[SECURITY] [DLA 1112-1] rubygems security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Package : rubygems
Version : 1.8.24-1+deb7u1
CVE ID : CVE-2017-0900 CVE-2017-0901
Debian Bug : 873802
Some vulnerabilities were found in the Rubygems package that affects
the LTS distribution.
CVE-2017-0900
DOS vulernerability in the query command
CVE-2017-0901
gem installer allows a malicious gem to overwrite arbitrary files
For Debian 7 "Wheezy", these problems have been fixed in version
1.8.24-1+deb7u1.
We recommend that you upgrade your rubygems packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEjckBzmQUbASK1Q+7eSFSUnt1kh4FAlnKw3sACgkQeSFSUnt1
kh4T3A/8DH24Vj9yZCFpIGjt8ylJ1jvqtDvLThW2jgmwNaLgVbL3TVOyN8JSVOdP
PlbFmX2a9YycjXTMRbCvS7a3h9gjWC/rQ1muISEKE1gbQp3GndfP360UJkl4GVZe
v55La/AoSWXvd57gCBE6UJmVhGIQtkPIIXLaIA+fNcaeS1CxyV7HDr1YrfUf3ncc
+WDmqqU1SvBCzDmtRgJ/ahQqpNzHeAPvmk4j8d0gRXnHAxTrHggJKLuFHfev/NZG
Fmc9kAhAoDZV02rLiN20XQMoRMBL3Spe/w6zOA4gMRMSyrmlL8X5gqqv2SMWvWvf
amkjHICNkmT7u+WDiYrieNz1nMWOQkq1yTqt2786IwSxm0L7JoUbdKc+aHRPnVcf
2zSKgEcku6guZoSdVWhKKxKeWLDLpRL5BipH7bvbrgvOH8rxiXV/PIrEZhqQKf9t
GP44bqqZTwVo2IcJbooO97HDBjwQYIz1lmMAWURzDG1DFUUK/6HL+EWzy6P4+Jt3
paAN3yLukKbroUwMYm7U/UdtaSF9YMT5S8iQWq0degMWuvlf1uc3l2I/eUmYy2dl
LjlaicYRDwe34vwqEFQD+9KV3oMvZKiFXUZzQPLXQrpu8Tg6UenZSId7WY8oxViq
6Rbr2RcWr79eiPXSkRmbSDwOwdYqmA6elZUEgOlr8w/rFoIRMBs=
=k2wH
-----END PGP SIGNATURE-----
Reply to: