mruby contained a security bug that was fixed upstream
Bug #1763905 reported by
Daniel
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Ubuntu CVE Tracker |
Fix Released
|
Undecided
|
Unassigned | ||
| mruby (Ubuntu) |
Confirmed
|
Medium
|
Unassigned | ||
Bug Description
A security issue within mruby has been identified and has already been fixed (see https:/
Please assign a CVE.
Cheers, Daniel
CVE References
| tags: | added: community-security |
| Changed in ubuntu-cve-tracker: | |
| status: | New → Fix Released |
To post a comment you must log in.
Hi, thanks for the report. Unfortunately, as the issue is public, we can not issue a CVE for it. I have submitted a CVE request to https:/ /cveform. mitre.org/ and will report back when MITRE has assigned a CVE for this issue.
Also, since the package referred to in this bug is in universe, it is community maintained. If you are able, I suggest coordinating with upstream and posting a debdiff for this issue. When a debdiff is available, members of the security team will review it and publish the package. See the following link for more information: https:/ /wiki.ubuntu. com/SecurityTea m/UpdateProcedu res .
Thanks!