========================================================================== Ubuntu Security Notice USN-4089-1 August 07, 2019
ruby-rack vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Rack could allow cross-site scripting (XSS) attacks. Software Description: - ruby-rack: modular Ruby webserver interface Details: It was discovered that Rack incorrectly handled carefully crafted requests. A remote attacker could use this issue to execute a cross-site scripting (XSS) attack. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS: ruby-rack 1.6.4-4ubuntu0.1 Ubuntu 16.04 LTS: ruby-rack 1.6.4-3ubuntu0.1 In general, a standard system update will make all the necessary changes. References: https://usn.ubuntu.com/4089-1 CVE-2018-16471 Package Information: https://launchpad.net/ubuntu/+source/ruby-rack/1.6.4-4ubuntu0.1 https://launchpad.net/ubuntu/+source/ruby-rack/1.6.4-3ubuntu0.1
signature.asc
Description: This is a digitally signed message part
-- ubuntu-security-announce mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
