[DRE-maint] Bug#856683: Security - ruby-zip package vulnerable to CVE

Phillip Prescher phil.prescher at yello.co
Fri Mar 3 20:13:43 UTC 2017


Package: ruby-zip
Version: 1.1.6-1

Please see CVE-2017-5946. This version of the ruby-zip package is
vulnerable to directory traversal attacks. Please upgrade to 1.2.1 or apply
manual patch.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/pkg-ruby-extras-maintainers/attachments/20170303/399f65b0/attachment.html>


More information about the Pkg-ruby-extras-maintainers mailing list