Source: ruby3.2 Version: 3.2.3-1 Severity: important Tags: security upstream X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org> Control: clone -1 -2 Control: reassign -2 src:ruby3.1 3.1.2-8 Control: retitle -2 ruby3.1: CVE-2024-27281 Control: found -2 3.1.2-7
Hi, The following vulnerability was published for ruby. CVE-2024-27281[0]: | RCE vulnerability with .rdoc_options in RDoc If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2024-27281 https://www.cve.org/CVERecord?id=CVE-2024-27281 [1] https://www.ruby-lang.org/en/news/2024/03/21/rce-rdoc-cve-2024-27281/ [2] https://github.com/ruby/rdoc/commit/da7a0c7553ef7250ca665a3fecdc01dbaacbb43d Please adjust the affected versions in the BTS as needed. Regards, Salvatore