Date: Wed, 13 Apr 2022 03:04:57 GMT From: Yasuhiro Kimura <yasu@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: git: 0846acd6f709 - main - security/vuxml: Document buffer overrun vulnerability in Ruby Message-ID: <202204130304.23D34v0T054323@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by yasu: URL: https://cgit.FreeBSD.org/ports/commit/?id=0846acd6f70992724f819cc9e1cdd6c14d07e19f commit 0846acd6f70992724f819cc9e1cdd6c14d07e19f Author: Yasuhiro Kimura <yasu@FreeBSD.org> AuthorDate: 2022-04-13 02:55:50 +0000 Commit: Yasuhiro Kimura <yasu@FreeBSD.org> CommitDate: 2022-04-13 03:04:10 +0000 security/vuxml: Document buffer overrun vulnerability in Ruby --- security/vuxml/vuln-2022.xml | 47 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 47 insertions(+) diff --git a/security/vuxml/vuln-2022.xml b/security/vuxml/vuln-2022.xml index a535735eb3a1..538cd330e862 100644 --- a/security/vuxml/vuln-2022.xml +++ b/security/vuxml/vuln-2022.xml @@ -1,3 +1,50 @@ + <vuln vid="06ed6a49-bad4-11ec-9cfe-0800270512f4"> + <topic>Ruby -- Buffer overrun in String-to-Float conversion</topic> + <affects> + <package> + <name>ruby</name> + <range><ge>2.7.0,1</ge><lt>2.7.6,1</lt></range> + <range><ge>3.0.0,1</ge><lt>3.0.4,1</lt></range> + <range><ge>3.1.0,1</ge><lt>3.1.2,1</lt></range> + </package> + <package> + <name>ruby27</name> + <range><ge>2.7.0,1</ge><lt>2.7.10,1</lt></range> + </package> + <package> + <name>ruby30</name> + <range><ge>3.0.0,1</ge><lt>3.0.4,1</lt></range> + </package> + <package> + <name>ruby31</name> + <range><ge>3.1.0,1</ge><lt>3.1.2,1</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <p>piao reports:</p> + <blockquote cite="https://www.ruby-lang.org/en/news/2022/04/12/buffer-overrun-in-string-to-float-cve-2022-28739/">; + <p> + Due to a bug in an internal function that converts a String + to a Float, some convertion methods like <code>Kernel#Float</code> + and <code>String#to_f</code> could cause buffer over-read. + A typical consequence is a process termination due to + segmentation fault, but in a limited circumstances, it may + be exploitable for illegal memory read. + </p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2022-28739</cvename> + <url>https://www.ruby-lang.org/en/news/2022/04/12/buffer-overrun-in-string-to-float-cve-2022-28739/</url>; + </references> + <dates> + <discovery>2022-04-12</discovery> + <entry>2022-04-13</entry> + </dates> + </vuln> + <vuln vid="f22144d7-bad1-11ec-9cfe-0800270512f4"> <topic>Ruby -- Double free in Regexp compilation</topic> <affects>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202204130304.23D34v0T054323>