DLA 1986-1: ruby-haml security update

Debian 10216 Published 2019-11-10 18:27 by Philipp Esselbach

News

A ruby-haml security update has been released for Debian GNU/Linux 8 LTS (Jessie)

Package : ruby-haml
Version : 4.0.5-2+deb8u1
CVE ID : CVE-2017-1002201

In haml, when using user input to perform tasks on the server, characters like < > " ' must be escaped properly. In this case, the ' character was missed. An attacker can manipulate the input to introduce additional attributes, potentially executing code.

For Debian 8 "Jessie", this problem has been fixed in version 4.0.5-2+deb8u1.

We recommend that you upgrade your ruby-haml packages.

Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS

ZoneAlarm Free Firewall 15.8.008.18174

ELA-188-1: djvulibre security update

Windows

Windows 11 496
Windows 11 for Arm-based PCs now available for download
2024-11-14 07:54 by Philipp Esselbach
Windows 11 496
Windows 11 Insider Preview Build 27749 (Canary Channel) released
2024-11-14 06:24 by Philipp Esselbach
Software 42749
Fort Firewall 3.14.12 Test01 released
2024-11-13 16:50 by Philipp Esselbach

Linux

Software 42749
PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 released
2024-11-14 16:19 by Philipp Esselbach
Linux 2956
Linux Kernel 5.15.172 released
2024-11-14 16:12 by Philipp Esselbach
Linux 2956
Linux Kernel 6.6.61 released
2024-11-14 16:12 by Philipp Esselbach

macOS

Apple 10244
visionOS 2.2 Beta 2 released
2024-11-13 06:32 by Philipp Esselbach
Apple 10244
iOS 18.2 Beta 3 released
2024-11-12 07:20 by Philipp Esselbach
Apple 10244
macOS Sequoia 15.2 beta 3 released
2024-11-12 07:17 by Philipp Esselbach

Community

dhamu
Hello Phil, I have a Linux Tutorial website that curre ...
StephanX
Hi friends, i am new in the Linux universe but i try to ...
Philipp
I would try the XanMod kernel: https://xanmod.org I ...