En

Ruby官网安全更新(2021-11-24)

来源:Ruby官网 发布日期:2021-11-24 阅读次数:4942 评论:0

基本信息

发布日期:2021-11-24(官方当地时间)

更新类型:安全更新

更新版本:未知

感知时间:2021-11-24 21:18:00

风险等级:未知

情报贡献:TSRC

更新标题

Ruby 3.0.3 Released

更新详情

Ruby 3.0.3 has been released.

This release includes security fixes.
Please check the topics below for details.


CVE-2021-41817: Regular Expression Denial of Service Vulnerability of Date Parsing Methods
CVE-2021-41816: Buffer Overrun in CGI.escape_html
CVE-2021-41819: Cookie Prefix Spoofing in CGI::Cookie.parse


See the commit logs for details.

Download



https://cache.ruby-lang.org/pub/ruby/3.0/ruby-3.0.3.tar.gz

SIZE: 20242729
SHA1: 049317b7c6246d6ea86564c3f73a629b766ff634
SHA256: 3586861cb2df56970287f0fd83f274bd92058872d830d15570b36def7f1a92ac
SHA512: 39dab51a0d784a38302372b99f96205817d466245202586d22123745761e9cb39db128ec2b984ebc3919b9faf2adf828d19c97d3fb1e56d44be0a81dc5d11b87



https://cache.ruby-lang.org/pub/ruby/3.0/ruby-3.0.3.tar.xz

SIZE: 14991880
SHA1: c1e6dac2b8c08afbbee39e25e325c84e1cab7c17
SHA256: 88cc7f0f021f15c4cd62b1f922e3a401697f7943551fe45b1fdf4f2417a17a9c
SHA512: bb9ea426278d5a7ac46595296f03b82d43df8b7db41045cdf85611e05e26c703c53f700494cd7cf5d4c27fa953bdc5c144317d7720812db0a6e3b6f4bc4d2e00



https://cache.ruby-lang.org/pub/ruby/3.0/ruby-3.0.3.zip

SIZE: 24627744
SHA1: 5341ed1602a3289c4857560ead53191895e5c586
SHA256: 0b8370e404550bf736f46307a14eb9306a7868fb8d54e1418ecdaccbaa8ac06f
SHA512: 24c2a4f455f90e54f85d9565e392519833b36aefce32dc707e6693994d175c82e84ee6c37ed4a9ddf8840479e7cdfaae714c12bc6923368bb00346d4edd434d8




Release Comment

Many committers, developers, and users who provided bug reports helped us make this release.
Thanks for their contributions.

Posted by nagachika on 24 Nov 2021

软件描述

Ruby,一种简单快捷的面向对象(面向对象程序设计)脚本语言,在20世纪90年代由日本人松本行弘(Yukihiro Matsumoto)开发,遵守GPL协议和Ruby License.

TSRC分析

暂无

业界资讯

暂无

评论

提交评论 您输入的评论有误,请重新输入