ruby-sprockets packages.

Microcode_CTL, Osinfo-DB, GnuGP2 Updates for Oracle Linux

Apple and Blackmagic launch new eGPU to match updated MacBook Pros

Windows

Linux

macOS

Community

  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...
  • Philipp
    I would try the XanMod kernel: https://xanmod.orgĀ  I ...