openSUSE Security Update : ruby-bundled-gems-rpmhelper / ruby2.5 (openSUSE-2019-1771)

critical Nessus Plugin ID 126904

Language:

Synopsis

The remote openSUSE host is missing a security update.

Description

This update for ruby2.5 and ruby-bundled-gems-rpmhelper fixes the following issues :

Changes in ruby2.5 :

Update to 2.5.5 and 2.5.4 :

https://www.ruby-lang.org/en/news/2019/03/15/ruby-2-5-5-released/ https://www.ruby-lang.org/en/news/2019/03/13/ruby-2-5-4-released/

Security issues fixed :

- CVE-2019-8320: Delete directory using symlink when decompressing tar (bsc#1130627)

- CVE-2019-8321: Escape sequence injection vulnerability in verbose (bsc#1130623)

- CVE-2019-8322: Escape sequence injection vulnerability in gem owner (bsc#1130622)

- CVE-2019-8323: Escape sequence injection vulnerability in API response handling (bsc#1130620)

- CVE-2019-8324: Installing a malicious gem may lead to arbitrary code execution (bsc#1130617)

- CVE-2019-8325: Escape sequence injection vulnerability in errors (bsc#1130611)

Ruby 2.5 was updated to 2.5.3 :

This release includes some bug fixes and some security fixes.

Security issues fixed :

- CVE-2018-16396: Tainted flags are not propagated in Array#pack and String#unpack with some directives (bsc#1112532)

- CVE-2018-16395: OpenSSL::X509::Name equality check does not work correctly (bsc#1112530)

Ruby 2.5 was updated to 2.5.1 :

This release includes some bug fixes and some security fixes.

Security issues fixed :

- CVE-2017-17742: HTTP response splitting in WEBrick (bsc#1087434)

- CVE-2018-6914: Unintentional file and directory creation with directory traversal in tempfile and tmpdir (bsc#1087441)

- CVE-2018-8777: DoS by large request in WEBrick (bsc#1087436)

- CVE-2018-8778: Buffer under-read in String#unpack (bsc#1087433)

- CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in UNIXServer and UNIXSocket (bsc#1087440)

- CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir (bsc#1087437)

- Multiple vulnerabilities in RubyGems were fixed :

- CVE-2018-1000079: Fixed path traversal issue during gem installation allows to write to arbitrary filesystem locations (bsc#1082058)

- CVE-2018-1000075: Fixed infinite loop vulnerability due to negative size in tar header causes Denial of Service (bsc#1082014)

- CVE-2018-1000078: Fixed XSS vulnerability in homepage attribute when displayed via gem server (bsc#1082011)

- CVE-2018-1000077: Fixed that missing URL validation on spec home attribute allows malicious gem to set an invalid homepage URL (bsc#1082010)

- CVE-2018-1000076: Fixed improper verification of signatures in tarball allows to install mis-signed gem (bsc#1082009)

- CVE-2018-1000074: Fixed unsafe Object Deserialization Vulnerability in gem owner allowing arbitrary code execution on specially crafted YAML (bsc#1082008)

- CVE-2018-1000073: Fixed path traversal when writing to a symlinked basedir outside of the root (bsc#1082007)

Other changes :

- Fixed Net::POPMail methods modify frozen literal when using default arg

- ruby: change over of the Japanese Era to the new emperor May 1st 2019 (bsc#1133790)

- build with PIE support (bsc#1130028)

Changes in ruby-bundled-gems-rpmhelper :

- Add a new helper for bundled ruby gems.

This update was imported from the SUSE:SLE-15:Update update project.

Solution

Update the affected ruby-bundled-gems-rpmhelper / ruby2.5 packages.

Plugin Details

Severity: Critical

ID: 126904

File Name: openSUSE-2019-1771.nasl

Version: 1.5

Type: local

Agent: unix

Family: SuSE Local Security Checks

Published: 7/22/2019

Updated: 5/9/2024

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Continuous Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.0

CVSS v2

Risk Factor: High

Base Score: 8.8

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:C/A:C

CVSS Score Source: CVE-2019-8320

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

CVSS Score Source: CVE-2018-16395

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:ruby2.5-doc-ri, cpe:/o:novell:opensuse:15.1, p-cpe:/a:novell:opensuse:ruby2.5, p-cpe:/a:novell:opensuse:libruby2_5-2_5, p-cpe:/a:novell:opensuse:ruby2.5-stdlib, p-cpe:/a:novell:opensuse:ruby2.5-stdlib-debuginfo, p-cpe:/a:novell:opensuse:ruby-bundled-gems-rpmhelper, p-cpe:/a:novell:opensuse:ruby2.5-devel-extra, p-cpe:/a:novell:opensuse:libruby2_5-2_5-debuginfo, p-cpe:/a:novell:opensuse:ruby2.5-debugsource, p-cpe:/a:novell:opensuse:ruby2.5-debuginfo, p-cpe:/a:novell:opensuse:ruby2.5-devel

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 7/21/2019

Vulnerability Publication Date: 3/13/2018

Reference Information

CVE: CVE-2017-17742, CVE-2018-1000073, CVE-2018-1000074, CVE-2018-1000075, CVE-2018-1000076, CVE-2018-1000077, CVE-2018-1000078, CVE-2018-1000079, CVE-2018-16395, CVE-2018-16396, CVE-2018-6914, CVE-2018-8777, CVE-2018-8778, CVE-2018-8779, CVE-2018-8780, CVE-2019-8320, CVE-2019-8321, CVE-2019-8322, CVE-2019-8323, CVE-2019-8324, CVE-2019-8325

Detections

Analytics