ELA-201-1 ruby1.9.1 security update

multiple vulnerabilities

2019-12-18
Packageruby1.9.1
Version1.9.3.194-8.1+deb7u10
Related CVEs CVE-2019-15845 CVE-2019-16201 CVE-2019-16254 CVE-2019-16255


Several vulnerabilities have been discovered in the interpreter for the Ruby language, which could result in unauthorized access by bypassing intended path matchings, denial of service, or the execution of arbitrary code.



For Debian 7 Wheezy, these problems have been fixed in version 1.9.3.194-8.1+deb7u10.

We recommend that you upgrade your ruby1.9.1 packages.

Further information about Extended LTS security advisories can be found in the dedicated section of our website.